⚔️
Carpa Security Book
  • 😎Introduction
  • 🔴Offensive Security
    • Reconnaissance & Information Gathering
      • Passive Reconnaissance
        • Reconnaissance Frameworks
        • Metadata Analysis
        • Domain & IP Enumeration
        • Social Media
        • Email Addresses
        • Search Engines
      • Active Recon
        • System & Network
          • Network & Port Scanning
          • Vulnerability Scanners
          • OS Fingerprinting & Service Identification
          • Network Mapping and Visualization
          • Service Enumeration
        • Web Application
          • Public Resource
          • Technology Mapping
          • Analyzing Client Side Code
          • Testing User Inputs and Controls:
          • Analyzing Server Responses and Error Messages:
          • API and Endpoint Analysis:
          • Session Management Analysis
          • Automated Vulnerability Scanning
          • Web Enumeration
        • Wireless Network Reconnaissance
    • Exploitation & Target Compromise
    • Privilege Escalation
    • Post Exploitation
      • Lateral Movement
    • Attacktive Directory
    • Credential Attacks
    • Wireless
    • Social Engineering
    • Web App PenTesting
    • Physical Security
  • 🔵Defensive Security
  • 🖥️Linux Commands
  • 🔠Certificates Prep
  • 🔗Training and Resources
Powered by GitBook
On this page
  • Network Scanning and Reconnaissance
  • Vulnerability Databases and Exploits
  • DNS and Domain Analysis
  • Email Address Discovery and Verification
  • Threat Intelligence
  • Code Repositories and Development Resource Search
  • Archiving and Web Content Retrieval
  • Leaked Data and Credentials
  • Miscellaneous OSINT and Data Aggregation
  1. Offensive Security
  2. Reconnaissance & Information Gathering
  3. Passive Reconnaissance

Search Engines

PreviousEmail AddressesNextActive Recon

Last updated 1 year ago

Network Scanning and Reconnaissance

  • : Cybersecurity search engine for internet-connected devices.

  • : Platform that provides information on all devices and networks on the internet.

  • : Search engine for discovering internet-connected devices.

  • : Synthesizes data about cyber threats and internet-exposed devices.

  • : Cybersearch engine for internet assets and configurations.

  • : Analyzes internet background noise.

Vulnerability Databases and Exploits

  • : The U.S. government's vulnerability database with standards-based data.

  • : An archive of public exploits and corresponding software vulnerabilities.

  • : A search engine for security vulnerabilities and exploits.

  • : A database providing information about security vulnerabilities.

  • : Contains information about vulnerabilities sourced by Rapid7.

  • : Exploit and vulnerability search engine.

  • : Database of exploits and vulnerabilities.

  • : Attack surface discovery and management.

  • : Open source vulnerability database and triage service.

  • : CVE alerting platform.

DNS and Domain Analysis

Email Address Discovery and Verification

Threat Intelligence

Code Repositories and Development Resource Search

Archiving and Web Content Retrieval

Leaked Data and Credentials

Miscellaneous OSINT and Data Aggregation

: Free domain research tool for DNS and subdomain information.

: Provides various DNS and network-related tools.

: Offers historical and current DNS data.

: Internet-wide scanner, focusing on cybersecurity data and threat intelligence.

: A tool for visualizing the status of DNSSEC zones.

: DNS intelligence and investigation tool.

: Finds email addresses associated with a domain and performs verification.

: Provides tools for email address discovery and verification.

: Online service for finding email addresses.

: Assesses the reputation of an email address.

: Service for finding and verifying email addresses.

: Free people search engine.

: Find people fast and free.

: Crowd-sourced platform for sharing threat intelligence.

: Analyzes and filters internet background noise.

: Tool to search for threat intelligence data.

: Analyzes files and URLs for security threats.

: Searches across git repositories.

: Enables search for code across web repositories.

: Search engine for source code and web technology.

: Digital archive of the World Wide Web and other information on the internet.

: Provides intelligence information on what technologies websites are using.

: Allows you to perform source code search, which is useful for cybersecurity and marketing research.

: A search engine for leaked credentials.

: Database search engine for leaked info.

: Community-driven password cracking platform.

: Search engine for open databases and leaked sources.

: A search engine and data archive providing various threat intelligence and data.

: Searches across a half-million git repositories.

: Provides attack surface analysis for cybersecurity.

: Search engine for source code and web technology.

: Enables you to search for code across web repositories.

: Allows you to perform source code search.

: Database for wireless networks worldwide.

: Tool for finding public Wi-Fi networks.

: Directory of Wi-Fi networks around the world.

🔴
Shodan
Censys
ZoomEye
Onyphe
FOFA
GreyNoise
NIST NVD
ExploitDB
Vulmon
VulDB
Rapid7 DB
Sploitus
0day.today
FullHunt
osv.dev
OpenCVE
DNSdumpster
RobTex
SecurityTrails
Netlas
DNSViz
DNSdb
Hunter.io
Snov.io
Skymem
EmailRep
Voila Norbert
That'sThem
FastPeopleSearch
AlienVault OTX
GreyNoise
VirusTotal
grep.app
SearchCode
NerdyData
WaybackMachine
BuiltWith
PublicWWW
Dehashed
Snusbase
HashKiller
LeakIX
IntelX
Grep App
FullHunt
NerdyData
SearchCode
PublicWWW
Wigle
WiFimap
WiFispc
ThreatCrowd