Workflow Guide

Research a Domain

Investigate domains with OSINT tools. Start with WHOIS and DNS, then pivot into infrastructure, hosting history, and reputation signals to uncover ownership, relationships, and threats.

Follow the highest-ranked tools first, then expand into supporting pivots for deeper investigation.

Back to home
18 direct workflow tools
0 supporting tools
5 related categories

Investigation Framework

Use this page as a working sequence, not just a list. Start broad, preserve volatile evidence, and corroborate before reporting.

Collect Leads

Record target values, search terms, timestamps, and the first source that produced each lead.

Pivot Carefully

Move from identifiers to related accounts, infrastructure, images, archives, or records only when the link is explainable.

Preserve Findings

Save screenshots, archive URLs, and keep original source links before pages change or accounts disappear.

Corroborate

Avoid single-source conclusions. Confirm important claims with independent tools, dates, and source types.

1

Start Here

Start with the highest-confidence tools for the first pass.

#1
Web & URL OSINT Free Verified Jun 3, 2026

ArchiveBox

ArchiveBox is self-hosted open-source web archiving for preserving websites, social posts, and online evidence for investigations.

Open Tool
#2
IP Address OSINT Free Verified Jun 3, 2026

Censys Search

Internet-wide search interface for hosts and certificates with large-scale host, service, and virtual host coverage plus API access.

Open Tool
#3
Web & URL OSINT Paid Verified Jun 3, 2026

Hunchly

Hunchly automatically captures and preserves web pages and social media content during investigative browsing sessions as evidence.

Open Tool
2

Core Tools

Move to these once you need validation, pivots, and broader collection.

4
IP Address OSINT Free Verified Jun 3, 2026

IP Void

We offer a vast range of IP address tools to discover details about IP addresses. IP blacklist check, whois lookup, dns lookup, ping, and more!

Open Tool
5
Domain OSINT Paid Verified Jun 3, 2026

Security Trails

SecurityTrails provides historical DNS records, WHOIS history, subdomain enumeration, and IP intelligence for domain and infrastructure investigation.

Open Tool
6
Domain OSINT Free Verified Jun 3, 2026

Whoxy

Whoxy provides a WHOIS lookup API with reverse WHOIS search and historical domain registration data for infrastructure investigation.

Open Tool
7
Domain OSINT Free Verified Jun 3, 2026

Whoisology

Whoisology is a cross-referenced database of current and historic domain ownership records for InfoSec, legal, and research professionals.

Open Tool
8
Domain OSINT Free Verified Jun 3, 2026

Domainiq

DomainIQ provides WHOIS research, domain name investigation, brand protection tools, and cybercrime attribution resources.

Open Tool
9
IP Address OSINT Free Verified Jun 3, 2026

Viewdns Tools

ViewDNS provides reverse IP lookup, WHOIS, DNS records, subdomain finder, port scanner, and 20+ free network investigation tools.

Open Tool
10
Domain OSINT Free Verified Jun 3, 2026

DNS History

DNS History archives historical DNS records, letting investigators track IP changes, hosting migrations, and infrastructure pivots over time.

Open Tool
11
Domain OSINT Free Verified Jun 3, 2026

ARIN

ARIN is a nonprofit, member-based organization that administers IP addresses & ASNs in support of the operation and growth of the Internet.

Open Tool
12
Domain OSINT Free Verified Jun 3, 2026

Central Ops

Free online network tools, including traceroute, nslookup, dig, whois, ping, and our own Domain Dossier and Email Dossier. Works with IPv6.

Open Tool
13
Domain OSINT Free Verified Jun 3, 2026

Who Is

WHOIS lookup providing domain ownership records, IP address data, DNS records, and name server details for infrastructure investigation.

Open Tool
14
IP Address OSINT Free Verified Jun 3, 2026

Domain/IP lookup

InfoByIP provides bulk IP and domain lookups returning geolocation, ASN, hostname, and WHOIS data for multiple targets simultaneously.

Open Tool
15
Web & URL OSINT Free Verified Jun 3, 2026

Builtwith

Web technology information profiler tool. Find out what a website is built with.

Open Tool
16
Web & URL OSINT Free Verified Jun 3, 2026

URL Query

urlquery is an online service that scans webpages for malware, suspicious elements and reputation.

Open Tool
17
Cyber Threat OSINT Free Verified Jun 3, 2026

Spamhaus

Spamhaus tracks IP and domain reputation for spam, malware, and phishing, providing blocklists used by global email security infrastructure.

Open Tool
18
Archive & Capture Free Verified Jun 3, 2026

SingleFile

Web Extension for saving a faithful copy of a complete web page in a single HTML file

Open Tool
3

Also Useful

Use supporting tools when you need corroboration or specialized enrichment.

No additional keyword-based matches.

Related Categories

Domain OSINT 8 Web & URL OSINT 4 IP Address OSINT 4 Cyber Threat OSINT 1 Archive & Capture 1

Reporting Checkpoints

Before turning this workflow into a finding, make the chain of reasoning easy to audit.

What was observed?

Quote or summarize the source output and keep the original URL.

When was it observed?

Record collection time, page timestamps, and archive timestamps separately.

Why does it matter?

State the investigative relevance and whether it is direct evidence or a lead.

How was it confirmed?

List independent corroboration and note any uncertainty or gaps.