awesome-hacker-search-engines/README.md
2022-07-01 08:10:41 +02:00

15 KiB
Raw Blame History

Awesome Hacker Search Engines

A list of search engines useful during Penetration testing, vulnerability assessments, red team operations, bug bounty and more

GeneralServersVulnerabilitiesExploitsAttack surfaceCodeMail addressesDomainsURLsDNSCertificatesWiFi networksDevice InfoCredentialsSocial NetworksPhone numbersThreat IntelligenceWeb History

General Search Engines

Servers

  • Shodan - Search Engine for the Internet of Everything
  • Onyphe.io - Cyber Defense Search Engine for open-source and cyber threat intelligence data
  • ZoomEye - Global cyberspace mapping
  • GreyNoise - The source for understanding internet noise
  • Natlas - Scaling Network Scanning
  • Netlas.io - Discover, Research and Monitor any Assets Available Online
  • FOFA - Cyberspace mapping

Vulnerabilities

  • NIST NVD - National Vulnerability Database
  • MITRE CVE - Identify, define, and catalog publicly disclosed cybersecurity vulnerabilities
  • osv.dev - Open Source Vulnerabilities
  • cloudvulndb.org - The Open Cloud Vulnerability & Security Issue Database
  • Vulners.com - Your Search Engine for Security Intelligence
  • opencve.io - Easiest way to track CVE updates and be alerted about new vulnerabilities
  • security.snyk.io - Open Source Vulnerability Database
  • Rapid7 - DB - Vulnerability & Exploit Database
  • CVEDetails - The ultimate security vulnerability datasource
  • VulnIQ - Vulnerability intelligence and management solution
  • SynapsInt - The unified OSINT research tool
  • Aqua Vulnerability Database - Vulnerabilities and weaknesses in open source applications and cloud native infrastructure

Exploits

  • Exploit-DB - Exploit Database
  • Sploitus - Convenient central place for identifying the newest exploits
  • Rapid7 - DB - Vulnerability & Exploit Database

Attack Surface

  • FullHunt.io - Attack surface database of the entire Internet
  • BynaryEdge - We scan the web and gather data for you
  • Censys - Attack Surface Management Solutions
  • RedHunt Labs - Discover your Attack Surface, Continuously
  • SecurityTrails - The Total Internet Inventory
  • criminalip.io - Cyber Threat Intelligence Search Engine and Attack Surface Management(ASM) platform

Code Search Engines

  • GitHub Code Search
  • grep.app - Search across a half million git repos
  • publicwww.com - Find any alphanumeric snippet, signature or keyword in the web pages HTML, JS and CSS code
  • SearchCode - Search 75 billion lines of code from 40 million projects
  • NerdyData - Find companies based on their website's tech stack or code
  • RepoSearch - Source code search engine that helps you find implementation details, example usages or just analyze code

Mail Addresses

Domains

URLs

DNS

  • DNSDumpster - dns recon & research, find & lookup dns records
  • RapidDNS - dns query tool which make querying subdomains or sites of a same ip easy
  • DNSdb - Passive DNS historical database
  • Omnisint - Reverse DNS lookup
  • HackerTarget - Collect information about IP Addresses, Networks, Web Pages and DNS records
  • passivedns.mnemonic.no - Web interface for querying passive DNS data collected in our malware lab
  • ptrarchive.com - Over 230 billion reverse DNS entries from 2008 to the present
  • dnshistory.org - Domain Name System Historical Record Archive
  • DNSTwister - The anti-phishing domain name search engine and DNS monitoring service
  • DNSviz - Tool for visualizing the status of a DNS zone
  • C99.nl - Over 57 quality API's and growing

Certificates

WiFi Networks

  • Wigle.net - Maps and database of 802.11 wireless networks with statistics

Device Information

Credentials

Social Networks

These can be useful for osint and social engineering.

Phone Numbers

Threat Intelligence

Web History

Unclassified


If you want to propose changes, just open an issue.