What is a practical “tech” book without a hefty list of resources that may be out of date by the time you read them, eh? Well, luckily I’m on hand to deliver such a useful collection for you! So while I sincerely hope this chapter can give you some resources that you can immediately use, I also want you to know that I maintain my own list of resources online, and you can get that via my blog.1 Hopefully, the combination of book and weblink should give you a solid starting point to build out your research and investigation.
Before we delve into some of the valuable links and different web resources I use and would recommend, I thought I’d also touch on the following steps to formalize an interest in CTI and take it forward for any budding analyst who’s taken the time to read this book (and if you have, then thank you!). This book was initially conceived as an aid for those in senior positions who may want or need to set up a CTI team, and as such, I’ve avoided going too deep into the rabbit hole for analysis. But I’m acutely aware that a book like this can be read by more junior people who want to learn. While I stand by this book as an introduction to CTI and the core fundamentals that I believe a CTI team should operate from, it doesn’t help you be a better intelligence analyst without putting the learning into practice.
The intelligence cycle
Intelligence requirements
Intelligence writing
Ways of classifying intelligence (confidentiality, source evaluation, etc.)
Structured analytical techniques (analysis of competing hypotheses, cone of plausibility, contrarian/imaginative techniques, etc.)
Conscious/unconscious bias
CTI-specific concepts (diamond model, ATT&CK, STIX/TAXII)
Collection and analysis specifics (infrastructure pivoting, link analysis, OSINT tooling)
Yara rules and other basic hunting methods (understanding adversary use of DNS, domain registrations, metadata)
Using different infrastructure (virtual machines, cloud service providers, third-party tools, etc.)
The preceding list would be a great starting point for any CTI analyst. Truth be told, the vast majority of this list would also sit any discipline of intelligence pretty well, as the core fundamentals of intelligence analysis don’t change – but the cyber-specific areas are clearly the ones that can significantly benefit anyone working in CTI, surprise surprise!
It’s also unlikely to come as a surprise that the ability to do scripting to some degree could also be a huge benefit. I say this as someone who really struggles with this and wishes he could do it. It’s definitely not an essential skill, but it will make life easier if you’re comfortable writing scripts and being able to query the APIs of some of the tools you’re going to interact with daily.
What’s also vital for any would-be intelligence analysis is an inherent curiosity. If you like investigating, sorting the wheat from the chaff, and trying to establish precisely what is going on in a given scenario, then you’re likely to succeed as an intel analyst. The world of cyber can be incredibly daunting, and there’s definitely a degree of gatekeeping on social media. Still, the truth is, once you become accustomed to the tools everyone uses and what value you can extract from them, you’ll start finding your own answers. Don’t feel intimidated or out of your depth. We all started from nowhere at some point, and if you have the curiosity and the drive to learn, then you will almost certainly succeed. Take each of these topics listed as a starting point, become familiar with the core concepts and how they work, and take it step by step. I am optimistic you will become comfortable and able to do your own research and report your own findings in no time.
You may also find certain areas or niches that you enjoy more than others. Embrace that! If you have a particular knack or ability for any facet of this burgeoning industry, then you’ll find a demand for it. And as discussed in this book, if you have specific skillsets, you can complement a wider team, and your colleagues will compliment you. So go forth, be curious, and enjoy the learning process!
Online Resources
Please note links with < > in the URL (e.g., <DOMAIN>) require the domain in question to be added to the search. The list in this book is curated for CTI-specific research and is correct at the time of writing. But as stated earlier in the chapter, please check the Resources page on my blog for the full and most up-to-date version. The online version contains more resources and a broader range of subject areas for all manner of OSINT research and investigation, including downloadable tools and other search resources. Happy hunting!
Domains
Alexa (http://alexa.com) – Website ranking and keyword searching.
AlienVault OTX (https://otx.alienvault.com) – Community-driven threat information, also available as a feed.
Backlinks (https://smallseotools.com/backlink-checker/) – Backlink checker for a given domain.
BuiltWith (https://builtwith.com/) – Tool to provide information on what technology powers a given website.
Carbon Dating (http://carbondate.cs.odu.edu/) – Tool that tries to identify the birthdate of a web page.
Censys (https://censys.io) – Internet of Things (IoT) search engine, similar to Shodan.
CentralOps (https://centralops.net) – Website WHOIS lookups and other lookups.
DNS Trails (https://securitytrails.com/dns-trails) – Repository of historical DNS data.
DomainBigData (https://domainbigdata.com/) – Database of domains and WHOIS data.
DomainIQ (www.domainiq.com/snapshot_history) – Provides snapshots of information on web domains, such as WHOIS, hosting or registrar history, etc.
Easy Counter (www.easycounter.com/) – Website metrics.
Find Subdomains (https://spyse.com/tools/subdomain-finder) – You’ll never guess. It finds subdomains of websites.
Follow That Page (https://followthatpage.com/) – Service that allows you to be notified when a web page is changed.
Google Cache (https://webcache.googleusercontent.com/search?q=cache:<DOMAIN>) – Checks Google’s cache for any archive of a web domain.
Hunter (https://hunter.io) – Finds email addresses belonging to a specific domain.
IBM X-Force (https://exchange.xforce.ibmcloud.com/) – Threat intelligence reporting, IOC feed, and sharing platform.
Joe Sandbox (https://joesecurity.org) – Malware sandbox.
Majestic (https://majestic.com) – Backlink checker for a given domain.
MxToolbox (https://mxtoolbox.com/) – Provides MX information for a given domain.
Pentest-Tools (https://pentest-tools.com/home) – Collection of tools for penetration testing that provide information on a given domain.
PhishTank (https://phishtank.com) – Community-driven sharing of Phishing emails and IOCs. Available as a feed.
Plagiarism Checker (https://smallseotools.com/plagiarism-checker/) – Checks a web page for plagiarism unsurprisingly.
Reddit Domains (http://reddit.com/domain/<DOMAIN>) – Searches Reddit for mention of a specific domain.
Reddit Site Search (https://reddit.com/search?q=site:<DOMAIN>) – Searches Reddit for mention of a specific domain or link.
Redirect Detective (https://redirectdetective.com/) – Checks a URL for redirects.
Redstatz Reddit Site Search (http://redstatz.com/report/<DOMAIN>) – Analysis of a web domain being shared on Reddit. More detailed than Reddit’s own search function.
Registration Archive (https://web.archive.org/web/http://who.is/<DOMAIN>) – Checks the Internet Archive for historical WHOIS records.
RiskIQ PassiveTotal (https://community.riskiq.com) – Tool for checking passive DNS and other details about a given domain.
Searchmetrics (https://suite.searchmetrics.com/en/research) – Searches a website for content analysis and performance information.
SharedCount (www.sharedcount.com/) – Tracks sharing of a URL via social media.
SimilarWeb (www.similarweb.com/) – Website analysis tool.
SpyOnWeb (https://spyonweb.com/) – Provides information on a given domain.
SpyFu (www.spyfu.com/) – Provides SEO information on a given website.
ThreatCrowd (https://threatcrowd.org/) – Search engine for threat data. Has a Maltego Transform.
Threat Intelligence Platform (https://threatintelligenceplatform.com/) – Online Threat Intel Platform providing threat information on a given threat (domain/IP/hash etc.).
ThreatMiner (www.threatminer.org/) – Search tool for threat intel data. Has a Maltego Transform.
Unshorten.It! (https://unshorten.it/) – Unshortens a shortened URL.
Unshorten.me (https://unshorten.me/) – Unshortens a shortened URL.
URLScan (https://urlscan.io) – Sandbox scanner for a given URL.
ViewDNS IP History (https://viewdns.info/iphistory/) – Shows the IP address history for a given domain.
ViewDNS Port Scanner (http://viewdns.info/portscan) – Scans a domain/IP address for open ports.
ViewDNS WHOIS (https://viewdns.info/whois/) – Provides WHOIS information for a given domain/IP address.
VirusTotal (http://virustotal.com/) – Checks files, domains, IP addresses, and URLs for known malware and other threat information.
Visualping (https://visualping.io/) – Monitors website changes and provides notification.
Visual Site Mapper (http://visualsitemapper.com/) – Provides a visualization of links on a given website.
Voat Domain Search (https://searchvoat.co/?d=<DOMAIN>&b=on&nsfw=on) – Searches Voat for mentions of a given domain.
Website Informer (https://website.informer.com/) – Provides information on a given domain.
Whoisology (https://whoisology.com/) – Archive of WHOIS data enabling Reverse WHOIS lookups etc.
Whoxy (www.whoxy.com/) – Domain information including WHOIS, Reverse WHOIS, etc.
IP Addresses
AlienVault OTX (https://otx.alienvault.com) – Community-driven threat information, also available as a feed.
Bing IP (https://bing.com) – Searching ip:<IPv4> on Bing provides information on the IP.
Canarytokens (http://canarytokens.org/generate) – Free tool for generating canary tokens; receives notification of the recipients’ IP when they open a file.
Censys (https://censys.io) – Internet of Things (IoT) search engine, similar to Shodan.
DNS Trails (https://securitytrails.com/dns-trails) – Repository of historical DNS data.
ExoneraTor (https://metrics.torproject.org/exonerator.html) – Provides information on whether an IP address was used as a Tor relay on a given date.
GetNotify (https://getnotify.com/) – Canarytoken service for when a recipient opens an email.
I Know What You Download (https://iknowwhatyoudownload.com/en/peer/) – Searches an IP for Torrent downloads and distribution.
IBM X-Force (https://exchange.xforce.ibmcloud.com/) – Threat intelligence reporting, IOC feed, and sharing platform.
IP Logger (https://iplogger.org/) – Canarytoken service for shortened URLs, invisible images, and more.
IP2Location (www.ip2location.com/free/email-tracer) – Email header lookup to potential IP geolocation.
IPLocation (www.iplocation.net/) – Provides rough geolocation on a given IP.
Joe Sandbox (https://joesecurity.org) – Malware sandbox.
MxToolbox (https://mxtoolbox.com/) – Provides MX information for a given domain.
PhishTank (https://phishtank.com) – Community-driven sharing of Phishing emails and IOCs. Available as a feed.
Shodan (https://shodan.io) – IoT search engine.
That’s Them (https://thatsthem.com/reverse-ip-lookup) – Reverse IP lookup.
ThreatCrowd (https://threatcrowd.org/) – Search engine for threat data. Has a Maltego Transform.
ThreatMiner (www.threatminer.org/) – Search tool for threat intel data. Has a Maltego Transform.
ViewDNS IP Location (http://viewdns.info/iplocation) – IP geolocation.
ViewDNS IP Traceroute (http://viewdns.info/traceroute) – Traceroutes an IP address.
ViewDNS IP WHOIS (http://viewdns.info/whois) – WHOIS lookup for a given IP address.
ViewDNS Port Scanner (http://viewdns.info/portscan) – Scans a domain/IP address for open ports.
ViewDNS Reverse IP (http://viewdns.info/reverseip) – Reverse IP address lookup.
VirusTotal (http://virustotal.com/) – Checks files, domains, IP addresses, and URLs for known malware and other threat information.
WhoIs (http://who.is/) – WHOIS lookup.
Wigle (https://wigle.net) – Wireless network mapping.
File Hashes and Documents
AlienVault OTX (https://otx.alienvault.com) – Community-driven threat information, also available as a feed.
Any.run (https://app.any.run) – Malware sandbox
Cryptome (http://cryptome.org/) – Repository of public documents.
Exifinfo (https://exifinfo.org/) – Tool for extracting metadata from photos and other media files.
Extract Metadata (www.extractmetadata.com/) – Metadata reader for a range of file types.
Free OCR (www.sodapdf.com/ocr-pdf/) – Converts an image, scanned document, or PDF into an editable file.
Get Metadata (www.metadata2go.com/) – Metadata viewer.
GrayhatWarfare (https://buckets.grayhatwarfare.com/) – Publicly exposed AWS buckets and Azure blobs.
Hybrid Analysis (https://hybrid-analysis.com/) – Malware analysis service.
IBM X-Force (https://exchange.xforce.ibmcloud.com/) – Threat intelligence reporting, IOC feed, and sharing platform.
Jeffrey’s Viewer (http://exif.regex.info/exif.cgi) – Image metadata viewer.
Joe Sandbox (https://joesecurity.org) – Malware sandbox.
Napalm FTP (www.searchftps.net/) – Searches for files on public FTP servers.
Pastebin (https://pastebin.com/search?q=<QUERY>) – Searches Pastebin for a specific file or term.
PDF Drive (www.pdfdrive.com/search?q=<QUERY>) – Search engine for PDF files.
Pushshift (http://files.pushshift.io/) – Various articles relating to Big Data and social media/technology trends.
SlideShare (www.slideshare.net/) – Presentations and slide decks.
ThreatMiner (www.threatminer.org/) – Search tool for threat intel data. Has a Maltego Transform.
VirusTotal (http://virustotal.com/) – Checks files, domains, IP addresses, and URLs for known malware and other threat information.
Web Technologies
AnalyzeID (https://analyzeid.com/) – Searches for websites owned by the same person.
BuiltWith (https://builtwith.com/) – Tool to provide information on what technology powers a given website.
Censys (https://censys.io) – Internet of Things (IoT) search engine, similar to Shodan.
DomainIQ (www.domainiq.com/snapshot_history) – Provides snapshots of information on web domains, such as WHOIS, hosting or registrar history, etc.
NerdyData (www.nerdydata.com/) – Finds websites based on name or HTML/JavaScript.
Shodan (https://shodan.io) – IoT search engine.
Email Addresses and Data Breaches
AnalyzeID (https://analyzeid.com/) – Searches for websites owned by the same person.
Cynic (https://ashley.cynic.al/) – Checks an email address against the Ashley Madison data breach for a match.
DeHashed (https://dehashed.com) – Checks an email address for data breach information.
DomainBigData (https://domainbigdata.com/) – Database of domains and WHOIS data.
Email Format (www.email-format.com/) – Checks domains for email address format.
Email Hippo (https://tools.verifyemailaddress.io/) – Verifies if an email address exists.
Email Rep (https://emailrep.io/) – Checks the reputation of an email address.
Epieos (https://tools.epieos.com) – Checks an email address for social media presence, Google account, and if it’s registered on LinkedIn.
GhostProject (https://ghostproject.fr/) – Data breach search engine.
GoFindWho (https://gofindwho.com/) – People search tool including data breach and paste site information.
HaveIBeenPwned (https://haveibeenpwned.com) – Checks an email address or phone number against data breaches. Phone number only works for Facebook data breach from early 2021.
Hunter (https://hunter.io) – Finds email addresses belonging to a specific domain.
IntelligenceX (https://intelx.io) – Search engine and data archive for threat and data breach information.
IP2Location (www.ip2location.com/free/email-tracer) – Email header lookup to potential IP geolocation.
LeakedSource (https://leakedsource.ru/) – Russian-based site for data breach information.
Lullar (https://com.lullar.com/) – People search by name or email address.
ManyContacts (www.manycontacts.com/en/mail-check) – Checks email address for social media presence.
MxToolbox (https://mxtoolbox.com/) – Provides MX information for a given domain.
Pastebin Dump (https://psbdmp.ws/) – Searches Pastebin for email addresses.
RecordsFinder (https://recordsfinder.com/email/) – Reverse email lookup.
SpyCloud (https://portal.spycloud.com/endpoint/enriched-stats/<EMAIL>) – Data breach information for a given email address.
Spytox (www.spytox.com/) – People search for names, phone numbers, and email addresses.
That’s Them (https://thatsthem.com/) – People search engine.
ThreatMiner (www.threatminer.org/) – Search tool for threat intel data. Has a Maltego Transform.
Trace My Email Address (https://whatismyipaddress.com/trace-email) – Email header tracer.
Trumail (https://trumail.io/) – Email address verification.
Verify Email (https://verify-email.org/) – Verifies if an email address exists.
Whoxy (www.whoxy.com/) – Domain information including WHOIS, Reverse WHOIS, etc.
Usernames
CheckUsernames (http://checkusernames.com/) – Checks for usage of a username across 160 social networks.
eBay Username Search (https://ebay.com/usr/<USERNAME>) – Checks eBay for use of a username.
GoFindWho (https://gofindwho.com/) – People search tool including data breach and paste site information.
Hacker News Username Search (https://news.ycombinator.com/user?id=<USERNAME>) – Checks the Hacker News website for a username.
KnowEm (https://knowem.com/checksocialnames.php?u=<USERNAME>) – Username checker.
Lullar (https://com.lullar.com/) – People search by name or email address.
Namecheckr (www.namecheckr.com/) – Searches for use of a username.
Namevine (https://namevine.com/#/<USERNAME>) – Checks for a domain name and matching social profiles.
Pinterest Username (www.pinterest.com/<USERNAME>) – Checks Pinterest for a matching username.
Pushshift Reddit User Search (https://api.pushshift.io/reddit/search/comment/?author=<USERNAME>) – Checks Reddit for a matching username.
Pushshift Reddit User Submission Search (https://api.pushshift.io/reddit/search/submission/?author=<USERNAME>) – Checks Reddit for posts by a matching username.
Reddit User Search (https://reddit.com/user/<USERNAME>) – Reddit’s native username search.
Skype Username (https://api.skype.com/users/<USERNAME>/profile/avatar?cacheHeaders=1) – Checks Skype for a matching username.
Social Searcher (www.social-searcher.com/search-users/?ntw=&q6=<USERNAME>) – Checks social media sites for corresponding username.
Tinder Profile Search (www.gotinder.com/@<USERNAME>) – Checks Tinder for a matching username.
User Search (Free) (http://usersearch.org/) – Free version of User Search.
User Search (Paid) (https://usersearch.io/) – Paid version of User Search. Contains hundreds more checks than the free version.
Voat User Search (https://searchvoat.co/search.php?u=%3CUSERNAME%3E&b=on&nsfw=on) – Searches Voat for a corresponding username.
WhatsMyName (https://whatsmyname.app) – Searches ~285 resources for a matching username.
Cryptocurrency
Address Validation (http://codacoin.com/api/public.php?request=validate&address=<WALLET ADDRESS>) – Searches for a cryptowallet address.
Bitcoin Abuse (www.bitcoinabuse.com/) – Bitcoin abuse databases. Tracks wallets used by known malicious actors.
Bitcoin Balance (https://blockchain.info/q/addressbalance/<WALLET ADDRESS>) – Finds out the balance of a Bitcoin wallet.
Bitcoin Received (https://blockchain.info/q/getreceivedbyaddress/<WALLET ADDRESS>) – Finds out how much Bitcoin a wallet has received.
Bitcoin Sent (https://blockchain.info/q/getsentbyaddress/<WALLET ADDRESS>) – Finds out how much Bitcoin a wallet has sent.
Bitcoin Who’s Who (https://bitcoinwhoswho.com/) – Bitcoin address lookup.
Blockchain (http://blockchain.info/) – Blockchain explorer.
Blockchair (http://blockchair.com/) – Blockchain explorer.
Blockchair Wallet Search (https://blockchair.com/<CRYPTOCURRENCY>/address/<WALLET ADDRESS>) – Searches for a cryptowallet and identifies its transactions.
Wallet Explorer (http://walletexplorer.com/) – Explores cryptowallets.
Paste Sites
0bin (http://0bin.net/)
CL1p (http://cl1p.net/)
Codepaste (http://codepaste.net/)
ControlC (http://controlc.com/)
Debian (http://paste.debian.net/)
Doxbin (http://doxbin.org/)
Dpaste (http://dpaste.com/)
Dpaste.org (https://dpaste.org/)
Dumpz (http://dumpz.org/)
Fedora (http://paste.fedoraproject.org/)
Friendpaste (http://friendpaste.com/)
Frubar (http://paste.frubar.net/)
GitHub (http://gist.github.com/)
Hastebin (http://hastebin.com/)
Hey Paste It (http://heypasteit.com/)
Ideone (http://ideone.com/)
Ivpaste (http://ivpaste.com/)
JS Bin (http://jsbin.com/)
JustPaste.it (http://justpaste.it/)
KDE (http://paste.kde.org/)
Lisp (http://paste.lisp.org/)
Mystic Paste (http://mysticpaste.com/)
p.ip.fi (http://p.ip.fi/)
Paste HTML (http://pastehtml.com/)
Paste Link (http://pastelink.net/)
Paste.ee (https://paste.ee/)
Paste.org (http://paste.org/)
Paste.org.ru (http://paste.org.ru/)
Paste2 (http://paste2.org/)
Pastebin.ca (http://pastebin.ca/)
Pastebin.fr (http://pastebin.fr/)
Pastebin.gr (http://pastebin.gr)
PasteFs (http://pastefs.com/)
Pastie (http://pastie.org/)
Pound-Python (http://paste.pound-python.org/)
PrivateBin (https://privatebin.net/)
Snipplr (http://snipplr.com/)
Snipt (http://snipt.net/)
Sprunge (http://sprunge.us/)
Text Snip (http://textsnip.com/)
Ubuntu (http://paste.ubuntu.com/)
Social Media
Bulk Facebook ID Finder (https://seotoolstation.com/bulk-facebook-id-finder) – Identifies the Facebook ID for a given profile.
UK-OSINT Facebook (www.uk-osint.net/facebook.html) – Collection of resources for Facebook research.
Who Posted What (https://whopostedwhat.com/) – Facebook tool to search for specific keywords and posts against a set range of criteria.
Account Analysis (https://accountanalysis.app) – Tool for analyzing a given Twitter account.
First Follower (http://socialrank.com/firstfollower) – Tool to analyze Twitter followers.
Foller.me (http://foller.me/) – Twitter analytics tool.
Followerwonk (https://followerwonk.com/bio) – Twitter account analysis tool.
OmniSci (www.omnisci.com/demos/tweetmap) – Map of tweets with geolocation enabled.
One Million Tweet Map (https://onemilliontweetmap.com) – Twitter mapping tool.
Sleeping Time (http://sleepingtime.org/) – Analyzes a Twitter account to estimate sleeping pattern.
Social Bearing (https://socialbearing.com/) – Twitter account analysis tool.
SparkToro (https://sparktoro.com/) – Tool for identifying accounts discussing a specific topic.
Tinfoleak (https://tinfoleak.com/) – Tool to identify potential geolocation of a Twitter account based on previous activity and images shared.
Trendsmap (www.trendsmap.com/) – Tool for analyzing topics, trends, etc.
TruthNest (https://app.truthnest.com) – Twitter account analysis tool.
TweetBeaver (http://tweetbeaver.com/) – Tool for analyzing a Twitter account and comparing several accounts.
TweetDeck (http://tweetdeck.twitter.com/) – Twitter-owned tool for setting up several feeds to monitor different topics, accounts, hashtags, etc.
Tweet Mapper (https://keitharm.me/projects/tweet/) – Finds tweets with geolocation information for a given Twitter account.
Tweet Topic (http://tweettopicexplorer.neoformix.com/) – Finds the most common words used by a given Twitter account.
Twiangulate (http://twiangulate.com/search/) – Tool to analyze mutual followers of accounts, reach, keywords, etc.
Twitonomy (http://twitonomy.com/) – Twitter analytics tool.
Twitter Advanced Search (http://twitter.com/search-advanced) – Twitter’s native advanced search function.
Twitter Archive (http://web.archive.org/web/*/twitter.com/<TWITTER USERNAME>) – Searches the Internet Archive for tweets from a given Twitter account.
Twitter Audit (http://twitteraudit.com/) – Tool to analyze how many of an account’s followers are real or bots.
Twitter Bio Changes (https://spoonbill.io/data/<TWITTER USERNAME>) – Tool to check an account’s bio history.
DownloadGram (https://downloadgram.com/) – Tool for downloading Instagram media.
Gramsave (https://gramsave.com/) – Tool for downloading Instagram media.
Instadp (https://instadp.org/instagram-downloader/#r) – Instagram downloader.
Search My Bio (www.searchmy.bio/) – Keyword search against Instagram bios.
Story Saver (www.storysaver.net/) – Tool to save Instagram stories.
Other Social Media and Messenger Apps
BoardReader (https://boardreader.com/) – Aggregates data from several social sites and forums.
GoFindWho (https://gofindwho.com/) – People search tool including data breach and paste site information.
HashAtIt (www.hashatit.com/) – Searches a specific hashtag across the major social sites.
Kik User Query (https://ws2.kik.com/user/<USERNAME>) – Searches Kik for a specific username.
Skype Search Engine (www.skypli.com/) – Search tool for Skype unsurprisingly.
Smaller Networks CSE (https://cse.google.com/cse?cx=001580308195336108602:fdcl5hqdbge) – Google custom search for smaller social networks.
Snapchat Maps (https://map.snapchat.com/) – Map to view Snapchat stories that have geolocation enabled.
Social Media Analysis Tool (SMAT) (www.smat-app.com/timeline) – Searches several sites of varying reputation for keywords.
Social Networks CSE (https://cse.google.com/cse?cx=001580308195336108602:oyrkxatrfyq) – Google custom search for major social networks.
Social Searcher (www.social-searcher.com/) – Social media search engine.
Telegram Chat Referrer Search (www.google.com/search?q=site%3At.me/joinchat/<HASH VALUE> -site:telegram.org) – If you have a hash value for a Twitter group, this search will query Google for further posts advertising the same invite.
Telegram Link Referrer Search (www.google.com/search?q=site%3Atelegram.me/username/<USERNAME> -site:telegram.org) – Similarly to chat referrer, this will look for an invite for a specific username on Telegram.
Telegram Message Search (https://search.buzz.im/) – Searches Telegram groups for keywords.
Telegram Search (www.google.com/search?q=site:telegram.me+"<SEARCH+TERM>") – Searches Telegram via Google for a specific search term.
Telegram Stats/Search (https://tgstat.ru/) – Russian service for getting Telegram stats and conducting searches.
Telegram t.me Search (www.google.com/search?q=site:t.me+"<SEARCH+TERM>") – Searches Telegram through Google.
Telegram telegra.ph Search (www.google.com/search?q=site:telegra.ph+"<SEARCH+TERM>" – Searches Telegram domain telegra.ph through Google.
Telegram.im (http://telegram.im/tools/search.php) – Searches Telegram channels, groups, and bots.
Tlgrm Telegram Channel Search (https://tlgrm.eu/channels) – Searches Telegram channels.
Tumblr Google Search (www.google.com/search?q=site:tumblr.com+"<SEARCH+TERM>") – Searches Tumblr through Google.