Define the input
Domain, IP, URL, hash, CVE, archive, or public claim.
Free web tools
Browser-based OSINT and threat-intel sources.
This English page mirrors the Turkish free-tools shelf. It lists sources that can be opened from the browser and used as first signals, not as final proof.
20
tools
17
beginner-friendly
passive
default use
Open the right source
Use the source family that fits the question.
Record context
Write the date, source, and what the result actually shows.
Verify again
Compare with at least one second source before reporting.
Free or public accessLow risk
Threat maps
Check Point Live Cyber Threat Map
Treat vendor telemetry as situational awareness, not attribution proof.
threat-maptelemetrysituational-awareness
Open sourceFree or public accessLow risk
Threat maps
Kaspersky Cyberthreat Map
Treat vendor telemetry as situational awareness, not attribution proof.
threat-mapstatisticstelemetry
Open sourceFree or public accessLow risk
Threat maps
FortiGuard Threat Map
Treat vendor telemetry as situational awareness, not attribution proof.
fortiguardthreat-mapmalware
Open sourceFree or public accessLow risk
Threat maps
Radware Live Threat Map
Treat vendor telemetry as situational awareness, not attribution proof.
ddosthreat-maptelemetry
Open sourceFree or public accessLow risk
Threat maps
Zscaler ThreatLabz Threat Map
Use this as an initial signal. Check date, source context, and a second source before reporting.
cloudthreat-mapzscaler
Open sourceFree account may be requiredLow risk
IOC and threat intelligence
AlienVault OTX / LevelBlue OTX
Use this as an initial signal. Check date, source context, and a second source before reporting.
iocotxthreat-intelligence
Open sourceFree or public accessLow risk
OSINT directories
OSINT Framework
Use this as an initial signal. Check date, source context, and a second source before reporting.
directoryosintlearning
Open sourceFree or public accessLow risk
Threat context
SANS Internet Storm Center
Use this as an initial signal. Check date, source context, and a second source before reporting.
sansdiarythreat-context
Open sourceFree or public accessMedium risk
Malware URL feeds
Abuse.ch URLhaus
Use this as an initial signal. Check date, source context, and a second source before reporting.
abusechmalware-urlurl
Open sourceFree or public accessMedium risk
Malware intelligence
Abuse.ch MalwareBazaar
Use this as an initial signal. Check date, source context, and a second source before reporting.
malwarehashabusech
Open sourceFree or public accessMedium risk
Botnet feeds
Abuse.ch Feodo Tracker
Use this as an initial signal. Check date, source context, and a second source before reporting.
botnetc2abusech
Open sourceFree or public accessLow risk
Vulnerability tracking
CISA Known Exploited Vulnerabilities Catalog
Use this as an initial signal. Check date, source context, and a second source before reporting.
cisakevcve
Open sourceFree or public accessLow risk
Vulnerability tracking
NVD
Compare CVE records with vendor advisories before prioritizing.
nvdcvecvss
Open sourceFree or public accessLow risk
Vulnerability tracking
MITRE CVE
Compare CVE records with vendor advisories before prioritizing.
mitrecveidentifier
Open sourceFree or public accessMedium risk
URL, hash, domain, and IP checks
VirusTotal
Do not upload private or sensitive files to public scanning services.
reputationhashurldomain
Open sourceFree account may be requiredMedium risk
Passive internet visibility
Shodan
Use only as a passive visibility source for owned or authorized assets.
internet-exposureservicespassive
Open sourceFree or public accessLow risk
IP context
GreyNoise Visualizer
Use this as an initial signal. Check date, source context, and a second source before reporting.
ipnoisescanner
Open sourceFree account may be requiredLow risk
Domain and DNS history
SecurityTrails
Use this as an initial signal. Check date, source context, and a second source before reporting.
dnsdomain-historysubdomains
Open sourceFree or public accessLow risk
Certificate transparency
crt.sh
Certificate records can show historical or inactive assets.
certificate-transparencysubdomaindomain
Open sourceFree or public accessLow risk
Web archives
Wayback Machine
Archive time is not always the original publication time.
archiveverificationweb-history
Open sourceCareful-use note
Free tools change terms, limits, and data quality over time. Use them as starting points. Do not upload sensitive material to public scanning services.
Move checked notes into a report