| UrlScan.io |
This is used to run urls in a sandbox and display the results |
Sandbox |
https://www.urlscan.io/ |
|
| Any.Run |
This is an interactive sandbox |
Sandbox |
https://app.any.run/ |
|
| Joe Sandbox |
This is a full sandbox |
Sandbox |
https://www.joesandbox.com/ |
|
| VirusTotal |
This is a OSINT research platform and does some sandboxing |
OSINT |
https://www.virustotal.com/ |
|
| Talos Intelligence |
OSINT on domains, ip to provide research on emails |
OSINT |
https://talosintelligence.com/ |
|
| Hybrid Analysis |
This is a full sandbox |
Sandbox |
https://www.hybrid-analysis.com/ |
|
| Cyber Chef |
This is a “swiss army knife” of tools for use in cyber security |
Tools |
https://gchq.github.io/CyberChef/ |
|
| Cuckoo Sandbox |
This is a full sandbox |
Sandbox |
https://sandbox.pikker.ee/ |
|
| MX Toolbox |
This is a set of tools for researching information on mail servers |
Tools |
https://mxtoolbox.com/ |
|
| ExploitDB |
This is used to lookup details on malware |
OSINT |
https://www.exploit-db.com/ |
|
| Google Safe Browsing |
This is a tool which checks Google’s safe browsing classification |
OSINT |
https://transparencyreport.google.com/safe-browsing/search |
|
| GreyNoise |
This is a OSINT tool to perform research on IPs and CVEs |
OSINT |
https://viz.greynoise.io/ |
|
| Have I Been Pwned |
This website can report back if an email address has been impacted by a breach |
OSINT |
https://haveibeenpwned.com/ |
|
| IntelligenceX |
This is an OSINT search engine |
OSINT |
https://intelx.io/ |
|
| IP Void |
This researches IP addresses for blacklist, whois, etc. |
OSINT |
https://www.ipvoid.com/ |
|
| Kaspersky TIP |
This is a OSINT research platform and does some sandboxing |
OSINT |
https://opentip.kaspersky.com/ |
|
| Maltiverse |
This tool is used to research IOCs |
OSINT |
https://maltiverse.com/search |
|
| NIST National Vulnerability Database |
The database of known vulnerabilities published by NIST |
CVE |
https://nvd.nist.gov/ |
|
| Mitre CVEs |
The database of known vulnerabilities published by MITRE |
CVE |
https://cve.mitre.org/ |
|
| MITRE Att&ck Framework |
Detailed information on the MITRE Att&ck Framework |
Tools |
https://attack.mitre.org/ |
|
| OTX Alien Vault |
This is an OSINT resource for IOCs and threat actors |
OSINT |
https://otx.alienvault.com/ |
|
| Phish Tank |
This is an OSINT tool for researching current phishing campaigns |
OSINT |
https://www.phishtank.com/index.php |
|
| RiskIQ |
This is a tool to research information on domains |
OSINT |
https://community.riskiq.com/home |
|
| Shodan |
This is a tool to research known vulnerabilities on publically-facing servers |
OSINT |
https://www.shodan.io/ |
|
| ThreatMiner |
This is an OSINT search engine |
OSINT |
https://www.threatminer.org/ |
|
| Unshorten Me |
This tool is used to unshorten urls that may have used a shortener |
Tools |
https://unshorten.me/ |
|
| Url2Png |
Get a screenshot of a website |
Tools |
https://www.url2png.com/ |
|
| URLVoid |
This is a website reputation checker |
OSINT |
https://www.urlvoid.com/ |
|
| View DNS Info |
This finds DNS information on a domain |
OSINT |
https://viewdns.info/ |
|
| Internet Archive |
This will help you find older data on the internet that may have been deleted |
Tools |
https://archive.org/web/ |
|
| ICANN Lookup |
This is the ICANN service for domains and IP - the official record |
OSINT |
https://lookup.icann.org/en |
|
| Regex 101 |
This tool helps build and debug regex |
Tools |
https://regex101.com/ |
|
| List of Port Numbers |
This is a list of all TPC and UDP port numbers |
Tools |
https://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers |
|