Skip to main content

Tools, OSINT & Open Source

๐Ÿ”Ž OSINT & Data Discovery Tools

These tools are useful for uncovering publicly accessible information, exposed data, malware indicators, code leaks, documents, and file indexing across the internet.

๐Ÿ—ƒ๏ธ Paste, Code, and Source Scanning

  • psbdmp โ€“ Largest archive of leaked {paste} dumps from pastebin-style sites.
  • Search-Pastebin โ€“ Google CSE-powered meta-search across 33 paste sites.
  • RedHuntlabs Online IDE Search โ€“ Search keywords across online IDEs, code sharing platforms, and pastebins.
  • NerdyData โ€“ Find websites using specific technologies or HTML/JavaScript code.
  • Publicwww โ€“ Source code search engine indexing 480+ million pages.
  • CybDetective Code Search โ€“ Custom search across 20+ code hosting platforms.
  • grep.app โ€“ Fast regex-capable search engine for 500k+ Git repos.
  • searchcode โ€“ Search 75 billion lines of code from 40 million public projects.

๐Ÿ“ File & Directory Indexing

  • Open Directory Search Tool โ€“ Search files in unprotected open directories.
  • Mamont FTP โ€“ Largest public FTP search engine.
  • NAPALM FTP Indexer โ€“ Index of over 894 million FTP files across thousands of servers.
  • DeDigger โ€“ Discover publicly shared files in Google Drive.
  • UVRX โ€“ Search files from older hosting sites (e.g., Mega, Mediafire, Zshare).

๐Ÿ“š Document & Content Discovery

  • PDF Drive โ€“ Download from a library of over 75 million free PDFs.
  • SlideShare โ€“ Explore millions of user-submitted presentations.
  • Scribd โ€“ Document repository with 195+ million user-uploaded files.

๐Ÿงช Threat Intelligence & IOC Lookup

  • VirusTotal โ€“ Multi-engine scanner and IOC search platform for files, hashes, domains, and URLs.
  • Shodan โ€“ Search engine for internet-connected devices and exposed systems.
  • YARAify โ€“ Run YARA rules across a large malware sample dataset.
  • ThreatFox โ€“ Community-driven IOC feed focused on current threats.
  • URLhaus โ€“ Malicious URL tracker and database.
  • Feodo Tracker โ€“ Monitor and block IPs related to Feodo/Bugat/Dridex botnets.
  • SSL Blacklist โ€“ Collection of blacklisted SSL certificates and JA3 fingerprints.
  • MalwareBazaar โ€“ Repository for sharing malware samples.
  • AbuseIPDB โ€“ Check and report malicious or abusive IP addresses.
  • Cisco Talos Intelligence โ€“ Lookup IPs, domains, file hashes, and view threat intelligence data.
  • CyberChef โ€“ Powerful web-based tool for data transformation, decoding, and analysis.
  • AlienVault OTX โ€“ Threat sharing platform with global IOC and pulse feeds.
  • Redirect Detective โ€“ Analyze and visualize HTTP redirects for URLs.

๐Ÿฆ  Malware Analysis & Reverse Engineering

Resources for researching malware, downloading samples, reverse engineering binaries, and analyzing malware behavior.

  • VX-Underground โ€“ Largest collection of malware samples and research on the internet.
  • VirusSign โ€“ Curated list of malware sample sources for researchers.
  • Ghidra โ€“ Open-source reverse engineering framework created by the NSA.
  • Binary Ninja โ€“ Modern reverse engineering platform with scripting and automation support.
  • IDA Free โ€“ Free version of the IDA disassembler and debugger.
  • ANY.RUN Blog โ€“ Guides and insights for understanding malware analysis reports.
  • x64dbg โ€“ Open-source Windows debugger for malware analysis.
  • Sysinternals Suite โ€“ Advanced Windows system monitoring and diagnostics tools.
  • Detect It Easy (DIE) โ€“ Portable executable analyzer to identify packers and compilers.
  • MalwareBazaar UA Verifier โ€“ Identify malicious User-Agent strings linked to malware.
Back to top