Throughout my many penetration tests and red teams, there have always been some tools that I wished I had quick access to online. From the most simple “string length” tools, to some more complex non-trivial tools, I never had a one-stop-shop online location for them all (especially one that I trusted).
This was one of the driving factors for me starting this website. Primarily for me to host some tools that I wish I had over the years, plus leaving some tutorials or how-tos on things that I think are worth a write-up for people in the future to have as a reference guide. I don’t plan to post here like a “blog” in the typical sense, but I plan to use this as a notes and reference guide, which a location to store all those online tools that I need. I will be adding more tools as I find the need for them, and I welcome any suggestions/requests for tools. All inputs into this website are not logged.
So far, I’ve added 3 tools that I’ve wanted with more on the way:
This really isn’t anything amazing, but I constantly find myself googling for “string length online”, so now I wanted one for quick reference. The purpose of a string length tool is to be as fast as possible, since you don’t want to waste time on such a menial task. Additionally, you want the answer immediately, but also with the option of sharing a link to someone. Therefore, this string length counter will display your result immediately, and you can decide to submit it to get a link that is shareable with others. Simple tool, nothing amazing….but its astonishing how often I need to find the length of a string.
Side note: It also has a very basic hash-type identifier, as that may be helpful sometimes. Right now it only looks at length of string to identify if its MD5 or SHA1, but I will expand this in the future
This is another example of something that is not some ridiculously awesome tool. As I said earlier though, no inputs are logged and I wanted a tool for this so I could be sure my input was not being stored by a third party. I may expand this in the future to include more hash types and encryptions, but for now MD5 and SHA1 are my most used.
This tool takes some PowerShell script that you want to run and base64 encodes it for PowerShell’s EncodedCommand command line argument. For those of you who don’t know, you can’t just base64 encode any string to have it run with PowerShell. PowerShell specifically requires the script to be converted into Unicode (specifically UTF-16LE), then base64 encoded. Therefore, no other online encoders really worked, and I wanted one here that I could reference. It also generates a command line copy-pasteable launcher command for ease of use.
In addition to these tools, I’ve also added some files that I am hosting on here from GitHub. I am hosting them here because sometimes GitHub is blocked at clients, and its good to have another trusted hosting location. Also raikia.com is HTTPS-required (letsencrypt ftw), so network-level detection should be minimal (assuming the network devices are not doing SSL MiTM).
I will update these fairly frequently, as I plan to use them myself. If you would like a file to be added here, let me know.