Security Management E-Library Sources

Security Trail

https://securitytrails.com/

Robust APIs & Data Services for Security Teams

shodan

https://www.shodan.io/

Shodan is a search engine and network security monitor that indexes data from any type of electronic device connected to the internet. It’s similar to Google but you see search results in various forms including types of devices, IP addresses, country, SSH, Telnet, and HTTP server banners. But the real value of this search engine is in its ability to help both red teams (offensive security professionals) and blue teams (defensive security professionals).

censys | Attack Surface Management

https://censys.io/

Censys can identify, investigate and remediate all relevant risks to your attack surface. It can also discover the “unknown unknowns” on your network, including: Exposed Internal Services, Exposed Login Services, Out-of-date TLS configurations, and other risky entry points for attackers.

Grey Noise

https://greynoise.io/

GreyNoise collects and analyses untargeted, widespread, and opportunistic scan and attack activity that reaches every server directly connected to the internet. Mass scanners (such as Shodan and Censys), search engines, bots, worms, and crawlers generate logs and events omnidirectionally on every IP address in the IPv4 space. GreyNoise allows the ability to filter this useless noise out.

Zoom Eye

https://www.zoomeye.org/

ZoomEye is a Cyberspace Search Engine recording information of devices, websites, services and components. This search engine has two powerful detection engines Xmap and Wmap aiming at devices and websites in the cyberspace. It can be used to identify all the services and components through 24/7 continuous detection. Therefore, it is easier for researchers to understand the component coverage and the damage scope of vulnerabilities.

Have I been Pwned | Check if your email have compromised

https://haveibeenpwned.com/

HIBP is a free resource for anyone to quickly assess whether they have been put at risk due to an online account of theirs having been compromised or “pwned” in a data breach. The site came about after what was, at the time, the largest ever single breach of customer accounts — Adobe. The creator often did a post-breach analysis of user credentials and kept finding the same accounts exposed repeatedly, often with the same passwords which then put the victims at further risk of their other accounts being compromised.

Pipl

https://pipl.com/

Used by government agencies, leading financial and insurance institutions, and media companies all over the world, Pipl’s unique identity resolution engine connects the world’s personal, professional and social identity data to give analysts and investigators an unmatched global index of over 3 billion trusted identity profiles.

RiskXchange

https://www.riskxchange.co/

RiskXchange provides a powerful AI-assisted, yet simple automated and centralised unique 360-degree cybersecurity risk rating management approach. We generate objective, quantitative reporting on a company’s cybersecurity risk and performance, that enables organisations with evolving business requirements, to conduct business securely in today’s open, collaborative, digital world.