Advanced Search Engines

Ishani — Wed, 05 Feb 2025 12:12:34 +0000

Today I was amazed by what these search engines can do
https://www.shodan.io/
Shodan search engine presents internet connected devices. What does this mean for me? I can find live servers running with specific versions, find IoT devices etc.

https://search.censys.io/
This amazing engine provides searching of hosts, websites, certificates, mail servers, databases etc.

Now what are the use cases for me as a researcher?

Identify the exposed services that could be an entry point for an attack
detect systems with outdated software or vulnerable protocols
ensure compliance of infrastructure with security policies
investigate malicious IP addresses, server configurations, open ports

https://haveibeenpwned.com/
Do I want to know if my email address is in a data breach, this engine will tell me how many data breaches and how many times it was pasted. Quite fancy

https://www.virustotal.com/gui/home/upload
Virustotal is a really great place to check if a website is safe to visit, also let you upload doubtful files and it will tell you if it is malicious. Moreover it can search for a hash, domain and IP address

Mastering the Art of Search: Tips

Ishani — Mon, 03 Feb 2025 20:09:53 +0000

Improving my search skills has been a key part of my cybersecurity journey. Here’s what I’ve learned about using Google Search more effectively.

"phrase" Can get pages with specific phrase ex: "travel adapter UK"
site: Specify the domain name so that you can limit the search to that domain ex: site:amazon.com men shoes
minus sign to avoid search results ex: cyber security training -GRC
filetype: find a file type instead of a webpage ex: sql injections filetype:pdf

These are not the only ones, there are so many other useful operators like

intitle:
inurl:
related:
cache:
OR
define:
allinurl:
intext:

DEV Community: Ishani

Advanced Search Engines

Mastering the Art of Search: Tips