Hi everyone, welcome to yet another article on cyber security at DataSagar. Today, I’m trying to list as many platforms as possible for cybersecurity researchers. The cybersecurity search engines listed below can be helpful in gathering threat intelligence, identifying vulnerabilities and attack surfaces, and exploring various data sources related to cybersecurity. Each website offers unique features and can help you achieve different goals, depending on your specific needs.
DeHashed (https://dehashed.com)
Access to numerous leaked credentials, such as passwords, usernames, email addresses, and more, is made possible through the search engine DeHashed. It enables users to look up their own data and receive an in-depth report on the data that is readily accessible to the general public. DeHashed is helpful for both individuals who wish to safeguard themselves against potential data breaches and for companies who want to determine whether the information of their employees is secure.
SecurityTrails (https://securitytrails.com)
The cybersecurity search engine SecurityTrails offers a big DNS data collection. It enables users to carry out a wide range of DNS searches, such as reverse DNS lookups, domain IP history, DNS record kinds, and a lot more. Network administrators and security experts that require comprehensive information on the domain name system settings of a website can benefit from SecurityTrails.
DorkSearch (DorkSearch – Speed up your Google Dorking)
Search engine DorkSearch provides quick Google dorking services. By utilizing complex search operators, it enables users to look for hidden content on websites, which can assist them in locating potential security flaws. Hackers, security researchers, and penetration testers who need to locate private information can find it with the help of DorkSearch.
ExploitDB (https://www.exploit-db.com)
An archive of many exploits and vulnerabilities is called ExploitDB. It includes exploit code and tools to help with penetration testing, information on how to exploit various software and operating systems, and both. ExploitDB is helpful for security professionals who need to test their own systems for potential flaws and who want to learn about the most recent exploits and vulnerabilities.
ZoomEye (https://www.zoomeye.org)
ZoomEye is a search engine that allows users to gather information about targets. It can search for various Internet of Things (IoT) devices, servers, websites, and more. ZoomEye is useful for security researchers, penetration testers, and hackers who need to gather information about a specific target to identify potential security vulnerabilities.
Pulsedive (https://pulsedive.com/)
Pulsedive is a search engine that offers a platform to search for threat intelligence. It collects and analyzes data from various sources, including social media, forums, dark web, and more. Pulsedive is useful for security professionals who want to stay up-to-date on the latest threats and vulnerabilities and for those who need to perform threat intelligence analysis.
GrayHatWarfare (https://buckets.grayhatwarfare.com/)
GrayHatWarfare is a search engine that allows users to search for public Amazon S3 buckets. It offers access to various public data that is stored in these buckets. GrayHatWarfare is useful for security researchers, penetration testers, and hackers who need to find sensitive data that is inadvertently exposed on the internet.
PolySwarm (https://polyswarm.io/)
PolySwarm is a platform that allows users to scan files and URLs for threats. It uses various artificial intelligence (AI) and machine learning (ML) technologies to detect malware and other malicious content. PolySwarm is useful for security professionals who need to scan files and URLs for potential threats.
Fofa (https://fofa.so/)
Fofa is a search engine that offers various threat intelligence services. It can search for various Internet-connected devices, services, and software, and provides detailed information about them. Fofa is useful for security professionals who want to gather intelligence on potential targets and for those who need to perform reconnaissance on a specific target. For some reason, I wasn’t able to access the website of fofa so including its company’s GitHub link for your reference.
LeakIX (https://leakix.net/)
LeakIX is a search engine that allows users to search for publicly indexed information. It collects data from various sources, including open databases, web archives, and more. LeakIX is useful for security researchers who need to find information that is publicly available on the internet.
DNSDumpster (https://dnsdumpster.com/)
DNSDumpster is a free web-based tool that provides a quick and easy way to search for DNS records. It allows you to identify subdomains, IP addresses, mail servers, and other information related to a specific domain. This information can be useful for finding potential vulnerabilities and performing reconnaissance.
FullHunt (https://fullhunt.io/)
FullHunt is a search engine that helps you discover and monitor attack surfaces. It allows you to search for subdomains, IP addresses, and other assets related to a specific domain. The tool can also be used to monitor changes to a domain’s attack surface over time.
AlienVault (https://www.alienvault.com/)
AlienVault is a cybersecurity platform that provides extensive threat intelligence feeds. It collects data from a wide range of sources, including its own network of sensors, open-source intelligence, and community contributions. The platform provides real-time threat intelligence and security insights to help organizations protect against cyber threats.
ONYPHE (https://www.onyphe.io/)
ONYPHE is a platform that collects and analyzes cyber threat intelligence data. It provides access to a large database of network data, including IP addresses, domains, and other information related to cybersecurity threats. The platform also offers advanced search capabilities and analytics tools to help organizations identify and mitigate threats.
Grep App (https://grep.app/)
Grep App is a search engine that allows you to search across a half million Git repositories. It provides a quick and easy way to search for code, configurations, and other sensitive information that may have been inadvertently exposed in Git repositories.
URL Scan (https://urlscan.io/)
URL Scan is a free service that allows you to scan and analyze websites. It provides information about a website’s security, including its SSL/TLS certificate, server headers, and potential vulnerabilities. The tool can also be used to identify phishing and malware websites.
Vulners (https://vulners.com/)
Vulners is a search engine that allows you to search for vulnerabilities in a large database. The platform provides access to a wide range of security information, including CVEs, exploits, and security advisories. It also offers a set of tools for analyzing and mitigating security threats.
WayBackMachine (https://web.archive.org/)
WayBackMachine is a digital archive of the World Wide Web. It provides access to over 25 years of archived web pages, including those that may have been deleted or removed from the internet. The platform can be a valuable tool for conducting historical research and forensic investigations.
Shodan (https://www.shodan.io/)
Shodan is a search engine that allows you to search for devices connected to the internet. It provides information about a device’s operating system, software, and other details that can be useful for identifying vulnerabilities and conducting reconnaissance. Shodan is often used by researchers and hackers to discover vulnerable devices and systems.
Netlas (https://netlas.io/)
Netlas is a platform that allows you to search and monitor internet-connected assets. It provides information about domains, IP addresses, and other assets that may be associated with a specific organization or individual. The platform also offers a set of tools for identifying vulnerabilities and mitigating threats.
CRT sh (https://crt.sh/)
CRT sh is a website that allows users to search for SSL/TLS certificates that have been logged by Certificate Transparency (CT) logs. Users can search by domain name, certificate authority, and other criteria to find information about certificates issued for specific domains. This can be useful for identifying potential security issues, such as when a certificate is issued for a domain that is not owned by the entity requesting the certificate.
Wigle (https://wigle.net/)
Wigle is a database of wireless networks that provides statistics on wireless network usage around the world. Users can search for networks by geographic location, SSID, MAC address, and other criteria. Wigle also provides tools for analyzing the data, such as heat maps and signal strength graphs. While Wigle can be used for legitimate purposes, such as network planning and research, it can also be used for nefarious purposes, such as identifying vulnerable networks to exploit.
PublicWWW (https://publicwww.com/)
PublicWWW is a search engine that allows users to search for websites by the code contained in their HTML, CSS, and JavaScript files. This can be useful for marketing and affiliate marketing research, as well as for identifying websites that may contain vulnerabilities or other security issues. PublicWWW provides advanced search options, such as the ability to search for specific keywords or code patterns.
Binary Edge (https://binaryedge.io/)
Binary Edge is a platform that scans the internet for threat intelligence. It provides tools for identifying internet-connected assets, such as IP addresses, domains, and SSL/TLS certificates, as well as for identifying vulnerabilities and other security issues. Binary Edge also provides an API for integrating its data into other tools and platforms.
GreyNoise (https://greynoise.io/)
GreyNoise is a search engine that allows users to search for devices connected to the internet that are generating noise or scanning activity. This can be useful for identifying potential threats, such as when a device is scanning for vulnerable systems to exploit. GreyNoise provides various search filters, such as geographic location and device type, to help users narrow their searches.
Hunter (https://hunter.io/)
Hunter is a search engine that allows users to search for email addresses belonging to a specific domain or company. It can also be used to verify the validity of email addresses and to find email addresses associated with specific individuals. While Hunter can be used for legitimate purposes, such as email marketing, it can also be used for phishing and other nefarious activities.
Censys (https://censys.io/)
Censys is a platform for assessing the attack surface of internet-connected devices. It provides tools for identifying open ports, certificates, and other information about devices connected to the internet. Censys also provides an API for integrating its data into other tools and platforms.
IntelligenceX (https://intelx.io/)
IntelligenceX is a search engine that allows users to search Tor, I2P, data leaks, domains, and emails. It provides tools for identifying and analyzing threat intelligence data, such as malware samples, phishing sites, and compromised credentials. IntelligenceX also provides an API for integrating its data into other tools and platforms.
Packet Storm Security (https://packetstormsecurity.com/)
Packet Storm Security is a website that provides information about the latest vulnerabilities and exploits. It includes a database of vulnerability advisories, exploits, and other security-related information. Users can browse the database by category or search for specific vulnerabilities or exploits.
SearchCode (https://searchcode.com/)
SearchCode is a search engine that allows users to search 75 billion lines of code from 40 million projects. It can be used for legitimate purposes, such as finding code snippets for programming projects or researching open-source software, as well as for security-related purposes such as identifying vulnerabilities in software.
Thanks for getting up to the end of this article. I hope you tried and enjoyed this amazing list of search engines powered by various search algorithms.
Happy Learning!
