Here is a list of search engines that can be used by Security Researchers.
Table Format
| Name | Description | URL |
| Shodan | Search for devices connected to the internet | https://www.shodan.io/ |
| WayBackMachine | View content from deleted websites or take a deep dive into the history of the web | https://web.archive.org/ |
| URL Scan | Free service to scan and analyse websites | https://urlscan.io/ |
| Netlas | Search and monitor internet connected assets | https://netlas.io/ |
| GreyNoise | Search for devices connected to the internet | https://www.greynoise.io/ |
| VirusTotal | Analyse suspicious files, domains, IPs, and URLs to detect malware | https://www.virustotal.com/gui/home/upload |
| Wigle | Database of wireless networks, with statistics | https://www.wigle.net/ |
| Vulners | Search for vulnerabilities in a large database | https://vulners.com/ |
| Subdomain Finder | A subdomain finder is a tool used to find the subdomains of a given domain. | https://subdomainfinder.c99.nl/ |
| ONYPHE | Collects cyber-threat intelligence data | https://www.onyphe.io/ |
| FullHunt | Search and discovery attack surfaces | https://fullhunt.io/ |
| GrepApp | Search across a half million git repos | https://grep.app/ |
| GreyHatWarfare | Search public S3 buckets | https://grayhatwarfare.com/ |
| AlienVault | Open Threat Intelligence Community | https://otx.alienvault.com/ |
| TinEye | Reverse Image Search | https://tineye.com/ |
| CRT sh | Search for certs that have been logged by CT | https://crt.sh/ |
| BinaryEdge | Scans the internet for threat intelliegence | https://www.binaryedge.io/ |
| OSINT Framework | OSINT (Open Source Intelligence) Framework website, some links don’t work anymore but it’s still a good website | https://osintframework.com/ |
| LeakIX | Search publicly indexed information | https://leakix.net/ |
| Hunter.io | Search for email addresses belonging to a website | https://hunter.io/ |
| IntelligenceX | Search Tor, I2P, Data Leaks, Domains and Emails | https://intelx.io/ |
| DNSDumpster | DNS Recon & Research, Find & Lookup DNS Records | https://dnsdumpster.com/ |
| ZoomEye | Zoomeye uses maps to collect data and analyze fingerprints from open devices and web services. | https://www.zoomeye.org/ |
| DorkSearch | You can use DorkSearch to find prebuilt templates for different types of Google Dorks. | https://dorksearch.com/ |
| Dehashed | View leaked credentials | https://www.dehashed.com/ |
| 0DAY.today? | Find 0day exploits | https://0day.today/ |
| SecurityTrails | Extensive DNS data | https://securitytrails.com/ |
| PolySwarm | Scan files and URLs for threats | https://polyswarm.io/ |
| Criminal IP | Search for the information connected to the public internet | https://www.criminalip.io/ |
| PublicWWW | Marketing and affiliate marketing research | https://publicwww.com/ |
| Phonebook.cz | Phonebook lists all domains, email addresses, or URLs for the given input domain | https://phonebook.cz/ |
| Censys | Assessing attack surface for internet connected devices | https://search.censys.io/ |
| Fofa | Search for various threat intelligence | https://en.fofa.info/ |
| PulseDive | Search for threat intelligence | https://pulsedive.com/ |
| CVE | The CVE website was created to identify, define, and catalog publicly disclosed cybersecurity vulnerabilities | https://cve.mitre.org/ |
| Threatcops | SINT (Open Source Intelligence) website, a good website for the osint base research it made special for the cops (Police) uses | https://threatcops.com/ |
| SeachCode | A search engine that indexes and searches source code and documentation is searchcode. | https://searchcode.com/ |
| ExploitDB | Archive of Various Exploits | https://www.exploit-db.com/ |
| FotoForensics | we can do the live image forensic online | https://fotoforensics.com/ |
| Packet Storm Security | Browse the latest vulnerabilities and exploits | https://packetstormsecurity.com/ |
MindMap
