A curated list of awesome search engines useful during Penetration testing, Vulnerability assessments, Red/Blue Team operations, Bug Bounty and more
General • Servers • Vulnerabilities • Exploits • Attack surface • Code • Mail addresses • Domains • URLs • DNS • Certificates • WiFi networks • Device Info • Credentials • Leaks • Hidden Services • Social Networks • Phone numbers • Images • Threat Intelligence • Web History • Surveillance cameras
- Shodan - Search Engine for the Internet of Everything
- Censys Search - Search Engine for every server on the Internet to reduce exposure and improve security
- Onyphe.io - Cyber Defense Search Engine for open-source and cyber threat intelligence data
- ZoomEye - Global cyberspace mapping
- GreyNoise - The source for understanding internet noise
- Natlas - Scaling Network Scanning
- Netlas.io - Discover, Research and Monitor any Assets Available Online
- FOFA - Cyberspace mapping
- Quake - Cyberspace surveying and mapping system
- Hunter - Internet Search Engines For Security Researchers
- NIST NVD - US National Vulnerability Database
- MITRE CVE - Identify, define, and catalog publicly disclosed cybersecurity vulnerabilities
- GitHub Advisory Database - Security vulnerability database inclusive of CVEs and GitHub originated security advisories
- cloudvulndb.org - The Open Cloud Vulnerability & Security Issue Database
- osv.dev - Open Source Vulnerabilities
- Vulners.com - Your Search Engine for Security Intelligence
- opencve.io - Easiest way to track CVE updates and be alerted about new vulnerabilities
- security.snyk.io - Open Source Vulnerability Database
- Mend Vulnerability Database - The largest open source vulnerability DB
- Rapid7 - DB - Vulnerability & Exploit Database
- CVEDetails - The ultimate security vulnerability datasource
- VulnIQ - Vulnerability intelligence and management solution
- SynapsInt - The unified OSINT research tool
- Aqua Vulnerability Database - Vulnerabilities and weaknesses in open source applications and cloud native infrastructure
- Vulmon - Vulnerability and exploit search engine
- VulDB - Number one vulnerability database
- ScanFactory - Realtime Security Monitoring
- Trend Micro Zero Day Initiative - Publicly disclosed vulnerabilities discovered by Zero Day Initiative researchers
- Google Project Zero - Vulnerabilities including Zero Days
- Trickest CVE Repository - Gather and update all available and newest CVEs with their PoC
- cnvd.org.cn - Chinese National Vulnerability Database
- InTheWild.io - Check CVEs in our free, open source feed of exploited vulnerabilities
- Vulnerability Lab - Vulnerability research, bug bounties and vulnerability assessments
- Red Hat Security Advisories - Information about security flaws that affect Red Hat products and services in the form of security advisories
- Cisco Security Advisories - Security advisories and vulnerability information for Cisco products, including network equipment and software
- Microsoft Security Response Center - Reports of security vulnerabilities affecting Microsoft products and services
- Exploit-DB - Exploit Database
- Sploitus - Convenient central place for identifying the newest exploits
- Rapid7 - DB - Vulnerability & Exploit Database
- Vulmon - Vulnerability and exploit search engine
- packetstormsecurity.com - Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
- 0day.today - Ultimate database of exploits and vulnerabilities
- LOLBAS - Living Off The Land Binaries, Scripts and Libraries
- GTFOBins - Curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems
- Payloads All The Things - A list of useful payloads and bypasses for Web Application Security
- XSS Payloads - The wonderland of JavaScript unexpected usages, and more
- exploitalert.com - Database of Exploits
- Reverse Shell generator - Online Reverse Shell generator with Local Storage functionality, URI & Base64 Encoding, MSFVenom Generator, and Raw Mode
- HackerOne hacktivity - See the latest hacker activity on HackerOne
- Bugcrowd Crowdstream - Showcase of accepted and disclosed submissions on Bugcrowd programs
- GTFOArgs - Curated list of Unix binaries that can be manipulated for argument injection
- shell-storm.org/shellcode - Shellcodes database for study cases
- Hacking the Cloud - Encyclopedia of the attacks/tactics/techniques that offensive security professionals can use on their next cloud exploitation adventure
- LOLDrivers - Open-source project that brings together vulnerable, malicious, and known malicious Windows drivers
- PwnWiki - Collection of TTPs (tools, tactics, and procedures) for what to do after access has been gained
- CVExploits Search - Your comprehensive database for CVE exploits from across the internet
- FullHunt.io - Attack surface database of the entire Internet
- BinaryEdge - We scan the web and gather data for you
- Censys ASM - Attack Surface Management Solutions
- RedHunt Labs - Discover your Attack Surface, Continuously
- SecurityTrails - The Total Internet Inventory
- overcast-security.com - We make tracking your external attack surface easy
- IPInfo.io - The trusted source for IP address data
- IPData.co - IP Geolocation and Threat Intelligence API
- NetworksDB - information about the public IPv4 and IPv6 addresses, networks and domains owned by companies and organisations across the world
- ASNlookup - Quickly lookup updated information about specific Autonomous System Number (ASN), Organization, CIDR, or registered IP addresses (IPv4 and IPv6) among other relevant data
- BGPtools - Browse the Internet ecosystem
- BGPview - Debug and investigate information about IP addresses, ASN, IXs, BGP, ISPs, Prefixes and Domain names
- BigDataCloud - The API provides comprehensive location and network data
- RADb - The world's largest public routing registry
- Deepinfo - Empower your security with the most comprehensive Internet data
- Detectify - Complete External Attack Surface Management
- GitHub Code Search - Search globally across all of GitHub, or scope your search to a particular repository or organization
- GitLab Code Search - Advanced search for faster, more efficient search across the entire GitLab instance
- Sourceforge - Complete Open-Source and Business Software Platform
- grep.app - Search across a half million git repos
- publicwww.com - Find any alphanumeric snippet, signature or keyword in the web pages HTML, JS and CSS code
- SearchCode - Search 75 billion lines of code from 40 million projects
- NerdyData - Find companies based on their website's tech stack or code
- RepoSearch - Source code search engine that helps you find implementation details, example usages or just analyze code
- SourceGraph - Understand and search across your entire codebase
- HotExamples - Search code examples from over 1 million projects
- WP Directory - Lightning fast regex searching of code in the WordPress Plugin and Theme Directories
- GitHub Gists - Instantly share code, notes, and snippets
- CodeBerg - Collaboration platform and Git hosting for free and open source software, content and projects
- Fedora Pagure - Open Source software code hosting system
- LaunchPad - Software collaboration platform that provides: Bug tracking, Code hosting, Code reviews, Ubuntu package building and hosting, Translations...
- repo.or.cz - Public Git hosting site
- gitorious.org - Read-only mirror of the former gitorious.org code hosting website
- Sourcehut - Collection of tools useful for software development
- android.googlesource.com - Git repositories on android
- deps.dev - Service developed and hosted by Google to help developers better understand the structure, construction, and security of open source software packages
- WebFinery - Search the source code of the web
- Google Code Archive - Data found on the Google Code Project Hosting Service, which was turned down in early 2016
- Snipplr - Code snippet search engine that allows users to search and share code snippets across various programming languages and frameworks
- Hunter.io - Find professional email addresses in seconds
- PhoneBook - Lists all domains, email addresses, or URLs for the given input domain
- IntelligenceX - Search engine and data archive
- Reacher.email - Open-Source Email Verification
- RocketReach - Your first-degree connection to any professional
- email-format.com - Find the email address formats in use at thousands of companies
- EmailHippo - Email address verification technology
- ThatsThem - Reverse email lookup
- verify-email.org - Checks whether the mailbox exists or not
- Melissa - Emailcheck - Check email addresses and verify they are live
- VoilaNorbert - I can find anyone's email address
- SynapsInt - The unified OSINT research tool
- skymem.info - Find email addresses of companies and people
- findemails.com - Find Anyone's Email Address in Seconds
- Experte email finder - Find the right email address, even if you only know the name and the company
- EmailSherlock - Search for the Person behind the Email address and find our reputation score
- Anymail Finder - Find verified emails
- Tomba.io - With 430+ million email addresses indexed, effective search filters, and deliverability checks, Tomba's email finder is its most powerful tool
- Snov Email Finder Find any email. Anywhere
- PhoneBook - Lists all domains, email addresses, or URLs for the given input domain
- IntelligenceX - Search engine and data archive
- Omnisint - Subdomain enumeration
- Riddler - Allows you to search in a high quality dataset
- RobTex - Various kinds of research of IP numbers, Domain names, etc
- CentralOps - DomainDossier - Investigate domains and IP addresses
- DomainIQ - Comprehensive Domain Intelligence
- whois.domaintools.com - Industry’s fastest domain discovery engine and broadest, most accurate data
- grayhatwarfare.com - domains - How to search URLs exposed by Shortener services
- whoisology.com - Deep Connections Between Domain Names & Their Owners
- who.is - WHOIS Search, Domain Name, Website, and IP Tools
- pentest-tools.com - Discover subdomains and determine the attack surface of an organization
- BuiltWith - Find out what websites are Built With
- MoonSearch - Backlinks checker & SEO Report
- sitereport.netcraft.com - Find out the infrastructure and technologies used by any site
- SynapsInt - The unified OSINT research tool
- spyonweb.com - Find out related websites
- statscrop.com - Millions of amazing websites across the web are being analyzed with StatsCrop
- securityheaders.com - Scan your site now
- visualsitemapper.com - Create a visual map of your site
- similarweb.com - The easiest and fastest tool to find out what's really going on online
- buckets.grayhatwarfare.com - Public buckets
- C99.nl - Over 57 quality API's and growing!
- wannabe1337.xyz - Online Tools
- subdomainfinder.c99.nl - Scanner that scans an entire domain to find as many subdomains as possible
- AnubisDB - Subdomain enumeration and information gathering tool
- WhoisXMLAPI - Domain & IP Data Intelligence for Greater Enterprise Security
- HypeStat - Free statistics and analytics service, where you can find information about every website
- Private Key Project - Information security tools from Private Key Project
- SiteDossier - Profiles for millions of sites on the web
- SpyOnWeb - Quick and convenient search for the websites that probably belong to the same owner
- PhoneBook - Lists all domains, email addresses, or URLs for the given input domain
- IntelligenceX - Search engine and data archive
- URLScan - A sandbox for the web
- HackerTarget - Collect information about IP Addresses, Networks, Web Pages and DNS records
- MOZ Link Explorer - The world's best backlink checker with over 40 trillion links
- shorteners.grayhatwarfare.com - Search URLs exposed by Shortener services
- CommonCrawl Index - Open repository of web crawl data
- URLVoid - Check the online reputation/safety of a website
- Norton SafeWeb - Look up a site, Get our rating
- DNSDumpster - dns recon & research, find & lookup dns records
- Chaos - Enhance research and analyse changes around DNS for better insights
- RapidDNS - dns query tool which make querying subdomains or sites of a same ip easy
- DNSdb - Passive DNS historical database
- Omnisint - Reverse DNS lookup
- HackerTarget - Collect information about IP Addresses, Networks, Web Pages and DNS records
- passivedns.mnemonic.no - Web interface for querying passive DNS data collected in our malware lab
- ptrarchive.com - Over 230 billion reverse DNS entries from 2008 to the present
- dnshistory.org - Domain Name System Historical Record Archive
- DNSTwister - The anti-phishing domain name search engine and DNS monitoring service
- DNSviz - Tool for visualizing the status of a DNS zone
- C99.nl - Over 57 quality API's and growing
- wannabe1337.xyz - Online Tools
- DNSlytics - Find out everything about a domain name, IP address or provider
- dnsrepo.noc.org - DNS Database Repository Search
- DNSSpy - Monitor, validate and verify your DNS configurations
- ZETAlytics - We offer unrivalled geographic diversity and exclusive global network visibility in searchable datasets for use by cyber security analysts
- AskDNS - Lookup Connected Domain Names and IP Addresses
- 360 PassiveDNS.CN - Biggest public available db in China designed for security and research purpose
- MXtoolbox - All of your MX record, DNS, blacklist and SMTP diagnostics in one integrated tool
- NSLookup.io - Find all DNS records for a domain name using this online tool
- Robtex DNS Lookup - Get detailed information on the nameservers associated with a domain name
- Crt.sh - Certificate Search
- CTSearch - Certificate Transparency Search Tool
- tls.bufferover.run - Quickly find certificates in IPv4 space
- CertSpotter - Monitors your domains for expiring, unauthorized, and invalid SSL certificates
- SynapsInt - The unified OSINT research tool
- Censys Search - Certificates - Certificates Search
- ciphersuite.info - TLS Ciphersuite Search. Search for a particular cipher suite by using IANA, OpenSSL or GnuTLS name format
- certificatedetails - Online certificate viewer. Inspect and dowload certificates from your browser
- FacebookCT - Search for certificates issued for a given domain and subscribe to notifications from Facebook regarding new certificates
- certs.io - Search TLS certificates across the internet.
- Wigle.net - Maps and database of 802.11 wireless networks with statistics
- wifimap.io - Connect to all Free WiFi Hotspots using WiFi Map App all over the World!
- wificafespots.com - Free WiFi Cafe Spots
- wifispc.com - Free map of Wi-Fi passwords anywhere you go!
- openwifimap.net - HTML5 map with OpenWiFiMap data
- mylnikov.org - Public API implementation of Wi-Fi Geo-Location database
- MACVendorLookup.com - Look up the vendor for a specific MAC Address
- macvendors.com - Find MAC Address Vendors. Now
- macaddress.io - MAC address vendor lookup
- maclookup.app - Find the vendor name of a device by entering an OUI or a MAC address
- macvendors.co - Get vendor name of your network device using its mac address
- Have I Been Pwned - Check if your email or phone is in a data breach
- Dehashed - Free deep-web scans and protection against credential leaks
- LeakCheck.io - Make sure your credentials haven't been compromised
- crackstation.net -Massive pre-computed lookup tables to crack password hashes
- HashKiller - Pre-cracked Hashes, easily searchable
- LeakedPassword - Search across multiple data breaches to see if your pass has been compromised
- BugMeNot - Find and share logins
- WikiLeaks - News leaks and classified media provided by anonymous sources
- Leak-Lookup - Search across thousands of data breaches
- Snusbase - Stay on top of the latest database breaches
- breachdirectory.org - Check if your information was exposed in a data breach
- BreachForums - Breaches, Data leaks, databases and more
- Siph0n Breach DB (onionsite) - Breaches, Data leaks, Exploits
- Exposed Forum - The premier Databreach discussion & leaks forum
Hidden Services
- AHMIA - Search hidden services on the Tor network
- thehiddenwiki.org - The darknet guide
- tor.link - Free anonymous deepweb / Darknet search engine
- deepweblinks.net - Onion Links
- onionengine.com - A search engine for services accessible on the Tor network
- OnionLand - Discover Hidden Services and access to Tor's onion sites
These can be useful for osint and social engineering.
- YouTube
- Tumblr
- Flickr
- SnapChat
- Quora
- TikTok
- Vimeo
- Medium
- VK
- Tinder
- NumLookup - Free reverse phone lookup
- SpyDialer - Free Reverse Lookup Search
- WhitePages - Find people, contact info & background checks
- National Cellular Directory - Begin your comprehensive people search now
- Phone Validator - Is it a cell phone or is it a landline or is it a fake?
- Free Carrier Lookup - Enter a phone number and we'll return the carrier name
- RocketReach - Your first-degree connection to any professional
- sync.me - Find out who called
- EmobileTracker - Track Mobile Owner Name, Location and Mobile Service Provider
- Reverse Phone Lookup - Find Out The Owner Of A Phone Number
- ThatsThem - Reverse phone lookup
- thisnumber.com - International Phone Directories
- usphonebook.com - Free Reverse Phone Number Lookup
- truepeoplesearch.com - Get current address, cell phone number, email address, relatives, friends and a lot more
- Tellows - Who is calling? The phone number reverse search
- SynapsInt - The unified OSINT research tool
- C99.nl - Over 57 quality API's and growing
- ValidNumber.com - Free reverse phone lookup service to let you identify a caller associated with any 10-digit phone number from the US and Canada
- CellIdFinder - Nonprofit project wich helps you to find GSM BTS by MCC, MNC, LAC and CellID
- OldPhoneBook - Intantly search a large selection from the past 20 years of USA phone listings
- Spokeo - Search by name, phone, address, or email to confidentially lookup information about people you know
- Intelius Phone Lookup - Look up a phone number to find owner information, carrier details, and more
- ZabaSearch Phone Lookup - Reverse Phone Lookup Tool Can Uncover Personal Information, Social Media Data, Online Activity, Photos, and More
- AnyWho Phone Lookup - Find out information associated with a phone number
- Radaris Phone Lookup - Look up any phone number to see its owner and identify who's calling or texting you
- Google Image Search - The most comprehensive image search on the web
- Baidu Image - Baidu Image Search
- Yahoo Image - Yahoo Image Search
- Yandex Image - Yandex Image Search
- Facecheck.id - Search for people by photo and verify you are talking to the person they claim to be
- Bing Visual Search - See it, search it
- Reverse Image Search - Super-fast image finder that helps you find similar images online
- Reverse Image - Find Where Images Appear Online
- Pixsy - Find and fight image theft
- Pimeyes - Face Search Engine, Reverse Image Search
- Pictriev - Find look-alike celebrities on the web using the face recognition
- Karmadecay - Reverse image search of Reddit.com
- Infringement Report - The web's best image copyright infringement search tool
- Tineye - Image search and recognition company
- Flickr - Home to tens of billions of photos and 2 million groups
- Sogou - Chinese technology company that offers a search engine
- Jimpl - Online photo metadata and EXIF data viewer
- Same Energy - Find beautiful images
- MITRE ATT&CK - Globally-accessible knowledge base of adversary tactics and techniques
- PulseDive - Threat intelligence made easy
- ThreatCrowd - A Search Engine for Threats
- ThreatMiner - Data Mining for Threat Intelligence
- VirusTotal - Analyze suspicious files, domains, IPs and URLs to detect malware and other breaches
- vx-underground.org - The largest collection of malware source code, samples, and papers on the internet
- bazaar.abuse.ch - Malware sample database
- feodotracker.abuse.ch - List of botnet Command&Control servers
- sslbl.abuse.ch - All malicious SSL certificates
- urlhaus.abuse.ch - Propose new malware urls
- threatfox.abuse.ch - Indicator Of Compromise (IOC) database
- yaraify.abuse.ch - Scan suspicious files such as malware samples or process dumps against a large repository of YARA rules
- Rescure - Curated cyber threat intelligence for everyone
- otx.alienvault - The World's First Truly Open Threat Intelligence Community
- urlquery.net - Service for detecting and analyzing web-based malware
- socradar.io - Extension to your SOC team
- VirusShare - System currently contains 48 million malware samples
- PassiveTotal - Security intelligence that scales security operations and response
- malapi.io - Windows APIs used for malicious purposes
- filesec.io - Latest file extensions being used by attackers
- leakix.net - Search engine indexing public information and an open reporting platform linked to the results
- tria.ge - Fully automated solution for high-volume malware analysis using advanced sandboxing technology
- Polyswarm - Launchpad for new technologies and innovative threat detection methods
- Cisco Talos - The threat intelligence organization at the center of the Cisco Security portfolio
- scamsearch.io - Find your scammer online & report them
- CyberCampaigns - Threat Actor information and Write-Ups
- ORKL - The Community Driven Cyber Threat Intelligence Library
- Maltiverse - Data from more than 100 different Threat Intelligence sources
- Inquest Labs - Threat intelligence from hundreds of public, private, and internal sources to develop new FDR signatures and rules
- PhishTank - Collaborative clearing house for data and information about phishing on the Internet
- IntelOwl - Open Source Intelligence, or OSINT solution to get threat intelligence data about a specific file, an IP or a domain from a single API at scale
- Lupovis - Analyze and collect data on Internet-wide scans and attacks in real-time. We use this data to identify and classify malicious actors
- AbuseIPDB - Check the report history of any IP address to see if anyone else has reported malicious activities
- Sucuri SiteCheck - Check websites for known malware, viruses, blacklisting status, website errors, out-of-date software, and malicious code
- Spamhaus - Protect and investigate using IP and domain reputation data
- ThreatBook - One step ahead of your adversary with high-fidelity, efficient and actionable cyber threat intelligence
- ShadowServer - Nonprofit security organization working altruistically behind the scenes to make the Internet more secure for everyone
- Team Cymru - Global leader in cyber threat intelligence and attack surface management
- BeVigil - Search engine for mobile application security testing
- CIRCL - The Computer Incident Response Center Luxembourg is a government-driven initiative designed to gather, review, report and respond to computer security threats and incidents
- MetaDefender Cloud - Advanced threat detection and prevention platform
- Cybersixgill - Threat intelligence platform that provides access to a wide range of cybersecurity information, including dark web monitoring and threat actor analysis
- Hybrid Analysis - Free malware analysis service for the community that detects and analyzes unknown threats using a unique Hybrid Analysis technology
- IBM X-Force Exchange - Threat intelligence sharing platform enabling research on security threats, aggregation of intelligence, and collaboration with peers
- The DFIR Report - Real Intrusions by Real Attackers, The Truth Behind the Intrusion
- Web Archive - Explore more than 702 billion web pages saved over time
- Archive.ph - Create a copy of a webpage that will always be up even if the original link is down
- CachedPages - Get the cached page of any URL
- stored.website - View cached web pages/website
- CommonCrawl - Open repository of web crawl data
- UK Web Archive - Collects millions of websites each year, preserving them for future generations
- Arquivo - Non-profit service that maintains information published on the web of interest to the Portuguese community
- Archive-It - An archive of digital government and non-government organization (NGO) documents and reports
- HAW - Croatian Web Archive
- Insecam.org - The world biggest directory of online surveillance security cameras
- Surveillance under Surveillance - Cameras and guards watching you almost everywhere
- NetoGraph - Captures and indexes detailed, low-level snapshots of website behaviour
- DorkSearch - Speed up your Dorking
- usersearch.org - Find someone by username or email on Social Networks, Dating Sites, Forums, Crypto Forums, Chat Sites and Blogs
- Pastebin - Website where you can store text online for a set period of time
If you want to propose changes, just open an issue or a pull request.
edoardoottavianelli.it to contact me.