awesome-hacker-search-engines/README.md

Awesome Hacker Search Engines

A list of search engines useful during Penetration testing, vulnerability assessments, red team operations, bug bounty and more

General • Servers • Vulnerabilities • Exploits • Attack surface • Code • Mail addresses • Domains • URLs • DNS • Certificates • WiFi networks • Device Info • Credentials • Social Networks • Phone numbers • Threat Intelligence • Web History

General Search Engines

• Google
• Bing
• Yahoo!
• Yandex

Servers

• Shodan - Search Engine for the Internet of Everything
• Onyphe.io - Cyber Defense Search Engine for open-source and cyber threat intelligence data
• ZoomEye - Global cyberspace mapping
• GreyNoise - The source for understanding internet noise
• Natlas - Scaling Network Scanning
• Netlas.io - Discover, Research and Monitor any Assets Available Online
• FOFA - Cyberspace mapping

Vulnerabilities

• NIST NVD - National Vulnerability Database
• MITRE CVE - Identify, define, and catalog publicly disclosed cybersecurity vulnerabilities
• osv.dev - Open Source Vulnerabilities
• cloudvulndb.org - The Open Cloud Vulnerability & Security Issue Database
• Vulners.com - Your Search Engine for Security Intelligence
• opencve.io - Easiest way to track CVE updates and be alerted about new vulnerabilities
• security.snyk.io - Open Source Vulnerability Database
• Rapid7 - DB - Vulnerability & Exploit Database
• CVEDetails - The ultimate security vulnerability datasource
• VulnIQ - Vulnerability intelligence and management solution
• SynapsInt - The unified OSINT research tool
• Aqua Vulnerability Database - Vulnerabilities and weaknesses in open source applications and cloud native infrastructure

Exploits

• Exploit-DB - Exploit Database
• Sploitus - Convenient central place for identifying the newest exploits
• Rapid7 - DB - Vulnerability & Exploit Database

Attack Surface

• FullHunt.io - Attack surface database of the entire Internet
• BynaryEdge - We scan the web and gather data for you
• Censys - Attack Surface Management Solutions
• RedHunt Labs - Discover your Attack Surface, Continuously
• SecurityTrails - The Total Internet Inventory
• criminalip.io - Cyber Threat Intelligence Search Engine and Attack Surface Management(ASM) platform

Code Search Engines

• GitHub Code Search
• grep.app - Search across a half million git repos
• publicwww.com - Find any alphanumeric snippet, signature or keyword in the web pages HTML, JS and CSS code
• SearchCode - Search 75 billion lines of code from 40 million projects
• NerdyData - Find companies based on their website's tech stack or code
• RepoSearch - Source code search engine that helps you find implementation details, example usages or just analyze code

Mail Addresses

• Hunter.io - Find professional email addresses in seconds
• PhoneBook - Lists all domains, email addresses, or URLs for the given input domain
• IntelligenceX - Search engine and data archive
• Reacher.email - Open-Source Email Verification
• RocketReach - Your first-degree connection to any professional
• email-format.com - Find the email address formats in use at thousands of companies
• EmailHippo - Email address verification technology
• ThatsThem - Reverse email lookup
• verify-email.org - Checks whether the mailbox exists or not
• Melissa - Emailcheck - Check email addresses and verify they are live
• VoilaNorbert - I can find anyone's email address
• SynapsInt - The unified OSINT research tool
• skymem.info - Find email addresses of companies and people

Domains

• PhoneBook - Lists all domains, email addresses, or URLs for the given input domain
• IntelligenceX - Search engine and data archive
• Omnisint - Subdomain enumeration
• Riddler - Allows you to search in a high quality dataset
• RobTex - Various kinds of research of IP numbers, Domain names, etc
• CentralOps - DomainDossier - Investigate domains and IP addresses
• DomainIQ - Comprehensive Domain Intelligence
• whois.domaintools.com - Industry’s fastest domain discovery engine and broadest, most accurate data
• grayhatwarfare.com - domains - How to search URLs exposed by Shortener services
• whoisology.com - Deep Connections Between Domain Names & Their Owners
• who.is - WHOIS Search, Domain Name, Website, and IP Tools
• pentest-tools.com - Discover subdomains and determine the attack surface of an organization
• BuiltWith - Find out what websites are Built With
• MoonSearch - Backlinks checker & SEO Report
• sitereport.netcraft.com - Find out the infrastructure and technologies used by any site
• SynapsInt - The unified OSINT research tool
• spyonweb.com - Find out related websites
• statscrop.com - Millions of amazing websites across the web are being analyzed with StatsCrop
• securityheaders.com - Scan your site now
• visualsitemapper.com - Create a visual map of your site
• similarweb.com - The easiest and fastest tool to find out what's really going on online
• buckets.grayhatwarfare.com - Public buckets
• C99.nl - Over 57 quality API's and growing!

URLs

• PhoneBook - Lists all domains, email addresses, or URLs for the given input domain
• IntelligenceX - Search engine and data archive
• URLScan - A sandbox for the web
• HackerTarget - Collect information about IP Addresses, Networks, Web Pages and DNS records
• MOZ Link Explorer - The world's best backlink checker with over 40 trillion links
• shorteners.grayhatwarfare.com - Search URLs exposed by Shortener services

DNS

• DNSDumpster - dns recon & research, find & lookup dns records
• RapidDNS - dns query tool which make querying subdomains or sites of a same ip easy
• DNSdb - Passive DNS historical database
• Omnisint - Reverse DNS lookup
• HackerTarget - Collect information about IP Addresses, Networks, Web Pages and DNS records
• passivedns.mnemonic.no - Web interface for querying passive DNS data collected in our malware lab
• ptrarchive.com - Over 230 billion reverse DNS entries from 2008 to the present
• dnshistory.org - Domain Name System Historical Record Archive
• DNSTwister - The anti-phishing domain name search engine and DNS monitoring service
• DNSviz - Tool for visualizing the status of a DNS zone
• C99.nl - Over 57 quality API's and growing

Certificates

• Crt.sh - Certificate Search
• CTSearch - Certificate Transparency Search Tool
• TLS.BufferOver.run - Quickly find certificates in IPv4 space
• CertSpotter - Monitors your domains for expiring, unauthorized, and invalid SSL certificates
• SynapsInt - The unified OSINT research tool
• Censys - Certificates - Certificates Search

WiFi Networks

• Wigle.net - Maps and database of 802.11 wireless networks with statistics

Device Information

• MAC Vendor Lookup - Look up the vendor for a specific MAC Address
• macvendors.com - Find MAC Address Vendors. Now.
• macaddress.io - MAC address vendor lookup
• maclookup.app - Find the vendor name of a device by entering an OUI or a MAC address

Credentials

• Have I Been Pwned
• Dehashed
• Leak-Lookup
• Snusbase
• LeakCheck.io
• crackstation.net
• breachdirectory.org

Social Networks

These can be useful for osint and social engineering.

• Facebook
• Instagram
• YouTube
• Twitter
• LinkedIn
• Reddit
• Pinterest
• Tumblr
• Flickr
• SnapChat
• Whatsapp
• Quora
• TikTok
• Vimeo
• Medium
• WeChat
• VK
• Weibo
• Tinder

Phone Numbers

• RocketReach
• NumLookup
• WhitePages
• National Cellular Directory
• Phone Validator
• Free Carrier Lookup
• sync.me
• EmobileTracker
• SpyDialer
• Reverse Phone Lookup
• ThatsThem - Reverse phone lookup
• thisnumber.com
• usphonebook.com
• truecaller.com
• truepeoplesearch.com
• SynapsInt
• C99.nl

Threat Intelligence

• PulseDive
• ThreatCrowd
• ThreatMiner
• VirusTotal
• Rescure
• otx.alienvault
• urlquery.net
• bazaar.abuse.ch
• feodotracker.abuse.ch
• sslbl.abuse.ch
• urlhaus.abuse.ch
• threatfox.abuse.ch

Web History

• Web Archive
• Archive.ph
• CachedPages
• stored.website
• CommonCrawl

Unclassified

• NetoGraph
• DNS.BufferOver.run
• Chaos
• PassiveTotal

---

If you want to propose changes, just open an issue.