Search Engines
Search Engines
Web - Google Dorking
Cheatsheet: https://gist.github.com/sundowndev/283efaddbcf896ab405488330d1bbc06
Google Dorking is pretty versatile, is a good way to do a massive searching for files, parameters, etc. to extract sensitive or hidden information about the target organization.
There are operators like "cache," "allinurl," "inurl," "allintitle," "inanchor," "allinanchor," "link," "related," "info," and "location." Each operator is explained at the cheatsheet.
Examples
intitle:login site:eccouncil.org
This search command will find login pages on the ECCouncil.org website. Attackers and penetration testers can use this to identify potential targets for login page-based attacks.
EC-Council filetype:pdf ceh
This search command will retrieve PDF files related to EC-Council that contain the keyword "ceh." These files may provide valuable information about EC-Council's products and services and can potentially be exploited by attackers.
allinurl: EC-Council career
This search command restricts results to pages containing both the words "EC-Council" and "career" in the URL. It helps narrow down the search to pages specifically related to EC-Council careers.
allintitle: detect malware
This search command restricts results to pages containing both the words "detect" and "malware" in the title. It helps find pages specifically focused on detecting malware.
FTP Search - Napalm
Napalm is a File Transfer Protocol (FTP) search engines to gather information from FTP servers. which can contain valuable information about an organization. Various industries, institutions, companies, and universities use FTP servers to store large file archives and shared software among their employees.
Example:
There are some alternatives like https://www.freewareweb.com
IoT Search - Shodan
These search engines are designed to crawl the Internet and identify publicly accessible IoT devices. By using these platforms, we can extract crucial details about various IoT devices, including vulnerable ones.
To get this kind of information, the best tool is Shodan
Take some time to review the information provided in the search results. It can include information like SCADA system control, traffic control systems, household appliances, industrial appliances, CCTV cameras, and more.
Alternative:
Censys offers a range of features, including gathering manufacturer details, geographical location, IP address, hostname, open ports, and more. Feel free to explore Censys on your own to broaden your understanding of IoT search engines.
Last updated