PROVOCATIVO

_
// privacy is normal
Tools · Writeups · Field notes
0
URLs scanned
0
Threats found
0.00%
Uptime
▲ PROVcreate account →
scroll
▲ exhibit 01 — the operator's workstation
 
 
 
 
 
 
 
 
 
 
 
root@provocativo:~$
scroll · open lid
▲ exhibit 02 — live operations

Threats, watched in real time.

Recent scans
LIVE
timeurlverdict
17:49:20verify.account.metamask.helpDANGEROUS
17:49:22drive.google-share-files.comSAFE
17:49:24github-2fa-token.netSUSPICIOUS
17:49:26bonuspay-ftxbonus.ruDANGEROUS
17:49:28secure-login.appleid.supportSUSPICIOUS
17:49:30claim-airdrop-portal.xyzDANGEROUS
Current threat level
GAUGE
0
elevated risk · last 24h
Breach corpus
HIBP-LIKE
@gmail.com
0 breaches
@yahoo.com
0 breaches
@hotmail.com
0 breaches
@outlook.com
0 breaches
@protonmail.com
0 breaches
@icloud.com
0 breaches
Aggregated from 412 known breaches across 1.4B records. Check yours →
CVE-2026-1141 · CRITICAL · OpenSSL · heap OOB readCVE-2026-0772 · HIGH · nginx 1.27 · request smugglingCVE-2026-2231 · MEDIUM · curl · TLS downgradeCVE-2026-0144 · CRITICAL · Apache log4j · RCE chainCVE-2025-9981 · HIGH · libxml2 · use-after-freeCVE-2026-3017 · CRITICAL · sudo · privilege escalationCVE-2026-0908 · MEDIUM · git · arbitrary file writeCVE-2026-2845 · HIGH · ssh · cipher fallbackCVE-2026-1141 · CRITICAL · OpenSSL · heap OOB readCVE-2026-0772 · HIGH · nginx 1.27 · request smugglingCVE-2026-2231 · MEDIUM · curl · TLS downgradeCVE-2026-0144 · CRITICAL · Apache log4j · RCE chainCVE-2025-9981 · HIGH · libxml2 · use-after-freeCVE-2026-3017 · CRITICAL · sudo · privilege escalationCVE-2026-0908 · MEDIUM · git · arbitrary file writeCVE-2026-2845 · HIGH · ssh · cipher fallback
▲ exhibit 03

YOUR ARSENAL

↓ keep scrolling
v2.3 · stable
link-analyzer
Detonates a URL in a disposable sandbox. Returns DNS, redirects, JS payloads, screenshots — in seconds.
Try a URL
v1.9 · stable
breach-check
Query 412 breach corpora against your email. Zero-knowledge: your address never leaves the device.
Check email
beta
hash-id
Identify hash format & crack it against rainbow tables. Supports MD5, SHA-1/256, NTLM, bcrypt, more.
Coming Q3 2026notify me
View all tools →
12 in beta · 4 shipped · 28 in the queue
tools — provocativo

From the field

1 writeups · published monthly
$ cat phish-kit/.htaccess
RewriteEngine On
RewriteCond %{HTTP_REFERER} !^https://login\.[a-z]+\.com
RewriteRule .* /not-found.html [R=302,L]
— 412 lines redacted —
web-securityMay 15, 2026

Anatomy of a Phishing Link

Most phishing URLs aren't trying to fool a SOC engineer — they're trying to fool someone scrolling at 11pm on their phone. Here's how to read one before you click.

Read postmortem →
Read all posts
▲ exhibit 04 — your turn

STAY PARANOID.

Join the community of researchers who question everything, click nothing, and read the headers before the body.

Create accountRead the blog ↗
no email marketing · no trackers · no bullshit