If RDAP endpoints block CORS, consider running a small proxy server or test from a different network.
IP Map
Locate IPs and show on map
▼
The map uses multiple providers. If geo fails on HTTPS, you may need a proxy for full reliability.
External Resources
Exploit-DB — a public archive of exploits, proof-of-concepts, and vulnerability write-ups used for security research.
Exploit-DB collects public disclosures, proof-of-concept code, and archived advisories to help researchers learn about vulnerabilities, reproduction steps, and remediation.
Use the database to research CVEs, verify fixes, and learn secure coding and patching techniques.
Quick tips
Search by CVE (e.g. CVE-2023-1234), product, or vendor name.
Read the full disclosure and any recommended mitigations before testing.
When testing, always have written permission and follow responsible disclosure policies.
Note: Exploit-DB is intended for research and education. Do not use exploit code to attack systems you do not own or have explicit written permission to test. Follow responsible disclosure if you find a vulnerability.
Stress.st — "traffic generator"
Stress.st an online "stress-testing" / DDoS-for-hire service that generates high volumes of traffic against a target.
Which also offers free options.
Use at own risk and only with explicit permission from the target owner. These services are often abused and DO violate terms of service or laws.
have fun pentesting and stressing your own gear safely and legally.
Remeber to follow the Law but here is some tips
stresse.st link to k6 example scripts or a local test plan (e.g. https://stresse.st/).
CMD/command Prompt After you have started to generator Traffic. do Ping "target IP" to see the effect
Note: using Tools like this is Ilegal in MANY countrys and can lead to Fine anything from 1k$+ to 150k$+ or Prison for years..
be a good boy and follow the law and have fun!
grabify.link — perfect tool to grab IPs
perfect tool for grabbing IP adresses and other data from your friends or targets.
100% free and easy to use. BUT ALSO 100% ABUSED for phishing and other scams.
Use at own risk and only with explicit permission from the target owner. dont use this to expose other people or information without permission.
cool tool to learn about the risk of clicking random links...
grabify.link
Grabify creates short links that record visitor IP addresses and basic device info when clicked.
It provides a simple dashboard showing click timestamps, geolocation lookup, and user-agent details..
Often used for link-tracking demonstrations, but it can be abused to collect others’ data without consent. so dont do that guys!
Note: Grabify and similar IP loggers are often abused for phishing and scams. Only use with explicit permission from the target owner. Misuse can violate terms of service or laws.
dorkfinder.com — search-helper for advanced search queries (Google Dorking)
This helper can assist with security research by crafting advanced search queries that locate publicly exposed files or services.
Use responsibly and only against systems you own or where you have explicit permission.
Quick tips
Use quotes to limit matches: "index of"
Combine site: with filetypes: site:example.com filetype:sql
Use discovery techniques ethically. Do not attempt to exploit or access systems you don't control. If you find a vulnerability, follow responsible disclosure.
Temp-Mail / Disposable email — disposable inboxes for quick signups and spam avoidance.