A curated list of search engines useful during penetration testing, vulnerability assessments, red/blue team operations, bug bounties, and more.
FBI Watchdog is a threat intelligence tool that monitors domain DNS changes in real-time, specifically detecting law enforcement seizures (ns1.fbi.seized.gov and ns2.fbi.seized.gov). It alerts users via Telegram and Discord and captures screenshots of seized domains.
Only alerts over Telegram or Discord, though.
Since 2014, Operation Safe Escape has been working with survivors of domestic violence, stalking, and harassment to help them find safety and freedom.
Operation Safe Escape is a 501c3 nonprofit organization, founded in 2016 with a single goal: to make sure that every person impacted by domestic violence has the resources, information, and confidence that they need to leave their abuser and stay safe once they do. We are an organization of security and safety professionals, volunteering our time and expertise to help people stay safe and live their best lives. And we do it all for free. We don’t change you to help you protect yourselves or your clients. We don’t change the people that come to us for help. We don’t make a profit, we’re just here because we want to help. We have experts in computer and mobile device security, forensics, physical security, tech support, OPSEC, OSINT, and online privacy.
We’ve participated in over 3,000 successful escapes, and we’re a trauma informed / survivor-centric organization. Every one of our volunteers have thorough background checks; safety and trust is paramount to us. We have over 100 volunteers with backgrounds in law enforcement, military, technology, advocacy, and other relevant skills that we can provide to your organization. No matter how skilled or knowledgeable the abuser or stalker is, we’re stronger when we all work together.
Sublist3r is a python tool designed to enumerate subdomains of websites using OSINT. It helps penetration testers and bug hunters collect and gather subdomains for the domain they are targeting. Sublist3r enumerates subdomains using many search engines such as Google, Yahoo, Bing, Baidu and Ask. Sublist3r also enumerates subdomains using Netcraft, Virustotal, ThreatCrowd, DNSdumpster and ReverseDNS.
subbrute was integrated with Sublist3r to increase the possibility of finding more subdomains using bruteforce with an improved wordlist. The credit goes to TheRook who is the author of subbrute.
Recon-ng is a full-featured reconnaissance framework designed with the goal of providing a powerful environment to conduct open source web-based reconnaissance quickly and thoroughly.
Recon-ng has a look and feel similar to the Metasploit Framework, reducing the learning curve for leveraging the framework. However, it is quite different. Recon-ng is not intended to compete with existing frameworks, as it is designed exclusively for web-based open source reconnaissance. If you want to exploit, use the Metasploit Framework. If you want to social engineer, use the Social-Engineer Toolkit. If you want to conduct reconnaissance, use Recon-ng! See the Wiki to get started.
Recon-ng is a completely modular framework and makes it easy for even the newest of Python developers to contribute. See the Development Guide for more information on building and maintaining modules.
In the AUR.
This repository is my own list of tools / useful stuff for pentest, defensive activities, programming, lockpicking and physical security (all resources are in English only).
Our toolkit includes satellite and mapping services, tools for verifying photos and videos, websites to archive web pages, and much more. Most of the tools that we include can be used for free. Bellingcat’s Online Investigation Toolkit has a long tradition but our newest version is special: It is offered in collaboration with the Bellingcat volunteer community.
You can also download the tool lists for each category in csv format, or the whole site as a PDF.
NetBlocks is a global internet monitor working at the intersection of digital rights, cybersecurity and internet governance. Independent and non-partisan, NetBlocks strives for an open and inclusive digital future for all.
Seeking to support change through social enterprise, civic engagement and innovation, NetBlocks reports cover topics ranging from internet access, digital policy to energy supply in countries around the world in an accessible and contextualised format. NetBlocks engages with industry, business and standards-setting forums and non-governmental and civil society networks to deliver change for good.
RSS: https://netblocks.org/feed
Reports RSS: https://netblocks.org/reports/feed
I don't know if they have an API or not.
This repository tracks public statements by governments and international organisations on the attribution of state-sponsored hacking incidents or groups. Specifically, Russia, China, Iran, and North Korea.
Sh_d_n is a free, lightweight website for IP and domain enrichment offered by Shodan. It's optimized for performance and size to focus on just doing one thing: fast lookups for specific resources (IPs and domains). The website is powered by Rust, Axum and the SQLite datasets provided by Shodan Enterprise. We're excited to have reduced the size for most of the pages on this website to less than 10kb, including the CSS stylesheet. If you have the stylesheet cached on the browser then most pages are less than 1 kb!
Sh_d_n is available for free with the caveat that the data isn't as fresh as the regular Shodan API/ website and doesn't include all the banner data that the crawlers collect. The underlying SQLite datasets are normally updated daily but Sh_d_n is only updated once a month. If you want fresher data, an API or access to the underlying datasets for extremely fast IP/ domain enrichment then consider checking out the various Shodan offerings.
Blog and monthly digest of Cyber Threat Intelligence (CTI) information sources, tools, articles, events, and helpful tips.
A free political research tool to study more than 100 million voter records.
This repository contains Open Source freely usable Threat Intel feeds that can be used without additional requirements. The file ThreatIntelFeeds.csv is stored in a structured manner based on the Vendor, Description, Category and the URL. The vendors offering ThreatIntelFeeds are described below. The following feed categories are available:
I wrote Trunk Recorder because I was curious about what my local fire station was up to and I put together the original version of OpenMHz because I figured other people might want to listen to the recordings too.
The latest version of this site makes it easy for other people running Trunk Recorder to share their recordings. I am hoping that making it easier to listen to what our local fire, police and EMS have to go through everyday will lead to a greater appreciation for all the work they do, which goes largely unseen.
The audio from each system is archived for 30 days, so you can go back and listen to events you may have missed.
Github: https://github.com/openmhz
A search engine for almost a billion US court cases and records.
REST API: https://www.judyrecords.com/api
(You have to e-mail them and request an API key.)
Get an insight into the inner-workings of a given website: uncover potential attack vectors, analyse server architecture, view security configurations, and learn what technologies a site is using.
Currently the dashboard will show: IP info, SSL chain, DNS records, cookies, headers, domain info, search crawl rules, page map, server location, redirect ledger, open ports, traceroute, DNS security extensions, site performance, trackers, associated hostnames, carbon footprint. Stay tuned, as I'll add more soon!
The aim is to help you easily understand, optimize and secure your website.
Typescript webshit.
IVRE (Instrument de veille sur les réseaux extérieurs) is a network recon framework, including tools for passive and active recon. IVRE can use data from numerous passive sensors and active scanning tools. You can think of it as a self-hosted and fully-controlled alternative to Shodan / ZoomEye / Censys, GreyNoise, and more. In the AUR.
NETINT
EmailRep uses hundreds of factors like domain age, traffic rankings, presence on social media sites, professional networking sites, personal connections, public records, deliverability, data breaches, dark web credential leaks, phishing emails, threat actor emails, and more.
NExfil is an OSINT tool written in python for finding profiles by username. The provided usernames are checked on over 350 websites within few seconds. The goal behind this tool was to get results quickly while maintaining low amounts of false positives.
University of Oregon Route Views Project
The University's Route Views project was originally conceived as a tool for Internet operators to obtain real-time BGP information about the global routing system from the perspectives of several different backbones and locations around the Internet. Although other tools handle related tasks, such as the various Looking Glass Collections (see e.g. TRACEROUTE.ORG), they typically either provide only a constrained view of the routing system (e.g., either a single provider, or the route server) or they do not provide real-time access to routing data.
While the Route Views project was originally motivated by interest on the part of operators in determining how the global routing system viewed their prefixes and/or AS space, there have been many other interesting uses of this Route Views data. For example, NLANR has used Route Views data for AS path visualization and to study IPv4 address space utilization (archive). Others have used Route Views data to map IP addresses to origin AS for various topological studies. CAIDA has used it in conjunction with the NetGeo database in generating geographic locations for hosts, functionality that both CoralReef and the Skitter project support.