A curated list of awesome search engines useful during Penetration testing, Vulnerability assessments, Red/Blue Team operations, Bug Bounty and more
Go to file
2022-06-30 08:22:39 +02:00
README.md Update README.md 2022-06-30 08:22:39 +02:00

Awesome Hacker Search Engines

A list of search engines useful during Penetration testing, vulnerability assessments, red team operations, bug bounty and more

GeneralServersVulnerabilitiesExploitsAttack surfaceCodeMail addressesDomainsURLsDNSCertificatesWiFi networksDevice InfoCredentialsSocial NetworksPhone numbersThreat IntelligenceWeb History

General Search Engines

Servers

  • Shodan - Search Engine for the Internet of Everything
  • Onyphe.io - Cyber Defense Search Engine for open-source and cyber threat intelligence data
  • ZoomEye - Global cyberspace mapping
  • GreyNoise - The source for understanding internet noise
  • Natlas - Scaling Network Scanning
  • Netlas.io - Discover, Research and Monitor any Assets Available Online
  • FOFA - Cyberspace mapping

Vulnerabilities

  • NIST NVD - National Vulnerability Database
  • MITRE CVE - Identify, define, and catalog publicly disclosed cybersecurity vulnerabilities
  • osv.dev - Open Source Vulnerabilities
  • cloudvulndb.org - The Open Cloud Vulnerability & Security Issue Database
  • Vulners.com - Your Search Engine for Security Intelligence
  • opencve.io - Easiest way to track CVE updates and be alerted about new vulnerabilities
  • security.snyk.io - Open Source Vulnerability Database
  • Rapid7 - DB - Vulnerability & Exploit Database
  • CVEDetails - The ultimate security vulnerability datasource
  • VulnIQ - Vulnerability intelligence and management solution
  • SynapsInt - The unified OSINT research tool
  • Aqua Vulnerability Database - Vulnerabilities and weaknesses in open source applications and cloud native infrastructure

Exploits

  • Exploit-DB - Exploit Database
  • Sploitus - Convenient central place for identifying the newest exploits
  • Rapid7 - DB - Vulnerability & Exploit Database

Attack Surface

  • FullHunt.io - Attack surface database of the entire Internet
  • BynaryEdge - We scan the web and gather data for you
  • Censys - Attack Surface Management Solutions
  • RedHunt Labs - Discover your Attack Surface, Continuously
  • SecurityTrails - The Total Internet Inventory
  • criminalip.io - Cyber Threat Intelligence Search Engine and Attack Surface Management(ASM) platform

Code Search Engines

  • GitHub Code Search
  • grep.app - Search across a half million git repos
  • publicwww.com - Find any alphanumeric snippet, signature or keyword in the web pages HTML, JS and CSS code
  • SearchCode - Search 75 billion lines of code from 40 million projects
  • NerdyData - Find companies based on their website's tech stack or code
  • RepoSearch - Source code search engine that helps you find implementation details, example usages or just analyze code

Mail Addresses

Domains

URLs

DNS

Certificates

WiFi Networks

Device Information

Credentials

Social Networks

These can be useful for osint and social engineering.

Phone Numbers

Threat Intelligence

Web History

Unclassified


If you want to propose changes, just open an issue.