These tools are for educational purposes only. Any malicious or illegal use of these is on the sole responsibility of the operator.
“The world of the future will be an even more demanding struggle against the limitations of our intelligence, not a comfortable hammock in which we can lie down to be waited upon by our robot slaves.”
― Norbert Wiener
- https://dehashed.com/ - provides free deep-web scans and protection against credential leaks. A modern personal asset search engine created for security analysts, journalists, security companies, and everyday people to help secure accounts and provide insight on compromised assets.
- https://securitytrails.com/dns-trails - Data for security companies, researchers and teams who need to drill down, find suspicious changes to DNS records, and prevent future fraudulent or criminal activity.
- https://dorksearch.com/ - faster google dorking, slang for extracting targeted information from search engines
- https://www.exploit-db.com/ - The Exploit Database is a CVE compliant archive of public exploits and corresponding vulnerable software, developed for use by penetration testers and vulnerability researchers.
- https://www.zoomeye.org/discover - ZoomEye is the leader of global cyberspace mapping, China's first and world-renowned cyberspace search engine driven by 404 Laboratory of Knownsec, and also a world-famous cyberspace search engine.
- https://pulsedive.com/ - Pulsedive is a free threat intelligence platform. Search, scan, and enrich IPs, URLs, domains and other IOCs from OSINT feeds or submit your own.
- https://grayhatwarfare.com/ - search public S3 buckets.
- https://polyswarm.io/ - PolySwarm is a launchpad for new technologies and innovative threat detection methods that compete to protect you in real-time. PolySwarm brings them together to help you better detect and respond to emerging threats, the ones that are more likely to go undetected by existing solutions.
- https://github.com/D3Ext/AORT - portscan, email services enumeration, subdomain information gathering, find info in Wayback Machine
- https://leakix.net/ - LeakIX is the first platform combining a search engine indexing public information AND an open reporting platform linked to the results. Intent to provide a preemptive solution by trusting individual researchers and security companies on the most sensible data we index by delivering a clear report on the incidents.
- https://dnsdumpster.com - dns recon and research, find and lookup dns records, DNSdumpster.com is a FREE domain research tool that can discover hosts related to a domain. Finding visible hosts from the attackers perspective is an important part of the security assessment process.
- https://fullhunt.io/ - FullHunt is the attack surface database of the entire Internet.
- https://otx.alienvault.com/ - OTX changed the way the intelligence community creates and consumes threat data. In OTX, anyone in the security community can contribute, discuss, research, validate, and share threat data.
- https://www.onyphe.io/ - ONYPHE is a Cyber Defense Search Engine for open-source and cyber threat intelligence data collected by crawling various sources available on the Internet or by listening to Internet background noise. ONYPHE does correlate this information with data gathered by performing active Internet scanning for connected devices and also by crawling Web site URLs.
- https://grep.app/ - Search across a half million git repos
- https://urlscan.io/ - Website scanner for suspicious and malicious URLs.
- https://vulners.com/ - Security intelligence feeds
- http://web.archive.org/ - The Wayback Machine is an initiative of the Internet Archive, a 501(c)(3) non-profit, building a digital library of Internet sites and other cultural artifacts in digital form.
- https://www.shodan.io/ - Shodan is a search engine that lets users search for various types of servers connected to the internet using a variety of filters. Some have also described it as a search engine of service banners, which are metadata that the server sends back to the client.
- https://netlas.io/ - Netlas.io scans every IPv4 address and crawls every known website and web application utilizing such protocols as HTTP, FTP, SMTP, POP3, IMAP, SMB/CIFS, SSH, Telnet, SQL and others.
- https://crt.sh/ - search for an Identity (Domain Name, Organization Name, etc), a Certificate Fingerprint (SHA-1 or SHA-256) or a crt.sh ID.
- https://www.wigle.net/ - WiGLE is a website for collecting information about the different wireless hotspots around the world. Users can register on the website and upload hotspot data like GPS coordinates, SSID, MAC address and the encryption type used on the hotspots discovered. In addition, cell tower data is uploaded and displayed.
- https://publicwww.com/ - Ultimate solution for digital marketing and affiliate marketing research, PublicWWW allow you to perform searches this way, something that is not possible with other regular search engines.
- https://www.binaryedge.io/ - attack surface management (ASM) tool
- https://www.greynoise.io/ - GreyNoise's internet-wide sensor network passively collects packets from hundreds of thousands of IPs seen scanning the internet every day. Companies like Shodan and Censys, as well as researchers and universities, scan in good faith to help uncover vulnerabilities for network defense. Others scan with potentially malicious intent.
- https://hunter.io/ - Hunter lets you find professional email addresses in seconds and connect with the people that matter for your business. Find email addresses, Enter a domain name to launch the search.
- https://censys.io/ - Censys is a leader in Attack Surface Management solutions. Attack Surface Management (ASM) is the continuous monitoring, discovery, inventory, classification and prioritization of sensitive external assets within an IT organization’s infrastructure.
- https://intelx.io/ - Intelligence X is a search engine and data archive. Search Tor, I2P, data leaks and the public web by email, domain, IP, CIDR, Bitcoin address and more.
- https://packetstormsecurity.com/ - Packet Storm Security is an information security website offering current and historical computer security tools, exploits, and security advisories. It is operated by a group of security enthusiasts that publish new security information and offer tools for educational and testing purposes.
- https://searchcode.com/ - Search 75 billion lines of code from 40 million projects
If you enjoy our work, check out our consumer affordable Yeetum Cloud, ATLAS @ https://cloud.yeetum.com/signup
For business owners & investors, checkout our Business Intelligence and Advisory Group, Eden @ https://yeetum.com/edenClub