Search Engines
Network Scanning and Reconnaissance
Shodan: Cybersecurity search engine for internet-connected devices.
Censys: Platform that provides information on all devices and networks on the internet.
ZoomEye: Search engine for discovering internet-connected devices.
Onyphe: Synthesizes data about cyber threats and internet-exposed devices.
FOFA: Cybersearch engine for internet assets and configurations.
GreyNoise: Analyzes internet background noise.
Vulnerability Databases and Exploits
NIST NVD: The U.S. government's vulnerability database with standards-based data.
ExploitDB: An archive of public exploits and corresponding software vulnerabilities.
Vulmon: A search engine for security vulnerabilities and exploits.
VulDB: A database providing information about security vulnerabilities.
Rapid7 DB: Contains information about vulnerabilities sourced by Rapid7.
Sploitus: Exploit and vulnerability search engine.
0day.today: Database of exploits and vulnerabilities.
FullHunt: Attack surface discovery and management.
osv.dev: Open source vulnerability database and triage service.
OpenCVE: CVE alerting platform.
DNS and Domain Analysis
DNSdumpster: Free domain research tool for DNS and subdomain information.
RobTex: Provides various DNS and network-related tools.
SecurityTrails: Offers historical and current DNS data.
Netlas: Internet-wide scanner, focusing on cybersecurity data and threat intelligence.
DNSViz: A tool for visualizing the status of DNSSEC zones.
DNSdb: DNS intelligence and investigation tool.
Email Address Discovery and Verification
Hunter.io: Finds email addresses associated with a domain and performs verification.
Snov.io: Provides tools for email address discovery and verification.
Skymem: Online service for finding email addresses.
EmailRep: Assesses the reputation of an email address.
Voila Norbert: Service for finding and verifying email addresses.
That'sThem: Free people search engine.
FastPeopleSearch: Find people fast and free.
Threat Intelligence
AlienVault OTX: Crowd-sourced platform for sharing threat intelligence.
GreyNoise: Analyzes and filters internet background noise.
ThreatCrowd: Tool to search for threat intelligence data.
VirusTotal: Analyzes files and URLs for security threats.
Code Repositories and Development Resource Search
grep.app: Searches across git repositories.
SearchCode: Enables search for code across web repositories.
NerdyData: Search engine for source code and web technology.
Archiving and Web Content Retrieval
WaybackMachine: Digital archive of the World Wide Web and other information on the internet.
BuiltWith: Provides intelligence information on what technologies websites are using.
PublicWWW: Allows you to perform source code search, which is useful for cybersecurity and marketing research.
Leaked Data and Credentials
Dehashed: A search engine for leaked credentials.
Snusbase: Database search engine for leaked info.
HashKiller: Community-driven password cracking platform.
LeakIX: Search engine for open databases and leaked sources.
Miscellaneous OSINT and Data Aggregation
IntelX: A search engine and data archive providing various threat intelligence and data.
Grep App: Searches across a half-million git repositories.
FullHunt: Provides attack surface analysis for cybersecurity.
NerdyData: Search engine for source code and web technology.
SearchCode: Enables you to search for code across web repositories.
PublicWWW: Allows you to perform source code search.
Wigle: Database for wireless networks worldwide.
WiFimap: Tool for finding public Wi-Fi networks.
WiFispc: Directory of Wi-Fi networks around the world.
Last updated