Tools

InspecTor: A Streamlined Tool for Website Metadata Extraction Pulling metadata from websites was once a straightforward task. You could hit a few URLs, scrape the required data, and move on. However, with the rise of dynamic content, Tor-hidden services (.onion domains), and increasing anonymity concerns, the process became far more complex. InspecTor is a command-line tool I developed to address these challenges. It simplifies metadata extraction from websites, including Tor services, while preserving user anonymity. ...

Gathering OSINT (Open-Source Intelligence) from Instagram used to be straightforward—grab a GitHub tool, run it, and get results. Then Instagram’s API updates broke nearly everything, leaving most tools useless. That’s where Osintagram comes in: a simple script I put together to finally get Instagram OSINT working again. I’m no developer, just someone frustrated by older tools failing in CTFs and OSINT exercises. Osintagram isn’t perfect, but it’s built to handle the updated systems Instagram uses today. Let me show you how it works and why it might save you some headaches. ...

Flask web applications are clever beasts, storing session data client-side in cookies. It’s convenient for developers, but it can also be a security rabbit hole if you’re not careful. That’s why I put together FlaskOfCookies, a tool to help you decode, encode, and (if necessary) brute-force Flask session cookies. To be clear, this isn’t entirely my invention. It started because I hit a wall on a Root-Me challenge, I couldn’t get it done with noraj’s tool (props to Alexandre Zanni for his great work). So, I decided to rework it, adding my own spin to tackle the issue. This tool is for anyone who’s curious about Flask’s session cookies, whether you’re debugging, testing, or just poking around. ...

Daily domain reports are a treasure trove for cybersecurity analysts, but collecting and organizing them can quickly become tedious. That’s where RedFlagger comes in. This lightweight Bash script automates the process of downloading and aggregating reports from Red Flag Domains. It’s simple, efficient, and built to save time—whether you’re sifting through a few recent reports or analyzing a year’s worth of data. The Backstory This project started as a bit of a joke. My friend lil-doudou had written an excellent Python tool called NewRedflag to handle domain report aggregation, but he’s also a massive Bash enthusiast. So, as a playful nod to his love for scripting, I decided to rewrite the functionality in Bash—simpler, lighter, and arguably more fun (depending on your feelings about shell scripts). ...

When you need to quickly understand the structure of a webpage, a lightweight tool can save the day. Webpage Infos Extractor is just that: a simple JavaScript bookmarklet that extracts useful information like forms, links, images, and word count from any webpage. No extensions or extra software required—just a single bookmark to get key insights instantly. Why Build This? Sometimes, the simplest tools are the most convenient. I needed a way to peek under the hood of webpages during quick tests or casual research without opening dev tools every time. So, I threw together this bookmarklet to make data analysis fast and portable. It’s not groundbreaking, but it gets the job done without any fuss. ...