Awesome Hacker Search Engines

A curated list of awesome search engines useful during Penetration testing, Vulnerability assessments, Red/Blue Team operations, Bug Bounty and more

General • Servers • Vulnerabilities • Exploits • Attack surface • Code • Mail addresses • Domains • URLs • DNS • Certificates • WiFi networks • Device Info • Credentials • Hidden Services • Social Networks • Phone numbers • Threat Intelligence • Web History • Surveillance cameras

General Search Engines

Servers

Shodan - Search Engine for the Internet of Everything
Censys Search - Search Engine for every server on the Internet to reduce exposure and improve security
Onyphe.io - Cyber Defense Search Engine for open-source and cyber threat intelligence data
ZoomEye - Global cyberspace mapping
GreyNoise - The source for understanding internet noise
Natlas - Scaling Network Scanning
Netlas.io - Discover, Research and Monitor any Assets Available Online
FOFA - Cyberspace mapping
Quake - Cyberspace surveying and mapping system
Hunter - Internet Search Engines For Security Researchers

Vulnerabilities

NIST NVD - National Vulnerability Database
MITRE CVE - Identify, define, and catalog publicly disclosed cybersecurity vulnerabilities
GitHub Advisory Database - Security vulnerability database inclusive of CVEs and GitHub originated security advisories
cloudvulndb.org - The Open Cloud Vulnerability & Security Issue Database
osv.dev - Open Source Vulnerabilities
Vulners.com - Your Search Engine for Security Intelligence
opencve.io - Easiest way to track CVE updates and be alerted about new vulnerabilities
security.snyk.io - Open Source Vulnerability Database
Mend Vulnerability Database - The largest open source vulnerability DB
Rapid7 - DB - Vulnerability & Exploit Database
CVEDetails - The ultimate security vulnerability datasource
VulnIQ - Vulnerability intelligence and management solution
SynapsInt - The unified OSINT research tool
Aqua Vulnerability Database - Vulnerabilities and weaknesses in open source applications and cloud native infrastructure
Vulmon - Vulnerability and exploit search engine
VulDB - Number one vulnerability database
ScanFactory - Realtime Security Monitoring
Trend Micro Zero Day Initiative - Publicly disclosed vulnerabilities discovered by Zero Day Initiative researchers
Google Project Zero - Vulnerabilities including Zero Days
Trickest CVE Repository - Gather and update all available and newest CVEs with their PoC

Exploits

Exploit-DB - Exploit Database
Sploitus - Convenient central place for identifying the newest exploits
Rapid7 - DB - Vulnerability & Exploit Database
Vulmon - Vulnerability and exploit search engine
packetstormsecurity.com - Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
0day.today - Ultimate database of exploits and vulnerabilities
LOLBAS - Living Off The Land Binaries, Scripts and Libraries
GTFOBins - Curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems
Payloads All The Things - A list of useful payloads and bypasses for Web Application Security
XSS Payloads - The wonderland of JavaScript unexpected usages, and more
exploitalert.com - Database of Exploits
Reverse Shell generator - Online Reverse Shell generator with Local Storage functionality, URI & Base64 Encoding, MSFVenom Generator, and Raw Mode
HackerOne hacktivity - See the latest hacker activity on HackerOne
Bugcrowd Crowdstream - Showcase of accepted and disclosed submissions on Bugcrowd programs
GTFOArgs - Curated list of Unix binaries that can be manipulated for argument injection
shell-storm.org/shellcode - Shellcodes database for study cases
Hacking the Cloud - Encyclopedia of the attacks/tactics/techniques that offensive security professionals can use on their next cloud exploitation adventure
LOLDrivers - Open-source project that brings together vulnerable, malicious, and known malicious Windows drivers

Attack Surface

FullHunt.io - Attack surface database of the entire Internet
BinaryEdge - We scan the web and gather data for you
Censys ASM - Attack Surface Management Solutions
RedHunt Labs - Discover your Attack Surface, Continuously
SecurityTrails - The Total Internet Inventory
overcast-security.com - We make tracking your external attack surface easy
IPInfo.io - The trusted source for IP address data
IPData.co - IP Geolocation and Threat Intelligence API
NetworksDB - information about the public IPv4 and IPv6 addresses, networks and domains owned by companies and organisations across the world
ASNlookup - Quickly lookup updated information about specific Autonomous System Number (ASN), Organization, CIDR, or registered IP addresses (IPv4 and IPv6) among other relevant data
BGPtools - Browse the Internet ecosystem
BGPview - Debug and investigate information about IP addresses, ASN, IXs, BGP, ISPs, Prefixes and Domain names
BigDataCloud - The API provides comprehensive location and network data
RADb - The world's largest public routing registry
Deepinfo - Empower your security with the most comprehensive Internet data
Detectify - Complete External Attack Surface Management

Code Search Engines

GitHub Code Search - Search globally across all of GitHub, or scope your search to a particular repository or organization
GitLab Code Search - Advanced search for faster, more efficient search across the entire GitLab instance
Sourceforge - Complete Open-Source and Business Software Platform
grep.app - Search across a half million git repos
publicwww.com - Find any alphanumeric snippet, signature or keyword in the web pages HTML, JS and CSS code
SearchCode - Search 75 billion lines of code from 40 million projects
NerdyData - Find companies based on their website's tech stack or code
RepoSearch - Source code search engine that helps you find implementation details, example usages or just analyze code
SourceGraph - Understand and search across your entire codebase
HotExamples - Search code examples from over 1 million projects
WP Directory - Lightning fast regex searching of code in the WordPress Plugin and Theme Directories
GitHub Gists - Instantly share code, notes, and snippets
CodeBerg - Collaboration platform and Git hosting for free and open source software, content and projects
Fedora Pagure - Open Source software code hosting system
LaunchPad - Software collaboration platform that provides: Bug tracking, Code hosting, Code reviews, Ubuntu package building and hosting, Translations...
repo.or.cz - Public Git hosting site
gitorious.org - Read-only mirror of the former gitorious.org code hosting website
Sourcehut - Collection of tools useful for software development
android.googlesource.com - Git repositories on android
deps.dev - Service developed and hosted by Google to help developers better understand the structure, construction, and security of open source software packages

Mail Addresses

Hunter.io - Find professional email addresses in seconds
PhoneBook - Lists all domains, email addresses, or URLs for the given input domain
IntelligenceX - Search engine and data archive
Reacher.email - Open-Source Email Verification
RocketReach - Your first-degree connection to any professional
email-format.com - Find the email address formats in use at thousands of companies
EmailHippo - Email address verification technology
ThatsThem - Reverse email lookup
verify-email.org - Checks whether the mailbox exists or not
Melissa - Emailcheck - Check email addresses and verify they are live
VoilaNorbert - I can find anyone's email address
SynapsInt - The unified OSINT research tool
skymem.info - Find email addresses of companies and people
findemails.com - Find Anyone's Email Address in Seconds
Experte email finder - Find the right email address, even if you only know the name and the company

Domains

PhoneBook - Lists all domains, email addresses, or URLs for the given input domain
IntelligenceX - Search engine and data archive
Omnisint - Subdomain enumeration
Riddler - Allows you to search in a high quality dataset
RobTex - Various kinds of research of IP numbers, Domain names, etc
CentralOps - DomainDossier - Investigate domains and IP addresses
DomainIQ - Comprehensive Domain Intelligence
whois.domaintools.com - Industry’s fastest domain discovery engine and broadest, most accurate data
grayhatwarfare.com - domains - How to search URLs exposed by Shortener services
whoisology.com - Deep Connections Between Domain Names & Their Owners
who.is - WHOIS Search, Domain Name, Website, and IP Tools
pentest-tools.com - Discover subdomains and determine the attack surface of an organization
BuiltWith - Find out what websites are Built With
MoonSearch - Backlinks checker & SEO Report
sitereport.netcraft.com - Find out the infrastructure and technologies used by any site
SynapsInt - The unified OSINT research tool
spyonweb.com - Find out related websites
statscrop.com - Millions of amazing websites across the web are being analyzed with StatsCrop
securityheaders.com - Scan your site now
visualsitemapper.com - Create a visual map of your site
similarweb.com - The easiest and fastest tool to find out what's really going on online
buckets.grayhatwarfare.com - Public buckets
C99.nl - Over 57 quality API's and growing!
wannabe1337.xyz - Online Tools
subdomainfinder.c99.nl - Scanner that scans an entire domain to find as many subdomains as possible
AnubisDB - Subdomain enumeration and information gathering tool
WhoisXMLAPI - Domain & IP Data Intelligence for Greater Enterprise Security
HypeStat - Free statistics and analytics service, where you can find information about every website
Private Key Project - Information security tools from Private Key Project
SiteDossier - Profiles for millions of sites on the web
SpyOnWeb - Quick and convenient search for the websites that probably belong to the same owner

URLs

PhoneBook - Lists all domains, email addresses, or URLs for the given input domain
IntelligenceX - Search engine and data archive
URLScan - A sandbox for the web
HackerTarget - Collect information about IP Addresses, Networks, Web Pages and DNS records
MOZ Link Explorer - The world's best backlink checker with over 40 trillion links
shorteners.grayhatwarfare.com - Search URLs exposed by Shortener services
CommonCrawl Index - Open repository of web crawl data

DNS

DNSDumpster - dns recon & research, find & lookup dns records
Chaos - Enhance research and analyse changes around DNS for better insights
RapidDNS - dns query tool which make querying subdomains or sites of a same ip easy
DNSdb - Passive DNS historical database
Omnisint - Reverse DNS lookup
HackerTarget - Collect information about IP Addresses, Networks, Web Pages and DNS records
passivedns.mnemonic.no - Web interface for querying passive DNS data collected in our malware lab
ptrarchive.com - Over 230 billion reverse DNS entries from 2008 to the present
dnshistory.org - Domain Name System Historical Record Archive
DNSTwister - The anti-phishing domain name search engine and DNS monitoring service
DNSviz - Tool for visualizing the status of a DNS zone
C99.nl - Over 57 quality API's and growing
wannabe1337.xyz - Online Tools
DNSlytics - Find out everything about a domain name, IP address or provider
dnsrepo.noc.org - DNS Database Repository Search
DNSSpy - Monitor, validate and verify your DNS configurations
ZETAlytics - We offer unrivalled geographic diversity and exclusive global network visibility in searchable datasets for use by cyber security analysts
AskDNS - Lookup Connected Domain Names and IP Addresses
360 PassiveDNS.CN - Biggest public available db in China designed for security and research purpose

Certificates

Crt.sh - Certificate Search
CTSearch - Certificate Transparency Search Tool
tls.bufferover.run - Quickly find certificates in IPv4 space
CertSpotter - Monitors your domains for expiring, unauthorized, and invalid SSL certificates
SynapsInt - The unified OSINT research tool
Censys Search - Certificates - Certificates Search
ciphersuite.info - TLS Ciphersuite Search. Search for a particular cipher suite by using IANA, OpenSSL or GnuTLS name format
certificatedetails - Online certificate viewer. Inspect and dowload certificates from your browser
FacebookCT - Search for certificates issued for a given domain and subscribe to notifications from Facebook regarding new certificates

WiFi Networks

Wigle.net - Maps and database of 802.11 wireless networks with statistics
wifimap.io - Connect to all Free WiFi Hotspots using WiFi Map App all over the World!
wificafespots.com - Free WiFi Cafe Spots
wifispc.com - Free map of Wi-Fi passwords anywhere you go!
openwifimap.net - HTML5 map with OpenWiFiMap data
mylnikov.org - Public API implementation of Wi-Fi Geo-Location database

Device Information

MAC Vendor Lookup - Look up the vendor for a specific MAC Address
macvendors.com - Find MAC Address Vendors. Now
macaddress.io - MAC address vendor lookup
maclookup.app - Find the vendor name of a device by entering an OUI or a MAC address

Credentials

Have I Been Pwned - Check if your email or phone is in a data breach
Dehashed - Free deep-web scans and protection against credential leaks
Leak-Lookup - Search across thousands of data breaches
Snusbase - Stay on top of the latest database breaches
LeakCheck.io - Make sure your credentials haven't been compromised
crackstation.net -Massive pre-computed lookup tables to crack password hashes
breachdirectory.org - Check if your information was exposed in a data breach
BreachForums - Breaches, Data leaks, databases and more
Siph0n Breach DB (onionsite) - Breaches, Data leaks, Exploits
HashKiller - Pre-cracked Hashes, easily searchable

Hidden Services

AHMIA - Search hidden services on the Tor network
thehiddenwiki.org - The darknet guide
tor.link - Free anonymous deepweb / Darknet search engine
deepweblinks.net - Onion Links
onionengine.com - A search engine for services accessible on the Tor network
OnionLand - Discover Hidden Services and access to Tor's onion sites

Social Networks

These can be useful for osint and social engineering.

Phone Numbers

NumLookup - Free reverse phone lookup
SpyDialer - Free Reverse Lookup Search
WhitePages - Find people, contact info & background checks
National Cellular Directory - Begin your comprehensive people search now
Phone Validator - Is it a cell phone or is it a landline or is it a fake?
Free Carrier Lookup - Enter a phone number and we'll return the carrier name
RocketReach - Your first-degree connection to any professional
sync.me - Find out who called
EmobileTracker - Track Mobile Owner Name, Location and Mobile Service Provider
Reverse Phone Lookup - Find Out The Owner Of A Phone Number
ThatsThem - Reverse phone lookup
thisnumber.com - International Phone Directories
usphonebook.com - Free Reverse Phone Number Lookup
truepeoplesearch.com - Get current address, cell phone number, email address, relatives, friends and a lot more
Tellows - Who is calling? The phone number reverse search
SynapsInt - The unified OSINT research tool
C99.nl - Over 57 quality API's and growing

Threat Intelligence

MITRE ATT&CK - Globally-accessible knowledge base of adversary tactics and techniques
PulseDive - Threat intelligence made easy
ThreatCrowd - A Search Engine for Threats
ThreatMiner - Data Mining for Threat Intelligence
VirusTotal - Analyze suspicious files, domains, IPs and URLs to detect malware and other breaches
vx-underground.org - The largest collection of malware source code, samples, and papers on the internet
bazaar.abuse.ch - Malware sample database
feodotracker.abuse.ch - List of botnet Command&Control servers
sslbl.abuse.ch - All malicious SSL certificates
urlhaus.abuse.ch - Propose new malware urls
threatfox.abuse.ch - Indicator Of Compromise (IOC) database
yaraify.abuse.ch - Scan suspicious files such as malware samples or process dumps against a large repository of YARA rules
Rescure - Curated cyber threat intelligence for everyone
otx.alienvault - The World's First Truly Open Threat Intelligence Community
urlquery.net - Service for detecting and analyzing web-based malware
socradar.io - Extension to your SOC team
VirusShare - System currently contains 48 million malware samples
WikiLeaks - News leaks and classified media provided by anonymous sources
PassiveTotal - Security intelligence that scales security operations and response
malapi.io - Windows APIs used for malicious purposes
filesec.io - Latest file extensions being used by attackers
leakix.net - Search engine indexing public information and an open reporting platform linked to the results
tria.ge - Fully automated solution for high-volume malware analysis using advanced sandboxing technology
Polyswarm - Launchpad for new technologies and innovative threat detection methods
Cisco Talos - The threat intelligence organization at the center of the Cisco Security portfolio
scamsearch.io - Find your scammer online & report them
CyberCampaigns - Threat Actor information and Write-Ups
ORKL - The Community Driven Cyber Threat Intelligence Library
Maltiverse - Data from more than 100 different Threat Intelligence sources
Inquest Labs - Threat intelligence from hundreds of public, private, and internal sources to develop new FDR signatures and rules
PhishTank - Collaborative clearing house for data and information about phishing on the Internet
IntelOwl - Open Source Intelligence, or OSINT solution to get threat intelligence data about a specific file, an IP or a domain from a single API at scale
Lupovis - Analyze and collect data on Internet-wide scans and attacks in real-time. We use this data to identify and classify malicious actors
AbuseIPDB - Check the report history of any IP address to see if anyone else has reported malicious activities
Sucuri SiteCheck - Check websites for known malware, viruses, blacklisting status, website errors, out-of-date software, and malicious code
Spamhaus - Protect and investigate using IP and domain reputation data
ThreatBook - One step ahead of your adversary with high-fidelity, efficient and actionable cyber threat intelligence
ShadowServer - Nonprofit security organization working altruistically behind the scenes to make the Internet more secure for everyone
Team Cymru - Global leader in cyber threat intelligence and attack surface management
BeVigil - Search engine for mobile application security testing
CIRCL - The Computer Incident Response Center Luxembourg is a government-driven initiative designed to gather, review, report and respond to computer security threats and incidents

Web History

Web Archive - Explore more than 702 billion web pages saved over time
Archive.ph - Create a copy of a webpage that will always be up even if the original link is down
CachedPages - Get the cached page of any URL
stored.website - View cached web pages/website
CommonCrawl - Open repository of web crawl data
UK Web Archive - Collects millions of websites each year, preserving them for future generations
Arquivo - Non-profit service that maintains information published on the web of interest to the Portuguese community
Archive-It - An archive of digital government and non-government organization (NGO) documents and reports
HAW - Croatian Web Archive

Surveillance cameras

Insecam.org - The world biggest directory of online surveillance security cameras

Unclassified

NetoGraph - Captures and indexes detailed, low-level snapshots of website behaviour
DorkSearch - Speed up your Dorking
usersearch.org - Find someone by username or email on Social Networks, Dating Sites, Forums, Crypto Forums, Chat Sites and Blogs
Pastebin - Website where you can store text online for a set period of time

Not working / Paused

DNS.BufferOver.run

If you want to propose changes, just open an issue or a pull request.

edoardoottavianelli.it to contact me.

mbelsis/awesome-hacker-search-engines