Resources

Here are a list of helpful resources and APIs available for researchers

• SHODAN – Search for hosts on the Internet
• Binary Edge – Dynamically run scans on the Internet
• Censys – Search for certificates and hosts on the Internet
• Security Trails – Search historical DNS & WHOIS information
• Urlscan.io – Fingerprint an application
• Seclists – wordlists, useful for recon, endpoint, and content discovery
• Nuclei Templates – YAML’ized Templates to fingerprint and find simple vulnerabilities
• Intrigue API
  • Search Organization-specific attack surface
  • Search BGP data by organization
  • Infer Vulnerabilities on Assets
• Meta Lists
  • Awesome Asset Discovery
  • Awesome Web Discovery