Search
General Search Engines
Servers
Shodan - Search Engine for the Internet of Everything
Onyphe.io - Cyber Defense Search Engine for open-source and cyber threat intelligence data
ZoomEye - Global cyberspace mapping
GreyNoise - The source for understanding internet noise
Natlas - Scaling Network Scanning
Netlas.io - Discover, Research and Monitor any Assets Available Online
FOFA - Cyberspace mapping
Vulnerabilities
NIST NVD - National Vulnerability Database
MITRE CVE - Identify, define, and catalog publicly disclosed cybersecurity vulnerabilities
GitHub Advisory Database - Security vulnerability database inclusive of CVEs and GitHub originated security advisories
cloudvulndb.org - The Open Cloud Vulnerability & Security Issue Database
osv.dev - Open Source Vulnerabilities
Vulners.com - Your Search Engine for Security Intelligence
opencve.io - Easiest way to track CVE updates and be alerted about new vulnerabilities
security.snyk.io - Open Source Vulnerability Database
Mend Vulnerability Database - The largest open source vulnerability DB
Rapid7 - DB - Vulnerability & Exploit Database
CVEDetails - The ultimate security vulnerability datasource
VulnIQ - Vulnerability intelligence and management solution
SynapsInt - The unified OSINT research tool
Aqua Vulnerability Database - Vulnerabilities and weaknesses in open source applications and cloud native infrastructure
Vulmon - Vulnerability and exploit search engine
VulDB - Number one vulnerability database
Exploits
Exploit-DB - Exploit Database
Sploitus - Convenient central place for identifying the newest exploits
Rapid7 - DB - Vulnerability & Exploit Database
Vulmon - Vulnerability and exploit search engine
packetstormsecurity.com - Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
0day.today - Ultimate database of exploits and vulnerabilities
LOLBAS - Living Off The Land Binaries, Scripts and Libraries
GTFOBins - Curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems
Attack Surface
FullHunt.io - Attack surface database of the entire Internet
BynaryEdge - We scan the web and gather data for you
Censys - Attack Surface Management Solutions
RedHunt Labs - Discover your Attack Surface, Continuously
SecurityTrails - The Total Internet Inventory
criminalip.io - Cyber Threat Intelligence Search Engine and Attack Surface Management(ASM) platform
overcast-security.com - We make tracking your external attack surface easy
Code Search Engines
GitHub Code Search - Search globally across all of GitHub, or scope your search to a particular repository or organization
grep.app - Search across a half million git repos
publicwww.com - Find any alphanumeric snippet, signature or keyword in the web pages HTML, JS and CSS code
SearchCode - Search 75 billion lines of code from 40 million projects
NerdyData - Find companies based on their website's tech stack or code
RepoSearch - Source code search engine that helps you find implementation details, example usages or just analyze code
SourceGraph - Understand and search across your entire codebase
HotExamples - Search code examples from over 1 million projects
Mail Addresses
Hunter.io - Find professional email addresses in seconds
PhoneBook - Lists all domains, email addresses, or URLs for the given input domain
IntelligenceX - Search engine and data archive
Reacher.email - Open-Source Email Verification
RocketReach - Your first-degree connection to any professional
email-format.com - Find the email address formats in use at thousands of companies
EmailHippo - Email address verification technology
ThatsThem - Reverse email lookup
verify-email.org - Checks whether the mailbox exists or not
Melissa - Emailcheck - Check email addresses and verify they are live
VoilaNorbert - I can find anyone's email address
SynapsInt - The unified OSINT research tool
skymem.info - Find email addresses of companies and people
findemails.com - Find Anyone's Email Address in Seconds
Domains
PhoneBook - Lists all domains, email addresses, or URLs for the given input domain
IntelligenceX - Search engine and data archive
Omnisint - Subdomain enumeration
Riddler - Allows you to search in a high quality dataset
RobTex - Various kinds of research of IP numbers, Domain names, etc
CentralOps - DomainDossier - Investigate domains and IP addresses
DomainIQ - Comprehensive Domain Intelligence
whois.domaintools.com - Industry’s fastest domain discovery engine and broadest, most accurate data
grayhatwarfare.com - domains - How to search URLs exposed by Shortener services
whoisology.com - Deep Connections Between Domain Names & Their Owners
who.is - WHOIS Search, Domain Name, Website, and IP Tools
Discover subdomains and determine the attack surface of an organization
BuiltWith - Find out what websites are Built With
MoonSearch - Backlinks checker & SEO Report
sitereport.netcraft.com - Find out the infrastructure and technologies used by any site
SynapsInt - The unified OSINT research tool
spyonweb.com - Find out related websites
statscrop.com - Millions of amazing websites across the web are being analyzed with StatsCrop
securityheaders.com - Scan your site now
visualsitemapper.com - Create a visual map of your site
similarweb.com - The easiest and fastest tool to find out what's really going on online
buckets.grayhatwarfare.com - Public buckets
C99.nl - Over 57 quality API's and growing!
PassiveTotal - Security intelligence that scales security operations and response
wannabe1337.xyz - Online Tools
URLs
PhoneBook - Lists all domains, email addresses, or URLs for the given input domain
IntelligenceX - Search engine and data archive
URLScan - A sandbox for the web
HackerTarget - Collect information about IP Addresses, Networks, Web Pages and DNS records
MOZ Link Explorer - The world's best backlink checker with over 40 trillion links
Search URLs exposed by Shortener services
CommonCrawl Index - Open repository of web crawl data
DNS
DNSDumpster - dns recon & research, find & lookup dns records
Chaos - Enhance research and analyse changes around DNS for better insights
RapidDNS - dns query tool which make querying subdomains or sites of a same ip easy
DNSdb - Passive DNS historical database
Omnisint - Reverse DNS lookup
HackerTarget - Collect information about IP Addresses, Networks, Web Pages and DNS records
passivedns.mnemonic.no - Web interface for querying passive DNS data collected in our malware lab
ptrarchive.com - Over 230 billion reverse DNS entries from 2008 to the present
dnshistory.org - Domain Name System Historical Record Archive
DNSTwister - The anti-phishing domain name search engine and DNS monitoring service
DNSviz - Tool for visualizing the status of a DNS zone
C99.nl - Over 57 quality API's and growing
PassiveTotal - Security intelligence that scales security operations and response
wannabe1337.xyz - Online Tools
Certificates
Crt.sh - Certificate Search
CTSearch - Certificate Transparency Search Tool
tls.bufferover.run - Quickly find certificates in IPv4 space
CertSpotter - Monitors your domains for expiring, unauthorized, and invalid SSL certificates
SynapsInt - The unified OSINT research tool
Censys - Certificates - Certificates Search
PassiveTotal - Security intelligence that scales security operations and response
WiFi Networks
Wigle.net - Maps and database of 802.11 wireless networks with statistics
wifimap.io - Connect to all Free WiFi Hotspots using WiFi Map App all over the World!
wificafespots.com - Free WiFi Cafe Spots
wifispc.com - Free map of Wi-Fi passwords anywhere you go!
openwifimap.net - HTML5 map with OpenWiFiMap data
mylnikov.org - Public API implementation of Wi-Fi Geo-Location database
Device Information
MAC Vendor Lookup - Look up the vendor for a specific MAC Address
macvendors.com - Find MAC Address Vendors. Now.
macaddress.io - MAC address vendor lookup
maclookup.app - Find the vendor name of a device by entering an OUI or a MAC address
Credentials
Have I Been Pwned - Check if your email or phone is in a data breach
Dehashed - Free deep-web scans and protection against credential leaks
Leak-Lookup - Search across thousands of data breaches
Snusbase - Stay on top of the latest database breaches
LeakCheck.io - Make sure your credentials haven't been compromised
crackstation.net -Massive pre-computed lookup tables to crack password hashes
breachdirectory.org - Check if your information was exposed in a data breach
BreachForums - Breaches, Data leaks, databases and more
Social Networks
These can be useful for osint and social engineering.
Phone Numbers
NumLookup - Free reverse phone lookup
SpyDialer - Free Reverse Lookup Search
WhitePages - Find people, contact info & background checks
National Cellular Directory - Begin your comprehensive people search now
Phone Validator - Is it a cell phone or is it a landline or is it a fake?
Free Carrier Lookup - Enter a phone number and we'll return the carrier name
RocketReach - Your first-degree connection to any professional
sync.me - Find out who called
EmobileTracker - Track Mobile Owner Name, Location and Mobile Service Provider
Reverse Phone Lookup - Find Out The Owner Of A Phone Number
ThatsThem - Reverse phone lookup
thisnumber.com - International Phone Directories
usphonebook.com - Free Reverse Phone Number Lookup
truepeoplesearch.com - Get current address, cell phone number, email address, relatives, friends and a lot more
Tellows - Who is calling? The phone number reverse search
SynapsInt - The unified OSINT research tool
C99.nl - Over 57 quality API's and growing
Threat Intelligence
MITRE ATT&CK - Globally-accessible knowledge base of adversary tactics and techniques
PulseDive - Threat intelligence made easy
ThreatCrowd - A Search Engine for Threats
ThreatMiner - Data Mining for Threat Intelligence
VirusTotal - Analyze suspicious files, domains, IPs and URLs to detect malware and other breaches
vx-underground.org - Malware library
bazaar.abuse.ch - Malware sample database
feodotracker.abuse.ch - List of botnet Command&Control servers
sslbl.abuse.ch - All malicious SSL certificates
urlhaus.abuse.ch - Propose new malware urls
threatfox.abuse.ch - Indicator Of Compromise (IOC) database
yaraify.abuse.ch - Scan suspicious files such as malware samples or process dumps against a large repository of YARA rules
Rescure - Curated cyber threat intelligence for everyone
otx.alienvault - The World's First Truly Open Threat Intelligence Community
urlquery.net - Service for detecting and analyzing web-based malware
socradar.io - Extension to your SOC team
VirusShare - System currently contains 48 million malware samples
WikiLeaks - News leaks and classified media provided by anonymous sources
PassiveTotal - Security intelligence that scales security operations and response
malapi.io - Windows APIs used for malicious purposes
filesec.io - Latest file extensions being used by attackers
leakix.net - Search engine indexing public information and an open reporting platform linked to the results
Web History
Web Archive - Explore more than 702 billion web pages saved over time
Archive.ph - Create a copy of a webpage that will always be up even if the original link is down
CachedPages - Get the cached page of any URL
stored.website - View cached web pages/website
CommonCrawl - Open repository of web crawl data
UK Web Archive - Collects millions of websites each year, preserving them for future generations
Unclassified
NetoGraph - Captures and indexes detailed, low-level snapshots of website behaviour
Last updated
Was this helpful?