Awesome Hacker Search Engines

A list of search engines useful during Penetration testing, vulnerability assessments, red team operations, bug bounty and more

GeneralServersVulnerabilitiesExploitsAttack surfaceCodeMail addressesDomainsURLsDNSCertificatesWiFi networksCredentialsSocial NetworksPhone numbersThreat IntelligenceWeb History

### General Search Engines - [Google](https://www.google.com/) - [Bing](https://www.bing.com/) - [Yahoo!](http://www.yahoo.com/) - [Yandex](https://yandex.com/) ### Servers - [Shodan](https://shodan.io) - Search Engine for the Internet of Everything - [Censys](https://censys.io/) - [Onyphe.io](https://www.onyphe.io/) - [ZoomEye](https://www.zoomeye.org/) - [GreyNoise](https://viz.greynoise.io/) - [Natlas](https://natlas.io/) - [FOFA](https://fofa.info/) ### Vulnerabilities - [NIST NVD](https://nvd.nist.gov/vuln/search) - [MITRE CVE](https://cve.mitre.org/cve/search_cve_list.html) - [osv.dev](https://osv.dev/list) - Open Source Vulnerabilities - [Vulners.com](https://vulners.com/) - [Rapid7 - DB](https://www.rapid7.com/db/) - [CVEDetails](https://www.cvedetails.com/) ### Exploits - [Exploit-DB](https://www.exploit-db.com/) - [Sploitus](https://sploitus.com/) - [Rapid7 - DB](https://www.rapid7.com/db/) ### Attack Surface - [FullHunt.io](https://fullhunt.io/) - [BynaryEdge](https://www.binaryedge.io/) - [RedHunt Labs](https://redhuntlabs.com/) - [SecurityTrails](https://securitytrails.com/) ### Code Search Engines - [GitHub Code Search](https://cs.github.com/) - [grep.app](https://grep.app/) - [publicwww.com](https://publicwww.com/) - [SearchCode](https://searchcode.com/) - [NerdyData](https://www.nerdydata.com/) - [RepoSearch](http://codefinder.org/) ### Mail addresses - [Hunter.io](https://hunter.io/) - [PhoneBook](https://phonebook.cz/) - [IntelligenceX](https://intelx.io/) - [Reacher.email](https://reacher.email/) - [RocketReach](https://rocketreach.co/) - [email-format.com](https://www.email-format.com/) - [EmailHippo](https://tools.emailhippo.com/) - [ThatsThem](https://thatsthem.com/reverse-email-lookup) - Reverse email lookup - [verify-email.org](https://verify-email.org/) - [Melissa - Emailcheck](https://www.melissa.com/v2/lookups/emailcheck/email/) - [VoilaNorbert](https://www.voilanorbert.com/) - [skymem.info](http://www.skymem.info/) ### Domains - [PhoneBook](https://phonebook.cz/) - [IntelligenceX](https://intelx.io/) - [Omnisint](https://omnisint.io/subdomain-enumeration) - Subdomain enumeration - [Riddler](https://riddler.io/) - [RobTex](https://www.robtex.com/) - [CentralOps - DomainDossier](https://centralops.net/co/DomainDossier.aspx) - [DomainIQ](https://www.domainiq.com/) - [whois.domaintools.com](https://whois.domaintools.com/) - [whoisology.com](https://whoisology.com/) - [who.is](https://who.is/) - [pentest-tools.com](https://pentest-tools.com/information-gathering/find-subdomains-of-domain) - [BuiltWith](https://builtwith.com/) - [MoonSearch](http://moonsearch.com/) - [sitereport.netcraft.com](https://sitereport.netcraft.com/) - [statscrop.com](https://www.statscrop.com/) - [securityheaders.com](https://securityheaders.com/) - [visualsitemapper.com](http://www.visualsitemapper.com/) - [similarweb.com](https://www.similarweb.com/) - [buckets.grayhatwarfare.com](https://buckets.grayhatwarfare.com/) - Public buckets ### URLs - [PhoneBook](https://phonebook.cz/) - [IntelligenceX](https://intelx.io/) - [URLScan](https://urlscan.io/) - [HackerTarget](https://hackertarget.com/ip-tools/) - [MOZ Link Explorer](https://moz.com/link-explorer) - [spyonweb.com](https://spyonweb.com/) ### DNS - [DNSDumpster](https://dnsdumpster.com/) - [RapidDNS](https://rapiddns.io/) - [DNSdb](https://docs.farsightsecurity.com/#dnsdb) - [Omnisint](https://omnisint.io/reverse-dns-lookup) - Reverse DNS lookup - [HackerTarget](https://hackertarget.com/ip-tools/) - [passivedns.mnemonic.no](https://passivedns.mnemonic.no/) - [ptrarchive.com](http://ptrarchive.com/) - [dnshistory.org](http://dnshistory.org/) - [DNSTwister](https://dnstwister.report/) - [DNSviz](https://dnsviz.net/) ### Certificates - [Crt.sh](https://crt.sh/) - [CTSearch](https://ui.ctsearch.entrust.com/ui/ctsearchui) - [TLS.BufferOver.run](https://tls.bufferover.run/) - [CertSpotter](https://sslmate.com/certspotter/) ### WiFi networks - [Wigle.net](https://wigle.net/) ### Credentials - [Have I Been Pwned](https://haveibeenpwned.com/) - [Dehashed](https://www.dehashed.com/) - [Leak-Lookup](https://leak-lookup.com/) - [Snusbase](https://snusbase.com/) - [LeakCheck.io](https://leakcheck.io/) ### Social Networks These can be useful for osint and social engineering. - [Facebook](https://www.facebook.com/) - [Instagram](https://www.instagram.com/) - [YouTube](https://www.youtube.com/) - [Twitter](https://twitter.com/) - [LinkedIn](https://www.linkedin.com/) - [Reddit](https://new.reddit.com/) - [Pinterest](https://www.pinterest.com/) - [Tumblr](https://www.tumblr.com/) - [Flickr](https://www.flickr.com/) - [SnapChat](https://www.snapchat.com/) - [Whatsapp](https://www.whatsapp.com/) - [Quora](https://www.quora.com/) - [TikTok](https://www.tiktok.com/) - [Vimeo](https://vimeo.com/) - [Medium](https://medium.com/) - [WeChat](https://www.wechat.com/) - [VK](https://vk.com/) - [Weibo](https://weibo.com/) - [Tinder](https://tinder.com/) ### Phone numbers - [RocketReach](https://rocketreach.co/) - [NumLookup](https://www.numlookup.com/) - [WhitePages](https://www.whitepages.com/) - [National Cellular Directory](https://www.nationalcellulardirectory.com/) - [Phone Validator](https://www.phonevalidator.com/) - [Free Carrier Lookup](https://freecarrierlookup.com/) - [sync.me](https://sync.me/) - [EmobileTracker](https://www.emobiletracker.com/) - [SpyDialer](https://spydialer.com/) - [Reverse Phone Lookup](https://www.reversephonelookup.com/) - [ThatsThem](https://thatsthem.com/reverse-phone-lookup) - Reverse phone lookup - [thisnumber.com](https://www.thisnumber.com/) - [usphonebook.com](https://www.usphonebook.com/) - [truecaller.com](https://www.truecaller.com/) - [truepeoplesearch.com](https://www.truepeoplesearch.com/#) ### Threat Intelligence - [PulseDive](https://pulsedive.com/) - [ThreatCrowd](https://threatcrowd.org/) - [ThreatMiner](https://www.threatminer.org/) - [VirusTotal](https://www.virustotal.com/) - [Rescure](https://rescure.me/) - [otx.alienvault](https://otx.alienvault.com/) - [urlquery.net](https://urlquery.net/) ### Web History - [Web Archive](https://web.archive.org/) - [Archive.ph](https://archive.ph/) - [CachedPages](http://www.cachedpages.com/) - [stored.website](https://stored.website/) ### Unclassified - [SynapsInt](https://synapsint.com/) - [Spyse](https://spyse.com/) - [NetoGraph](https://netograph.io/) - [DNS.BufferOver.run](https://dns.bufferover.run/) - [C99.nl](https://api.c99.nl/) - [Chaos](https://chaos.projectdiscovery.io/#/) - [CommonCrawl](https://commoncrawl.org/) - [PassiveTotal](https://api.passivetotal.org/) --------- If you want to propose changes, just open an [issue](https://github.com/edoardottt/awesome-hacker-search-engines/issues).