whitehatwiz.com

Logo PNG
Instagram
Information Gathering Tools for Ethical Hackers (Search Engine)

Information Gathering Tools for Ethical Hackers (Search Engine)

There are a total of 8 types of search engines for the cybersecurity analyst given below. These are very well-known tools for the security analyst.

Server-based

  1. Netlas.io – A platform to discover, research, and monitor any assets available online
  2. Onyphe.io – A Cyber Defense Search Engine that provides open-source and cyber threat intelligence data
  3. Censys Search – A search engine for every server on the Internet, aimed at reducing exposure and improving security
  4. Shodan – An Internet of Everything search engine
  5. FOFA – A cyberspace mapping tool
  6. GreyNoise – A valuable resource for understanding internet noise
  7. ZoomEye – A global cyberspace mapping tool
  8. Natlas – A network scanning tool designed for scalability

Exploit search engine

  1. Exploit-DB – Comprehensive database of exploits
  2. Vulmon – Search engine for vulnerabilities and exploits
  3. Rapid7 – Vulnerability & Exploit Database
  4. Sploitus – Platform for identifying the latest exploits
  5. packetstormsecurity.com – Provider of Information Security Services, News, Files, Tools, Advisories, and Whitepapers
  6. XSS Payloads – Collection of unexpected JavaScript usages and more
  7. 0day.today – Extensive database of exploits and vulnerabilities
  8. GTFOBins – Curated list of Unix binaries for bypassing local security restrictions
  9. LOLBAS – Repository of Living Off The Land Binaries, Scripts, and Libraries
  10. Payloads All The Things – Compilation of useful payloads and bypasses for Web Application Security
  11. exploitalert.com – Repository of Exploits

Web history search engine

  1. UK Web Archive – Preserving millions of websites annually for future generations
  2. stored.website – Platform to view cached web pages and websites
  3. Archive.ph – Creating permanent copies of web pages for uninterrupted access
  4. CommonCrawl – Open repository of web crawl data for public use
  5. Web Archive – Access a vast collection of over 702 billion saved web pages
  6. CachedPages – Retrieving cached versions of any URL


Search engine for Devices

  1. MAC Vendor Lookup – Identify the vendor associated with a specific MAC Address
  2. macvendors.com – Instant MAC Address Vendors lookup service
  3. macaddress.io – Lookup MAC address vendors and associated details
  4. maclookup.app – Discover the vendor name of a device using OUI or MAC address

Phone book for information gathering

  1. PhoneBook: Lists all domains, email addresses, or URLs for the given input domain.
  2. IntelligenceX: A search engine and data archive.
  3. URLScan: A sandbox for the web.
  4. HackerTarget: Collects information about IP Addresses, Networks, Web Pages, and DNS records.
  5. MOZ Link Explorer: The world’s best backlink checker with over 40 trillion links.
  6. shorteners.grayhatwarfare.com: Search URLs exposed by Shortener services.
  7. CommonCrawl Index: An open repository of web crawl data

Information gathering tools for threat hunting

  1. VirusTotal – Analyze suspicious files, domains, IPs and URLs to detect malware and other breaches
  2. CyberCampaigns – Threat Actor information and Write-Ups
  3. bazaar.abuse.ch – Malware sample database
  4. ThreatCrowd – A Search Engine for Threats
  5. Rescure – Curated cyber threat intelligence for everyone
  6. PulseDive – Threat intelligence made easy
  7. otx.alienvault – The World’s First Truly Open Threat Intelligence Community
  8. urlquery.net – Service for detecting and analyzing web-based malware
  9. PassiveTotal – Security intelligence that scales security operations and response
  10. leakix.net – Search engine indexing public information and an open reporting platform linked to the results
  11. malapi.io – Windows APIs used for malicious purposes
  12. ThreatMiner – Data Mining for Threat Intelligence
  13. VirusShare – System currently contains 48 million malware samples
  14. Polyswarm – Launchpad for new technologies and innovative threat detection methods
  15. urlhaus.abuse.ch – Propose new malware URLs
  16. sslbl.abuse.ch – All malicious SSL certificates
  17. socradar.io – Extension to your SOC team
  18. WikiLeaks – News leaks and classified media provided by anonymous sources
  19. Cisco Talos – The threat intelligence organization at the center of the Cisco Security portfolio
  20. MITRE ATT&CK – Globally-accessible knowledge base of adversary tactics and techniques
  21. vx-underground.org – Malware library
  22. scamsearch.io – Find your scammer online & report them
  23. feodotracker.abuse.ch – List of botnet Command&Control servers
  24. tria.ge – Fully automated solution for high-volume malware analysis using advanced sandboxing technology
  25. yaraify.abuse.ch – Scan suspicious files such as malware samples or process dumps against a large repository of YARA rules
  26. threatfox.abuse.ch – Indicator Of Compromise (IOC) database

Dns Info tools

  1. Chaos – Enhance research and analyze changes around DNS for better insights
  2. DNSDumpster – DNS recon & research, find & lookup DNS records
  3. RapidDNS – DNS query tool which makes querying subdomains or sites of the same IP easy
  4. passivedns.mnemonic.no – Web interface for querying passive DNS data collected in our malware lab
  5. DNSTwister – The anti-phishing domain name search engine and DNS monitoring service
  6. ptrarchive.com – Over 230 billion reverse DNS entries from 2008 to the present
  7. HackerTarget – Collect information about IP Addresses, Networks, Web Pages, and DNS records
  8. DNSviz – Tool for visualizing the status of a DNS zone
  9. DNSTwister – The anti-phishing domain name search engine and DNS monitoring service
  10. DNSdb – Passive DNS historical database
  11. dnshistory.org – Domain Name System Historical Record Archive
  12. wannabe1337.xyz – Online Tools
  13. Omnisint – Reverse DNS lookup
  14. C99.nl – Over 57 quality APIs and growing
  15. PassiveTotal – Security intelligence that scales security operations and response

Search engine for Mail Addresses

  1. IntelligenceX – Search engine and data archive
  2. PhoneBook – Lists all domains, email addresses, or URLs for the given input domain
  3. Hunter.io – Find professional email addresses in seconds
  4. Reacher.email – Open-Source Email Verification
  5. EmailHippo – Email address verification technology
  6. Email-format.com – Find the email address formats in use at thousands of companies
  7. Melissa – Emailcheck – Check email addresses and verify they are live
  8. verify-email.org – Checks whether the mailbox exists or not
  9. RocketReach – Your first-degree connection to any professional
  10. ThatsThem – Reverse email lookup
  11. SynapsInt – The unified OSINT research tool
  12. VoilaNorbert – I can find anyone’s email address
  13. skymem.info – Find email addresses of companies and people
  14. findemails.com – Find Anyone’s Email Address in Seconds