Cyber Threat OSINT

OWASP Amass performs attack surface mapping, subdomain enumeration, and DNS asset discovery for OSINT and penetration testing recon.

Sn1per is an automated attack surface management toolkit combining OSINT reconnaissance with vulnerability discovery and reporting.

PhishTank collects and verifies reported phishing URLs, helping analysts investigate malicious campaigns and block fraudulent domains.

TCP port scanner, spews SYN packets asynchronously, scanning entire Internet in under 5 minutes.

Scanless runs port scans via multiple third-party services to minimize direct attribution footprint during network reconnaissance.

Pulsedive is a free threat intelligence platform. Search, scan, and enrich IPs, URLs, domains and other IOCs from OSINT feeds or submit your own.

Upload a ransom note and/or sample encrypted file to identify the ransomware that has encrypted your data.

Ghidra is NSA's free open-source reverse engineering framework for analyzing compiled binaries and malware in security investigations.

Scan Maldoc analyzes Office documents and PDFs for embedded macros, shellcode, and malware using automated sandbox analysis.

Security Headers scans any website's HTTP response headers and grades its security configuration against current best-practice standards.

Shadowserver provides network threat intelligence including malware C2 tracking, botnet monitoring, and internet-wide vulnerable device scanning.

Sucuri SiteCheck scans any website for malware, viruses, blacklist status, SEO spam, and malicious code without requiring server access.