In the realm of information security and cybersecurity, having the right tools can make all the difference. In this article, we’ll introduce you to 29 indispensable resources that every InfoSec professional should have in their toolkit. From DNS analysis to threat intelligence, these tools are essential for keeping your digital assets secure in today’s ever-changing digital landscape.
1. DeHashed – View Leaked Credentials
DeHashed is a valuable tool for cybersecurity professionals and information security enthusiasts. It allows you to search and view leaked credentials from various data breaches. This resource is essential for assessing the security of your own accounts and monitoring if your organization’s data has been compromised. DeHashed provides critical insights into credential exposure, enabling proactive password changes and improved security.
2. Security Trails – Extensive DNS Data
Security Trails is a comprehensive DNS intelligence platform. It offers an extensive database of DNS data, including historical DNS records, subdomains, and IP address information. This resource is invaluable for cybersecurity experts who need to investigate domain history, identify potential vulnerabilities, or track changes in DNS configurations. Security Trails assists in monitoring your organization’s online footprint and detecting suspicious activities.
Website: Security Trails
3. DorkSearch – Fast Google Dorking
DorkSearch is a rapid Google Dorking tool designed for cyber threat researchers and penetration testers. It enables users to perform efficient Google dork queries to uncover sensitive information exposed on the internet. This resource streamlines the process of finding vulnerable websites, misconfigured servers, and publicly accessible data, making it a valuable asset for cybersecurity assessments and investigations.
4. ExploitDB – Archive of Various Exploits
ExploitDB is a repository of various exploits and vulnerabilities. It serves as a comprehensive reference for cybersecurity professionals seeking to understand and mitigate security risks. This resource provides detailed information about known vulnerabilities and the corresponding exploits. Cybersecurity experts can use ExploitDB to stay informed about emerging threats and vulnerabilities in different software and systems.
5. ZoomEye – Gather Information about Targets
ZoomEye is a powerful search engine for internet-connected devices and services. It allows users to collect information about targets, including open ports, banners, and services running on IP addresses. This resource is instrumental in identifying potential attack surfaces and assessing the security of network assets. Cybersecurity professionals can leverage ZoomEye to enhance their reconnaissance and threat intelligence efforts.
6. Pulsedive – Search for Threat Intelligence
Pulsedive is a comprehensive threat intelligence platform that empowers cybersecurity experts to search for and analyze threat indicators. It offers insights into malware, IP addresses, domains, and other indicators of compromise. Pulsedive is a valuable resource for proactively identifying and mitigating threats, making it an essential tool in the cybersecurity arsenal.
7. GrayHatWarfare – Search Public S3 Buckets
GrayHatWarfare is a specialized search engine that focuses on locating publicly accessible Amazon S3 buckets. This resource is essential for identifying potential data exposure incidents. It helps cybersecurity professionals and researchers discover insecure S3 buckets and notify affected organizations to secure their data properly.
8. PolySwarm – Scan Files and URLs for Threats
PolySwarm is a platform designed to scan files and URLs for potential threats. It leverages a community of security experts and anti-malware engines to analyze and classify suspicious files. Cybersecurity experts can use PolySwarm to quickly assess the safety of files and URLs, making it a valuable tool for threat detection and incident response.
9. Fofa – Search for Various Threat Intelligence
Fofa is a versatile search engine for various threat intelligence sources. It provides access to a wide range of cybersecurity data, including open ports, certificates, and vulnerabilities. Cybersecurity professionals can utilize Fofa to gather valuable intelligence for network security assessments and monitoring.
10. LeakIX – Search Publicly Indexed Information
LeakIX is a resource for searching publicly indexed information. It allows cybersecurity experts to discover exposed databases, servers, and other sensitive information. This tool aids in identifying data leaks and potential security risks, enabling timely mitigation efforts.
11. DNSDumpster – Search for DNS Records Quickly
DNSDumpster is a tool designed for rapidly searching and retrieving DNS records. Cybersecurity professionals can use it to investigate domain-related information, discover subdomains, and identify potential attack vectors. This resource streamlines the process of DNS reconnaissance and aids in assessing the security of domain configurations.
12. FullHunt – Search and Discover Attack Surfaces
FullHunt is a comprehensive platform for searching and discovering attack surfaces. It assists cybersecurity experts in identifying exposed assets, subdomains, and vulnerabilities. This tool is valuable for proactive threat hunting and ensuring robust security measures are in place.
13. AlienVault – Extensive Threat Intelligence Feed
AlienVault, now part of AT&T Cybersecurity, provides an extensive threat intelligence feed. It offers insights into emerging threats, malware, and vulnerabilities. Cybersecurity professionals can leverage AlienVault to stay informed about the latest security trends and enhance their threat detection capabilities.
Website: AlienVault (AT&T Cybersecurity)
14. ONYPHE – Collect Cyber-Threat Intelligence Data
ONYPHE is a platform for collecting cyber-threat intelligence data. It offers a wealth of information on IP addresses, domains, and various cyber threats. This resource is invaluable for cybersecurity experts conducting in-depth threat investigations and intelligence gathering.
15. Grep App – Search Across Git Repositories
Grep App is a powerful search engine for code repositories hosted on Git platforms. It enables cybersecurity professionals and developers to search across a vast number of Git repositories, making it easier to find code snippets, configurations, and vulnerabilities.
Website: Grep App
16. URL Scan – Free Service to Scan and Analyze Websites
URL Scan is a free online service for scanning and analyzing websites. It helps cybersecurity experts assess the security of web pages by identifying potential vulnerabilities and security issues. This tool is particularly useful for web application security testing.
Website: URL Scan
17. Vulners – Search Vulnerabilities in a Large Database
Vulners provides access to a large database of vulnerabilities and security information. Cybersecurity professionals can use it to search for specific vulnerabilities, discover their associated exploits, and stay informed about the latest security threats.
18. WayBackMachine – View Content from Deleted Websites
The WayBackMachine is a digital archive that allows users to view historical versions of websites, including deleted or changed content. It’s a valuable resource for cybersecurity professionals investigating past incidents or tracking changes in online content over time.
19. Shodan – Search for Devices Connected to the Internet
Shodan is a renowned search engine for discovering devices connected to the internet. It provides information on open ports, services, and vulnerabilities of devices and systems worldwide. Cybersecurity experts can utilize Shodan for asset inventory and vulnerability assessment.
20. Netlas – Search and Monitor Internet-Connected Assets
Netlas is a tool for searching and monitoring internet-connected assets. It helps cybersecurity professionals identify and track network infrastructure, domains, and IP addresses. Netlas aids in maintaining a comprehensive view of an organization’s online presence.
21. CRT.sh – Search for Certificates Logged by CT
CRT.sh is a resource for searching certificates that have been logged by Certificate Transparency (CT) logs. Cybersecurity professionals can use it to investigate digital certificates associated with domains, helping in the identification of potential security issues or certificate mismanagement.
22. Wigle – Database of Wireless Networks with Statistics
Wigle is a database of wireless networks with statistical information. Cybersecurity experts can utilize it to gather insights into Wi-Fi network locations, encryption methods, and signal strengths. This resource is valuable for assessing the security of wireless networks and identifying potential vulnerabilities.
23. PublicWWW – Marketing and Affiliate Marketing Research
PublicWWW is a specialized search engine for marketing and affiliate marketing research. It allows users to discover websites using specific web technologies or tracking codes. While primarily used for marketing purposes, cybersecurity professionals can benefit from it to understand the technology stack and tracking mechanisms employed by websites.
24. Binary Edge – Scans the Internet for Threat Intelligence
Binary Edge is a platform that scans the internet for threat intelligence data. It provides insights into exposed assets, vulnerabilities, and historical data. Cybersecurity experts can leverage Binary Edge to proactively identify and mitigate threats in their network environments.
Website: Binary Edge
25. GreyNoise – Search for Devices Connected to the Internet
GreyNoise is a tool for searching devices connected to the internet, focusing on identifying noisy or benign devices. Cybersecurity professionals can use it to filter out non-malicious traffic and focus their attention on potentially malicious activities, aiding in threat detection.
26. Hunter – Search for Email Addresses Belonging to a Website
Hunter is a resource for searching email addresses associated with a website or domain. Cybersecurity experts can use it to identify contact points, gather information for phishing assessments, or investigate potential email-based threats.
27. Censys – Assessing Attack Surface for Internet-Connected Devices
Censys is a platform for assessing the attack surface of internet-connected devices and systems. It provides insights into open ports, SSL/TLS certificates, and vulnerabilities. This resource helps cybersecurity professionals identify and secure potential points of attack.
28. IntelligenceX – Search Tor, 12P, Data Leaks, Domains, and Emails
IntelligenceX is a versatile search engine for Tor, 12P, data leaks, domains, and emails. It offers access to a wide range of cyber threat intelligence sources. Cybersecurity experts can leverage IntelligenceX for comprehensive threat investigations and intelligence gathering.
29. Packet Storm Security – Browse Latest Vulnerabilities and Exploits
Packet Storm Security is a resource for browsing the latest vulnerabilities and exploits. It provides a valuable repository of security-related information. Cybersecurity professionals can use Packet Storm Security to stay updated on emerging threats and vulnerabilities.
Website: Packet Storm Security
Dimitris is an Information Technology and Cybersecurity professional with more than 20 years of experience in designing, building and maintaining efficient and secure IT infrastructures.
Among others, he is a certified: CISSP, CISA, CISM, ITIL, COBIT and PRINCE2, but his wide set of knowledge and technical management capabilities go beyond these certifications. He likes acquiring new skills on penetration testing, cloud technologies, virtualization, network security, IoT and many more.