TIP: 📍BOOKMARK THIS PAGE FOR EASY FUTURE ACCESS📍
Free SOC Tools For Incident Response
Free SOC tools are essential for incident responders, especially those who are working in Security Operation Centers. Security Operations Center (SOC) teams play a critical role in safeguarding organizations against cyber threats. These teams require advanced tools and technologies to effectively monitor, detect, and respond to security incidents. However, the cost and complexity of acquiring and implementing these tools can be a barrier for many organizations, notably smaller businesses, non-profit entities, or even individual SOC analysts. Fortunately, we are here to help in identifying and capturing the vast array of free SOC tools available that provide essential capabilities to help security professionals enhance their incident response skills.
List of Free SOC Tools
This is a collection of free SOC tools that can be used by cybersecurity analysts and cybersecurity incident responders to perform security incident investigations. The aim of this project is to improve the Mean-Time-To-Respond (MTTR) and equip you with adequate resources to complete an investigation.
Email and Reverse Email Investigation Tools
- Hunter Email Verifier: https://hunter.io/email-verifier
- Free Email Verifier: https://freemailverifier.com/
- MXToolbox Email Header Analyzer: https://mxtoolbox.com/EmailHeaders.aspx
- IP2Location Email Tracer: https://www.ip2location.com/free/email-tracer
- Epios Reverse Email Lookup: https://epieos.com/
- Spokeo Reverse Email Lookup: https://www.spokeo.com/email-search
- Email Sherlock: https://www.emailsherlock.com/
- IP Quality Score: https://www.ipqualityscore.com/reverse-email-lookup
- Num Lookup: https://numlooker.com/reverse-email-lookup
Social Media and People OSINT Tools
- Social Searcher: https://www.social-searcher.com/
- WhatsMyName App: https://whatsmyname.app/
- Peeplookup: https://www.peeplookup.com/free-people-search
- Social Catfish: https://socialcatfish.com/
- Been Verified: https://www.beenverified.com/
- People Looker: https://www.peoplelooker.com/
- Zoom Info: https://www.zoominfo.com/
Email Compromise/Breach Analyzer Tools
- Have I Been Pwned: https://haveibeenpwned.com/
- Email Checker: https://email-checker.net/
- Can I be Pwned: https://canibepwned.com/
- PwnCheck: https://pwncheck.me/
- CheckpwnedEmails Github: https://github.com/Techno-Hwizrdry/checkpwnedemails
- Check Them: https://www.checkthem.com/hacked/
- PWDQuery: https://pwdquery.xyz/
- Leakcheck: https://leakcheck.io/
- LeakPeek: https://leakpeek.com/
- IntelligenceX: https://intelx.io/
- Email Address Extractor from Domain: https://phonebook.cz/
- Email-Format Database & Email Pattern Extractor: https://www.email-format.com/
- Mobile Number Generator for OTP: https://receive-sms-online.info/
- Mobile Number Generator for OTP: https://receive-smss.com/
IP/Domain Investigation Tools
- Cylect – All in one – https://cylect.io/project-anthony-ultimate-osint-tool
- SpiderFoot – All in one that works on Linux Machine- https://github.com/smicallef/spiderfoot
- IP Ranges: https://en.wikipedia.org/wiki/Regional_Internet_registry
- CIDR Company IP Mapping: https://www.cidr-report.org/as2.0/
- AbuseIPDB: https://www.abuseipdb.com/
- Censys: https://search.censys.io/
- PhishTank: https://phishtank.org/index.php
- DNSBL SpamChecker: https://www.dnsbl.info/
- Barracuda IP/Domain: https://www.barracudacentral.org/lookups
- MXToolBox Domain/IP lookup: https://mxtoolbox.com/SuperTool.aspx
- DomainTools Whois lookup: https://whois.domaintools.com/
- Whois: https://www.whois.com/whois
- Robtex: https://www.robtex.com/
- IPStack IP Lookup: https://ipstack.com/
- CIRCL BGP Ranking: https://bgpranking.circl.lu/
- Multirbl: https://multirbl.valli.org/
- Scamdoc: https://www.scamdoc.com/
- URL Unshorten: https://checkshorturl.com/
- Browserling – https://www.browserling.com/
- DNS Dumpster – https://dnsdumpster.com/
Reputation Checking Tools
- VirusTotal: https://www.virustotal.com/gui/home/search
- Cisco Talos Reputation Checker: https://talosintelligence.com/reputation_center
- FileScan.io: https://www.filescan.io/scan
- URLScan.io: https://urlscan.io/
- Inquest Labs: https://labs.inquest.net/
- Hybrid Analysis: https://www.hybrid-analysis.com/
- Any.Run: https://app.any.run/
- Intezer: https://analyze.intezer.com/
- Dr.Web Scan: https://vms.drweb.com/
- SpamHaus Project: https://check.spamhaus.org/
- Unpackme: https://www.unpac.me
- ThreatZone: https://app.threat.zone
- RecordedFuture Triage: https://tria.ge/
- Yomi Yoroi: https://yomi.yoroi.company/upload
- PacketTotal: https://packettotal.com
DDoS Investigation Tools:
- NetLab Statistics: https://scan.netlab.360.com/#/dashboard
- DDoSMon: https://ddosmon.net/
Criminal Records Investigation Tools
- BlackBookOnline USA: https://www.blackbookonline.info/
- Federal Bureau of Prisons: https://www.bop.gov/mobile/find_inmate/byname.jsp
- Family Watchdog: https://www.familywatchdog.us/
- Vine DHS GOV: https://vinelink.dhs.gov/#/map
Other Good Resources
- CSIRT-SK: https://github.com/CSIRT-SK
Feel Free to comment on the page below about the tools you use to respond to cybersecurity incidents. We are happy to append the above list with your input and don’t hesitate to give you due credit for submission.
For more cybersecurity news and updates, follow us on Cybersecurity – The SOC Labs.
Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The SOC Labs assumes no liability for the accuracy or consequences of using this information.