30 Cybersecurity Search Engines for Researchers

on under Research
2 minute read

Checked Daniel Kelley’s twitter at https://twitter.com/danielmakelley. So I saw his 30 cybersecurity search engines tweets, thought it was really cool. I figured "I better record this for my own info", and what better way than to make it more widely available. This is just a reposting of his tweet, expanded to the URLs I found as of today. All hail Daniel Kelley, the true contributor of the valuable info below. Check out his twitter account, it’s useful and he has a weekly newsletter that you should sign up for, probably.

  1. Dehashed—View leaked credentials.
    https://www.dehashed.com/
  2. SecurityTrails—Extensive DNS data.
    https://securitytrails.com/
  3. DorkSearch—Really fast Google dorking.
    https://dorksearch.com/
  4. ExploitDB—Archive of various exploits.
    https://www.exploit-db.com/
  5. ZoomEye—Gather information about targets.
    https://www.zoomeye.org/
  6. Pulsedive—Search for threat intelligence.
    https://pulsedive.com/
  7. GrayhatWarfare—Search public S3 buckets.
    https://buckets.grayhatwarfare.com/
  8. PolySwarm—Scan files and URLs for threats.
    https://polyswarm.network/
  9. Fofa—Search for various threat intelligence.
    https://fofa.info/
  10. LeakIX—Search publicly indexed information.
    https://leakix.net/
  11. DNSDumpster—Search for DNS records quickly.
    https://dnsdumpster.com/
  12. FullHunt—Search and discovery attack surfaces.
    https://fullhunt.io/
  13. AlienVault—Extensive threat intelligence feed.
    https://otx.alienvault.com/
  14. ONYPHE—Collects cyber-threat intelligence data.
    https://www.onyphe.io/
  15. Grep App—Search across a half million git repos.
    https://grep.app/
  16. URL Scan—Free service to scan and analyse websites.
    https://urlscan.io/
  17. Vulners—Search vulnerabilities in a large database.
    https://vulners.com/
  18. WayBackMachine—View content from deleted websites.
    https://archive.org/web/
  19. Shodan—Search for devices connected to the internet.
    https://www.shodan.io/
  20. Netlas—Search and monitor internet connected assets.
    https://app.netlas.io/host/
  21. CRT sh—Search for certs that have been logged by CT.
    https://crt.sh/
  22. Wigle—Database of wireless networks, with statistics.
    https://www.wigle.net/
  23. PublicWWW—Marketing and affiliate marketing research.
    https://publicwww.com/
  24. Binary Edge—Scans the internet for threat intelligence.
    https://app.binaryedge.io/login
  25. GreyNoise—Search for devices connected to the internet.
    https://viz.greynoise.io/
  26. Hunter—Search for email addresses belonging to a website.
    https://hunter.io/
  27. Censys—Assessing attack surface for internet connected devices.
    https://search.censys.io/
  28. IntelligenceX—Search Tor, I2P, data leaks, domains, and emails.
    https://intelx.io/
  29. Packet Storm Security—Browse latest vulnerabilities and exploits.
    https://packetstormsecurity.com/
  30. SearchCode—Search 75 billion lines of code from 40 million projects.
    https://searchcode.com/
recon
comments powered by Disqus
 LinkedIn
Github