DuoLogue Posted November 9, 2022 Share Posted November 9, 2022 All these these sites are free (some include paid options) and I found that they're great for getting into OSINT, CTI, and ethical hacking! - https://shodan.io - https://greynoise.io - https://zoomeye.org - https://hunter.io - https://dehashed.com - https://wdi.rfwel.com/wireless-devices-info (wireless device database) - https://osintframework.com - https://www.exploit-db.com - https://securitytrails.com - https://pulsedive.com - https://grayhatwarfare.com - https://leakix.net - https://dnsdumpster.com - https://fullhunt.io - https://vulners.com - https://alienvault.com - https://intelx.io - https://www.virustotal.com - https://attack.mitre.org - https://auto.pwnspot.com - https://unprotect.it - https://bazaar.abuse.ch If you have any other good links to help people learn, please share! 5 Link to comment Share on other sites More sharing options...
midehyah Posted November 9, 2022 Share Posted November 9, 2022 Thanks for the links, maybe these links can help 😉 - [Ransomware] https://darkfeed.io/ - [Mitre Defend] https://d3fend.mitre.org/ - [Living Off The Land Binaries, Scripts and Libraries] https://lolbas-project.github.io/ - [Threat Intelligence Feeds] https://threatfeeds.io/ 2 Link to comment Share on other sites More sharing options...
DuoLogue Posted November 9, 2022 Author Share Posted November 9, 2022 3 minutes ago, midehyah said: Thanks for the links, maybe these links can help 😉 - [Ransomware] https://darkfeed.io/ - [Mitre Defend] https://d3fend.mitre.org/ - [Living Off The Land Binaries, Scripts and Libraries] https://lolbas-project.github.io/ - [Threat Intelligence Feeds] https://threatfeeds.io/ Those are great! A couple more great ones are: - https://github.com/fastfire/deepdarkCTI (great for finding links to ransomware groups, forums, etc.) - https://dark.fail (great for finding dark net links) 2 Link to comment Share on other sites More sharing options...
Florian Posted November 9, 2022 Share Posted November 9, 2022 https://pimeyes.com/en 1 Link to comment Share on other sites More sharing options...
gilmx Posted November 9, 2022 Share Posted November 9, 2022 https://gtfobins.github.io/ 1 Link to comment Share on other sites More sharing options...
webshell Posted November 9, 2022 Share Posted November 9, 2022 https://app.any.run/ (online malware analysis sandbox) https://urlscan.io (url scan) http://www.visualsitemapper.com/ (Site-mapping) https://scans.io (Stanford's Internet-Wide Scan Data Repository archive) https://dnstwist.it (generates list of permutations based on domain input & checks to see if they are in use/phishing) https://mxtoolbox.com (Analyze email headers/MX lookup) https://securityheaders.com (Analyze HTTP response headers) https://github.com/darkoperator/dnsrecon (DNS enumeration script) https://offshoreleaks.icij.org (repository of offhore companies & trust - useful for investigations) 2 1 Link to comment Share on other sites More sharing options...
webshell Posted November 9, 2022 Share Posted November 9, 2022 Forgot to add this. I really like this list a lot & found it to be incredibly useful when I started out doing investigations: https://www.osinttechniques.com/osint-tools.html 2 Link to comment Share on other sites More sharing options...
legnus Posted November 9, 2022 Share Posted November 9, 2022 Great list! [Recon] https://crt.sh 1 Link to comment Share on other sites More sharing options...
midehyah Posted November 10, 2022 Share Posted November 10, 2022 11 hours ago, legnus said: Great list! [Recon] https://crt.sh This is good too [Recon Cert] https://search.censys.io/certificates?q= 2 Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now