Skip to main content

Documentation Index

Fetch the complete documentation index at: https://mintlify.com/edoardottt/awesome-hacker-search-engines/llms.txt

Use this file to discover all available pages before exploring further.

Awesome Hacker Search Engines is a community-maintained, open-source reference of 400+ specialized search engines purpose-built for security work. Whether you’re mapping an organization’s external attack surface, hunting for leaked credentials before an adversary finds them, or tracing a threat actor across the open web, this collection brings together the exact tools you need — organized by discipline so you can reach the right resource fast. No installation, no toolchain setup: every entry is a publicly accessible web resource you can use right now.

Who Is This For?

This toolkit is designed for security practitioners across every discipline:
  • Penetration Testers — Enumerate infrastructure, discover misconfigurations, and find exploitable vulnerabilities before an engagement even begins.
  • Bug Bounty Hunters — Rapidly map a program’s attack surface, uncover exposed subdomains, search code repositories for leaked secrets, and verify disclosed findings.
  • OSINT Analysts — Pivot across email addresses, phone numbers, social network profiles, images, and public records with purpose-built investigative tools.
  • Red & Blue Teams — Red teams use these resources to simulate realistic threat-actor reconnaissance; blue teams use the same visibility to understand their exposure and monitor for emerging threats.
  • Vulnerability Researchers — Track CVEs, PoC exploit code, advisories from every major vendor, and active exploitation in the wild — all from a single reference.
  • Threat Intelligence Professionals — Hunt indicators of compromise, analyze malware samples, correlate threat actor infrastructure, and stay ahead of new campaigns.
All tools listed are publicly accessible web resources — no installation required. Always obtain proper written authorization before testing any target. Unauthorized reconnaissance may violate computer crime laws in your jurisdiction.

Browse by Category

Jump directly to the section you need:

Reconnaissance

Servers, domains, DNS, certificates, URLs, and full attack-surface mapping tools — the foundation of any engagement.

Vulnerabilities & Exploits

CVE databases, exploit repositories, PoC code indexes, vendor advisories, and living-off-the-land technique libraries.

OSINT & People

Email address finders, phone lookups, social network search, reverse image search, and people-search aggregators.

Threat Intelligence

Threat actor profiling, malware sample databases, IOC feeds, credential leak monitoring, and web history archives.

Specialized Tools

Code search, Wi-Fi network databases, MAC/device lookup, dark-web hidden services, surveillance cameras, file search, crypto tracking, and vehicle records.

Category Reference

General

The README includes a General Search Engines section listing Google, Bing, Yahoo!, Yandex, DuckDuckGo, Brave, Baidu, Kagi, SearXNG, and more — broadly useful starting points that complement the specialized tools in every category below.

Reconnaissance

CategoryWhat You’ll Find
ServersShodan, Censys, FOFA, ZoomEye, GreyNoise, Netlas, ODIN and more — query every internet-exposed host
Attack SurfaceFullHunt, BinaryEdge, SecurityTrails, RedHunt Labs, Censys ASM — continuous external exposure mapping
DomainsWHOIS, subdomain enumeration, DNS history, BuiltWith, PhoneBook, Omnisint
DNSDNSDumpster, RapidDNS, Chaos, PassiveDNS, DNSTwister, DNSlytics
CertificatesCrt.sh, CertSpotter, Censys Certificates, tls.bufferover.run
URLsURLScan, PhoneBook, HackerTarget, CheckPhish, URLVoid

Vulnerabilities & Exploits

CategoryWhat You’ll Find
VulnerabilitiesNVD, MITRE CVE, GitHub Advisory Database, VulDB, CVEDetails, OSV, Snyk, Vulners
ExploitsExploit-DB, Sploitus, GTFOBins, LOLBAS, Payloads All The Things, HackerOne hacktivity

OSINT & People

CategoryWhat You’ll Find
Email AddressesHunter.io, PhoneBook, IntelligenceX, RocketReach, EmailHippo
Phone NumbersNumLookup, SpyDialer, WhitePages, Truepeoplesearch, SynapsInt
Social NetworksFacebook, LinkedIn, Twitter/X, Reddit, TikTok, and 15+ more
PeopleTruePeopleSearch, Pipl, BeenVerified, Intelius, Whatsmyname, TheOrg
ImagesGoogle/Yandex/Bing reverse image search, FaceCheck.id, PimEyes, TinEye, FotoForensics

Threat Intelligence

CategoryWhat You’ll Find
Threat IntelligenceMITRE ATT&CK, VirusTotal, PulseDive, bazaar.abuse.ch, Hybrid Analysis, Cisco Talos
CredentialsHave I Been Pwned, Dehashed, LeakCheck, CrackStation, WhiteIntel, Hudson Rock
LeaksWikiLeaks, Snusbase, BreachDirectory, Distributed Denial of Secrets, OCCRP Aleph
Web HistoryWayback Machine, Archive.ph, CommonCrawl, CachedPages

Specialized

CategoryWhat You’ll Find
CodeGitHub/GitLab code search, grep.app, SearchCode, PublicWWW, SourceGraph
WiFi NetworksWigle.net, wifimap.io, OpenWiFiMap
Device InformationMAC vendor lookup tools — MACVendorLookup, macaddress.io
Hidden ServicesAHMIA, OnionLand, tor.link — Tor network search engines
Surveillance CamerasInsecam.org, WorldCams, Skylinewebcams, EarthCam
FilesPastebin, files.fm, filesearch.link, SearchFTPs
CryptoChainAbuse, Blockchair, BlockCypher — blockchain intelligence
VehicleFaxVin, EpicVin, AutoCheck, PlatesMania, GOV.UK DVLA lookup

About the Project

Awesome Hacker Search Engines was created and is actively maintained by edoardottt. The project began as a personal reference and grew into one of the most comprehensive, community-driven directories of security search engines available anywhere. It is published under the MIT License, meaning it is fully open source and free to use, share, and build upon. The list is continuously updated as new tools emerge, existing services change, and the broader security tooling landscape evolves. Tools that are confirmed non-functional are moved to a dedicated “Not Working / Paused” section rather than silently removed, so researchers always have an accurate picture of what’s currently active.
This documentation site mirrors the upstream GitHub repository. If a tool you rely on is missing or a link has gone stale, the best path is to open an issue or pull request directly on GitHub.

Contributing

The project thrives on community contributions. If you know of a security search engine that belongs here — or spot an entry that has moved, changed scope, or gone offline — please contribute via the GitHub repository:
All contributions are reviewed before merging. New entries should be publicly accessible, genuinely useful for security research, and accompanied by a short description explaining what the tool does.

Build docs developers (and LLMs) love