Staying ahead in cybersecurity requires constant learning and adaptation. If you’re interested in cybersecurity research, explore the resources outlined below.
DNSdumpster is a free domain research tool that can discover hosts related to a domain. Finding visible hosts from the attackers’ perspective is an important part of the security assessment process.
Exploit Database is a CVE-compliant archive of public exploits and corresponding vulnerable software developed for use by penetration testers and vulnerability researchers. They aim to serve the most comprehensive collection of exploits gathered through direct submissions, mailing lists, and other public sources and present them in a freely-available and easy-to-navigate database.
FullHunt is the attack surface database of the Internet. FullHunt enables companies to discover their attack surfaces, monitor them for exposure, and continuously scan them for the latest security vulnerabilities.
GreyNoise collect, analyze, and label data on IPs that scan the internet and saturate security tools with noise. This unique perspective helps analysts spend less time on irrelevant or harmless activity, and more time on targeted and emerging threats.
Intelligence X differentiates itself from other search engines:
- The search works with selectors, i.e. specific search terms such as email addresses, domains, URLs, IPs, CIDRs, Bitcoin addresses, IPFS hashes, etc.
- It searches in places such as the darknet, document sharing platforms, whois data, public data leaks and others.
- It keeps a historical data archive of results, similar to how the Wayback Machine from archive.org stores historical copies of websites.
Netlas offers a collection of internet intelligence apps that provide accurate technical information on IP addresses, domain names, websites, web applications, IoT devices, and other online assets.
ONYPHE is a cyber defense search engine dedicated to attack surface discovery and attack surface management. They scan the internet and dark web for exposed assets and crawl the links just like a web search engine. Their data is searchable with a web form or directly from numerous APIs.
Searchcode allows you to search 75 billion lines of code from 40 million projects. It helps you find real-world examples of functions, APIs and libraries in 243 languages across 10+ public code sources.
Shodan is a search engine for Internet-connected devices. Discover how internet intelligence can help you make better decisions. The entire Shodan platform (crawling, IP lookups, searching, and data streaming) is available to developers. Use their API to understand whether users connect from a VPN, whether the website you’re visiting has been compromised, and more.
Wigle consolidate location and information of wireless networks world-wide to a central database, and have user-friendly desktop and web applications that can map, query and update the database via the web.
- 12 open-source penetration testing tools you might not know about
- 20 cybersecurity projects on GitHub you should check out
- 8 open-source OSINT tools you should try