In this blog, I am writing about curated websites that are really helpful. I arranged them alphabetically. These search engines are for information gathering about exploits, vulnerabilities, phishing links, malware, fake websites, threat intelligence, dark web, deep web, domains, networks etc. All search engines or websites have their own unique features so explore them and use them according to your need.
 |
| Search Engines for Cyber Security Researchers | Hackers | Threat Hunters | Bug Bounty Hunters | Professionals |
AlienVault: This is a threat intelligence exchange platform which is helpful to search for information about emerging threats, attack methods, malicious actors etc.
Binary Edge: This provides information by scanning, acquiring and classifying public Internet data. This provides scans for real-time running services.
CRT sh: It can gather information about the certificates used on the domain. Data can be searched by Domain Name, Organization Name, Certificate Fingerprint, and crt.sh ID etc.
Censys: It helps to assess the attack surface for internet-connected devices. You can search with IP address, name, protocol etc.
DNSDumpster: It is a free tool to search for DNS records. You can use it in domain recon. This also gives results in graphics for mapping all the findings.
DeHashed: It can be used to search for compromised data from deep-web scans. It gives the facility to search for email, username, IP, phone number, domain name etc. If you want to use Dehashed then you can use it for free after registering with your email ID.
DorkSearch: Google dorks make searches easier so DorkSearch is a fast google dorking tool. It has prebuilt dorks and you also can configure them according to your need.
ExploitDB: It is an exploits archive. You can find Google Hacking Database, exploits, and other juicy information here.
FullHunt: It is an attack surface security platform. You can search here about attack surfaces.
GrayHatWarefare: This can be used to search public buckets.
Grep App: This is used to get information about repositories from the git repositories.
GreyNoise: It is helpful in threat hunting. It can automate threat hunting to discover the TTP of adversaries with the attack telemetry.
Hunter.io: This is helpful to find the email address of various companies and analyze suspicious email addresses.
IntelligenceX: It can be used to search for email, bitcoin addresses, domains, CIDR, URL, TOR, data leaks and I2P etc.
LeakIX: This gives results by combining open reporting and search engine indexing information.
Netlas: This is a non-intrusive Internet Scanner. It can be used to search and monitor internet-connected devices or assets. It provides information on domain names, IP addresses, web applications, IoT etc.
ONYPHE: This is a Cyber Defense Search Engine for threat intelligence. It has categories data scan, datashot, geoloc, inetnum, onionscan, onionshot, pastries, resolver, sniffer, synscan, threatlist, topsite, vulnscan etc.
PolySwarm: It is a crowdsourced threat detection marketplace. It can be used to scan URLs and files for threats.
PublicWWW: It is a source code search engine and can be used to find snippets, signatures or keywords.
Pulsedive: This is a threat intelligence platform. It provides information about URLs, IP addresses, domains etc.
SearchCode: This is also a search engine to search source codes from 40 million projects.
SecurityTrails: It can be used to explore data for internet assets.
Shodan: It is a widely used tool for searching devices connected to the internet. you can add the Shodan extension on chrome for fast domain enumeration.
URL Scan: It can be used to find whether a URL or link is harmful or not. You can search for phishing links.
Vulners: It is an extensive database for vulnerabilities. You can search exploits, CVEs and security articles.
WayBackMachine: It is a web archive. you can search the history of websites, and web pages and what changes have been done even for deleted websites.
Wigle: It is a database of wireless networks. You can see the wireless network on the world map.
I checked these websites (search engines) by myself and found them interesting. If there is any error here kindly let me know and also give your suggestion. Share your experience if you used any search engine and let other people know to strengthen their cyber security and ethical hacking skills.
Thank you.