A curated list of awesome search engines useful during Penetration testing, Vulnerability assessments, Red/Blue Team operations, Bug Bounty and more
Go to file
Edoardo Ottavianelli 67fcd40902
Merge pull request #99 from DevanshKyada27/patch-2
Added to leak section
2023-10-18 10:13:55 +02:00
.github Update check-duplicates.yml 2023-10-14 20:11:18 +05:30
scripts removed section_escaped 2023-10-14 20:20:00 +05:30
LICENSE Create LICENSE 2023-04-12 12:03:02 +02:00
README.md Merge pull request #99 from DevanshKyada27/patch-2 2023-10-18 10:13:55 +02:00

Awesome Hacker Search Engines

A curated list of awesome search engines useful during Penetration testing, Vulnerability assessments, Red/Blue Team operations, Bug Bounty and more

GeneralServersVulnerabilitiesExploitsAttack surfaceCodeMail addressesDomainsURLsDNSCertificatesWiFi networksDevice InfoCredentialsLeaksHidden ServicesSocial NetworksPhone numbersImagesThreat IntelligenceWeb HistorySurveillance cameras

General Search Engines

Servers

  • Shodan - Search Engine for the Internet of Everything
  • Censys Search - Search Engine for every server on the Internet to reduce exposure and improve security
  • Onyphe.io - Cyber Defense Search Engine for open-source and cyber threat intelligence data
  • ZoomEye - Global cyberspace mapping
  • GreyNoise - The source for understanding internet noise
  • Natlas - Scaling Network Scanning
  • Netlas.io - Discover, Research and Monitor any Assets Available Online
  • FOFA - Cyberspace mapping
  • Quake - Cyberspace surveying and mapping system
  • Hunter - Internet Search Engines For Security Researchers

Vulnerabilities

Exploits

  • Exploit-DB - Exploit Database
  • Sploitus - Convenient central place for identifying the newest exploits
  • Rapid7 - DB - Vulnerability & Exploit Database
  • Vulmon - Vulnerability and exploit search engine
  • packetstormsecurity.com - Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
  • 0day.today - Ultimate database of exploits and vulnerabilities
  • LOLBAS - Living Off The Land Binaries, Scripts and Libraries
  • GTFOBins - Curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems
  • Payloads All The Things - A list of useful payloads and bypasses for Web Application Security
  • XSS Payloads - The wonderland of JavaScript unexpected usages, and more
  • exploitalert.com - Database of Exploits
  • Reverse Shell generator - Online Reverse Shell generator with Local Storage functionality, URI & Base64 Encoding, MSFVenom Generator, and Raw Mode
  • HackerOne hacktivity - See the latest hacker activity on HackerOne
  • Bugcrowd Crowdstream - Showcase of accepted and disclosed submissions on Bugcrowd programs
  • GTFOArgs - Curated list of Unix binaries that can be manipulated for argument injection
  • shell-storm.org/shellcode - Shellcodes database for study cases
  • Hacking the Cloud - Encyclopedia of the attacks/tactics/techniques that offensive security professionals can use on their next cloud exploitation adventure
  • LOLDrivers - Open-source project that brings together vulnerable, malicious, and known malicious Windows drivers
  • PwnWiki - Collection of TTPs (tools, tactics, and procedures) for what to do after access has been gained
  • CVExploits Search - Your comprehensive database for CVE exploits from across the internet

Attack Surface

  • FullHunt.io - Attack surface database of the entire Internet
  • BinaryEdge - We scan the web and gather data for you
  • Censys ASM - Attack Surface Management Solutions
  • RedHunt Labs - Discover your Attack Surface, Continuously
  • SecurityTrails - The Total Internet Inventory
  • overcast-security.com - We make tracking your external attack surface easy
  • IPInfo.io - The trusted source for IP address data
  • IPData.co - IP Geolocation and Threat Intelligence API
  • NetworksDB - information about the public IPv4 and IPv6 addresses, networks and domains owned by companies and organisations across the world
  • ASNlookup - Quickly lookup updated information about specific Autonomous System Number (ASN), Organization, CIDR, or registered IP addresses (IPv4 and IPv6) among other relevant data
  • BGPtools - Browse the Internet ecosystem
  • BGPview - Debug and investigate information about IP addresses, ASN, IXs, BGP, ISPs, Prefixes and Domain names
  • BigDataCloud - The API provides comprehensive location and network data
  • RADb - The world's largest public routing registry
  • Deepinfo - Empower your security with the most comprehensive Internet data
  • Detectify - Complete External Attack Surface Management

Code

  • GitHub Code Search - Search globally across all of GitHub, or scope your search to a particular repository or organization
  • GitLab Code Search - Advanced search for faster, more efficient search across the entire GitLab instance
  • Sourceforge - Complete Open-Source and Business Software Platform
  • grep.app - Search across a half million git repos
  • publicwww.com - Find any alphanumeric snippet, signature or keyword in the web pages HTML, JS and CSS code
  • SearchCode - Search 75 billion lines of code from 40 million projects
  • NerdyData - Find companies based on their website's tech stack or code
  • RepoSearch - Source code search engine that helps you find implementation details, example usages or just analyze code
  • SourceGraph - Understand and search across your entire codebase
  • HotExamples - Search code examples from over 1 million projects
  • WP Directory - Lightning fast regex searching of code in the WordPress Plugin and Theme Directories
  • GitHub Gists - Instantly share code, notes, and snippets
  • CodeBerg - Collaboration platform and Git hosting for free and open source software, content and projects
  • Fedora Pagure - Open Source software code hosting system
  • LaunchPad - Software collaboration platform that provides: Bug tracking, Code hosting, Code reviews, Ubuntu package building and hosting, Translations...
  • repo.or.cz - Public Git hosting site
  • gitorious.org - Read-only mirror of the former gitorious.org code hosting website
  • Sourcehut - Collection of tools useful for software development
  • android.googlesource.com - Git repositories on android
  • deps.dev - Service developed and hosted by Google to help developers better understand the structure, construction, and security of open source software packages
  • WebFinery - Search the source code of the web
  • Google Code Archive - Data found on the Google Code Project Hosting Service, which was turned down in early 2016
  • Snipplr - Code snippet search engine that allows users to search and share code snippets across various programming languages and frameworks
  • Postman Public Collections - Explore the best APIs, collections, workspaces in the world on the Postman Public API Network

Mail Addresses

  • Hunter.io - Find professional email addresses in seconds
  • PhoneBook - Lists all domains, email addresses, or URLs for the given input domain
  • IntelligenceX - Search engine and data archive
  • Reacher.email - Open-Source Email Verification
  • RocketReach - Your first-degree connection to any professional
  • email-format.com - Find the email address formats in use at thousands of companies
  • EmailHippo - Email address verification technology
  • ThatsThem - Reverse email lookup
  • verify-email.org - Checks whether the mailbox exists or not
  • Melissa - Emailcheck - Check email addresses and verify they are live
  • VoilaNorbert - I can find anyone's email address
  • SynapsInt - The unified OSINT research tool
  • skymem.info - Find email addresses of companies and people
  • findemails.com - Find Anyone's Email Address in Seconds
  • Experte email finder - Find the right email address, even if you only know the name and the company
  • EmailSherlock - Search for the Person behind the Email address and find our reputation score
  • Anymail Finder - Find verified emails
  • Tomba.io - With 430+ million email addresses indexed, effective search filters, and deliverability checks, Tomba's email finder is its most powerful tool
  • Snov Email Finder Find any email. Anywhere

Domains

URLs

DNS

  • DNSDumpster - dns recon & research, find & lookup dns records
  • Chaos - Enhance research and analyse changes around DNS for better insights
  • RapidDNS - dns query tool which make querying subdomains or sites of a same ip easy
  • DNSdb - Passive DNS historical database
  • Omnisint - Reverse DNS lookup
  • HackerTarget - Collect information about IP Addresses, Networks, Web Pages and DNS records
  • passivedns.mnemonic.no - Web interface for querying passive DNS data collected in our malware lab
  • ptrarchive.com - Over 230 billion reverse DNS entries from 2008 to the present
  • dnshistory.org - Domain Name System Historical Record Archive
  • DNSTwister - The anti-phishing domain name search engine and DNS monitoring service
  • DNSviz - Tool for visualizing the status of a DNS zone
  • C99.nl - Over 57 quality API's and growing
  • wannabe1337.xyz - Online Tools
  • DNSlytics - Find out everything about a domain name, IP address or provider
  • dnsrepo.noc.org - DNS Database Repository Search
  • DNSSpy - Monitor, validate and verify your DNS configurations
  • ZETAlytics - We offer unrivalled geographic diversity and exclusive global network visibility in searchable datasets for use by cyber security analysts
  • AskDNS - Lookup Connected Domain Names and IP Addresses
  • 360 PassiveDNS.CN - Biggest public available db in China designed for security and research purpose
  • MXtoolbox - All of your MX record, DNS, blacklist and SMTP diagnostics in one integrated tool
  • NSLookup.io - Find all DNS records for a domain name using this online tool
  • Robtex DNS Lookup - Get detailed information on the nameservers associated with a domain name

Certificates

  • Crt.sh - Certificate Search
  • CTSearch - Certificate Transparency Search Tool
  • tls.bufferover.run - Quickly find certificates in IPv4 space
  • CertSpotter - Monitors your domains for expiring, unauthorized, and invalid SSL certificates
  • SynapsInt - The unified OSINT research tool
  • Censys Search - Certificates - Certificates Search
  • ciphersuite.info - TLS Ciphersuite Search. Search for a particular cipher suite by using IANA, OpenSSL or GnuTLS name format
  • certificatedetails - Online certificate viewer. Inspect and dowload certificates from your browser
  • FacebookCT - Search for certificates issued for a given domain and subscribe to notifications from Facebook regarding new certificates
  • certs.io - Search TLS certificates across the internet.

WiFi Networks

  • Wigle.net - Maps and database of 802.11 wireless networks with statistics
  • wifimap.io - Connect to all Free WiFi Hotspots using WiFi Map App all over the World!
  • wificafespots.com - Free WiFi Cafe Spots
  • wifispc.com - Free map of Wi-Fi passwords anywhere you go!
  • openwifimap.net - HTML5 map with OpenWiFiMap data
  • mylnikov.org - Public API implementation of Wi-Fi Geo-Location database

Device Information

Credentials

  • Have I Been Pwned - Check if your email or phone is in a data breach
  • Dehashed - Free deep-web scans and protection against credential leaks
  • LeakCheck.io - Make sure your credentials haven't been compromised
  • crackstation.net -Massive pre-computed lookup tables to crack password hashes
  • HashKiller - Pre-cracked Hashes, easily searchable
  • LeakedPassword - Search across multiple data breaches to see if your pass has been compromised
  • BugMeNot - Find and share logins

Leaks

Hidden Services

Social Networks

These can be useful for osint and social engineering.

Phone Numbers

  • NumLookup - Free reverse phone lookup
  • SpyDialer - Free Reverse Lookup Search
  • WhitePages - Find people, contact info & background checks
  • National Cellular Directory - Begin your comprehensive people search now
  • Phone Validator - Is it a cell phone or is it a landline or is it a fake?
  • Free Carrier Lookup - Enter a phone number and we'll return the carrier name
  • RocketReach - Your first-degree connection to any professional
  • sync.me - Find out who called
  • EmobileTracker - Track Mobile Owner Name, Location and Mobile Service Provider
  • Reverse Phone Lookup - Find Out The Owner Of A Phone Number
  • ThatsThem - Reverse phone lookup
  • thisnumber.com - International Phone Directories
  • usphonebook.com - Free Reverse Phone Number Lookup
  • truepeoplesearch.com - Get current address, cell phone number, email address, relatives, friends and a lot more
  • Tellows - Who is calling? The phone number reverse search
  • SynapsInt - The unified OSINT research tool
  • C99.nl - Over 57 quality API's and growing
  • ValidNumber.com - Free reverse phone lookup service to let you identify a caller associated with any 10-digit phone number from the US and Canada
  • CellIdFinder - Nonprofit project wich helps you to find GSM BTS by MCC, MNC, LAC and CellID
  • OldPhoneBook - Intantly search a large selection from the past 20 years of USA phone listings
  • Spokeo - Search by name, phone, address, or email to confidentially lookup information about people you know
  • Intelius Phone Lookup - Look up a phone number to find owner information, carrier details, and more
  • ZabaSearch Phone Lookup - Reverse Phone Lookup Tool Can Uncover Personal Information, Social Media Data, Online Activity, Photos, and More
  • AnyWho Phone Lookup - Find out information associated with a phone number
  • Radaris Phone Lookup - Look up any phone number to see its owner and identify who's calling or texting you

Images

  • Google Image Search - The most comprehensive image search on the web
  • Baidu Image - Baidu Image Search
  • Yahoo Image - Yahoo Image Search
  • Yandex Image - Yandex Image Search
  • Facecheck.id - Search for people by photo and verify you are talking to the person they claim to be
  • Bing Visual Search - See it, search it
  • Reverse Image Search - Super-fast image finder that helps you find similar images online
  • Reverse Image - Find Where Images Appear Online
  • Pixsy - Find and fight image theft
  • Pimeyes - Face Search Engine, Reverse Image Search
  • Pictriev - Find look-alike celebrities on the web using the face recognition
  • Karmadecay - Reverse image search of Reddit.com
  • Infringement Report - The web's best image copyright infringement search tool
  • Tineye - Image search and recognition company
  • Flickr - Home to tens of billions of photos and 2 million groups
  • Sogou - Chinese technology company that offers a search engine
  • Jimpl - Online photo metadata and EXIF data viewer
  • Same Energy - Find beautiful images
  • FotoForensics - Tools and training for digital picture analysis, including error level analysis, metadata, and tutorials

Threat Intelligence

  • MITRE ATT&CK - Globally-accessible knowledge base of adversary tactics and techniques
  • PulseDive - Threat intelligence made easy
  • ThreatCrowd - A Search Engine for Threats
  • ThreatMiner - Data Mining for Threat Intelligence
  • VirusTotal - Analyze suspicious files, domains, IPs and URLs to detect malware and other breaches
  • vx-underground.org - The largest collection of malware source code, samples, and papers on the internet
  • bazaar.abuse.ch - Malware sample database
  • feodotracker.abuse.ch - List of botnet Command&Control servers
  • sslbl.abuse.ch - All malicious SSL certificates
  • urlhaus.abuse.ch - Propose new malware urls
  • threatfox.abuse.ch - Indicator Of Compromise (IOC) database
  • yaraify.abuse.ch - Scan suspicious files such as malware samples or process dumps against a large repository of YARA rules
  • Rescure - Curated cyber threat intelligence for everyone
  • otx.alienvault - The World's First Truly Open Threat Intelligence Community
  • urlquery.net - Service for detecting and analyzing web-based malware
  • socradar.io - Extension to your SOC team
  • VirusShare - System currently contains 48 million malware samples
  • PassiveTotal - Security intelligence that scales security operations and response
  • malapi.io - Windows APIs used for malicious purposes
  • filesec.io - Latest file extensions being used by attackers
  • leakix.net - Search engine indexing public information and an open reporting platform linked to the results
  • tria.ge - Fully automated solution for high-volume malware analysis using advanced sandboxing technology
  • Polyswarm - Launchpad for new technologies and innovative threat detection methods
  • Cisco Talos - The threat intelligence organization at the center of the Cisco Security portfolio
  • scamsearch.io - Find your scammer online & report them
  • CyberCampaigns - Threat Actor information and Write-Ups
  • ORKL - The Community Driven Cyber Threat Intelligence Library
  • Maltiverse - Data from more than 100 different Threat Intelligence sources
  • Inquest Labs - Threat intelligence from hundreds of public, private, and internal sources to develop new FDR signatures and rules
  • PhishTank - Collaborative clearing house for data and information about phishing on the Internet
  • IntelOwl - Open Source Intelligence, or OSINT solution to get threat intelligence data about a specific file, an IP or a domain from a single API at scale
  • Lupovis - Analyze and collect data on Internet-wide scans and attacks in real-time. We use this data to identify and classify malicious actors
  • AbuseIPDB - Check the report history of any IP address to see if anyone else has reported malicious activities
  • Sucuri SiteCheck - Check websites for known malware, viruses, blacklisting status, website errors, out-of-date software, and malicious code
  • Spamhaus - Protect and investigate using IP and domain reputation data
  • ThreatBook - One step ahead of your adversary with high-fidelity, efficient and actionable cyber threat intelligence
  • ShadowServer - Nonprofit security organization working altruistically behind the scenes to make the Internet more secure for everyone
  • Team Cymru - Global leader in cyber threat intelligence and attack surface management
  • BeVigil - Search engine for mobile application security testing
  • CIRCL - The Computer Incident Response Center Luxembourg is a government-driven initiative designed to gather, review, report and respond to computer security threats and incidents
  • MetaDefender Cloud - Advanced threat detection and prevention platform
  • Cybersixgill - Threat intelligence platform that provides access to a wide range of cybersecurity information, including dark web monitoring and threat actor analysis
  • Hybrid Analysis - Free malware analysis service for the community that detects and analyzes unknown threats using a unique Hybrid Analysis technology
  • IBM X-Force Exchange - Threat intelligence sharing platform enabling research on security threats, aggregation of intelligence, and collaboration with peers
  • The DFIR Report - Real Intrusions by Real Attackers, The Truth Behind the Intrusion
  • WhoisXMLAPI - Domain & IP Data Intelligence for Greater Enterprise Security
  • APIVoid - Threat analysis centered on IP and Domain reputation, along with additional services

Web History

  • Web Archive - Explore more than 702 billion web pages saved over time
  • Archive.ph - Create a copy of a webpage that will always be up even if the original link is down
  • CachedPages - Get the cached page of any URL
  • stored.website - View cached web pages/website
  • CommonCrawl - Open repository of web crawl data
  • UK Web Archive - Collects millions of websites each year, preserving them for future generations
  • Arquivo - Non-profit service that maintains information published on the web of interest to the Portuguese community
  • Archive-It - An archive of digital government and non-government organization (NGO) documents and reports
  • HAW - Croatian Web Archive

Surveillance cameras

Unclassified

  • NetoGraph - Captures and indexes detailed, low-level snapshots of website behaviour
  • DorkSearch - Speed up your Dorking
  • usersearch.org - Find someone by username or email on Social Networks, Dating Sites, Forums, Crypto Forums, Chat Sites and Blogs
  • Pastebin - Website where you can store text online for a set period of time

Not working / Paused


If you want to propose changes, just open an issue or a pull request.

edoardoottavianelli.it to contact me.