Security investigation tools

Investigate suspicious links, domains, and sign-ins faster.

IT Knowledge Bases provides free browser-based security tools for IT administrators and SOC analysts: a phishing URL scanner, Microsoft Safe Links decoder, DNS lookup, IP geolocation, RDAP domain lookup, and a network infrastructure mapper — plus practical guides for investigating real incidents.

Do not submit URLs containing passwords, API keys, private documents, session tokens, or other sensitive information.

Guided workflows

What are you investigating?

Use the workflow that matches the incident instead of relying on one tool or one detection.

Unknown or recently seen domain

Infrastructure documentation

Identify systems and dependencies → build the map

Practical security research

Evidence over inflated certainty.

ITKB tools are intended to support investigations, not replace professional judgment or authoritative vendor guidance.

Multiple investigation signals Review redirects, domains, IP ownership, forms, scripts, DNS data, and page behavior together.
Built for IT professionals Workflows are written for administrators, analysts, and security teams who need usable technical context.
Clear limitations A single score, location, or missing security header does not prove that a website is malicious.

Common questions

Frequently asked questions.

What is IT Knowledge Bases?

IT Knowledge Bases provides free browser-based security investigation tools and practical guides for IT administrators, SOC analysts, and security teams.

Is the phishing URL scanner free?

Yes. The public phishing URL scanner can be used without an account. Paid credits and API access are available for additional workflows.

Can I decode a Microsoft Safe Link without clicking it?

Yes. The Safe Link Decoder extracts the original destination from a supported Microsoft Safe Links URL without visiting the destination.

Do I need an account to use the tools?

No account is required for the public tools. Sign-in is used for private scanner features, purchased credits, and API access.

Is there an API for the phishing scanner?

Yes. IT Knowledge Bases offers API access for integrating URL analysis into security triage and automation workflows.

Latest analysis

Recent security writeups and guides

Practical investigations, vulnerability analysis, and defensive guidance for IT professionals.

Get practical security investigation guides

Receive useful ITKB guides, tool updates, and high-impact vulnerability alerts. No daily news flood.