Security is Everyone's Job
These search engines are designed to index internet-connected devices and services, and provide information such as IP addresses, open ports, operating systems, vulnerabilities, and more.
Shodan: Shodan is the world’s first search engine for internet-connected devices. It can discover everything from power plants, mobile phones, refrigerators and Minecraft servers. It can also help monitor network exposure, track threats, and perform penetration testing
Censys: Censys is similar to Shodan, but it also collects data on internet-connected servers and web domains. It can identify server versions, routers, OS versions, web application firewalls, unpatched bugs, and other details. It can also help improve online security by detecting device vulnerabilities and network leaks
ONYPHE: ONYPHE is a search engine that scans the internet to collect open-source and cyber-threat intelligence data. It cross-references the scanned data with information collected from website URLs. It can help identify and gather information on compromised devices
PublicWWW: PublicWWW is a search engine that can find websites that use specific code snippets, HTML tags, JavaScript libraries, text patterns, etc. It can also help security researchers identify sites associated with malware campaigns by querying campaign libraries
ZoomEye: ZoomEye is China’s first cyberspace search engine, powered by Knownsec. It can scan and find various service protocols and ports across the internet. It can also help security researchers analyze the attack surface of the internet
DeHashed: DeHashed is a search engine that allows you to view leaked credentials, such as email addresses, passwords, usernames, IP addresses, and more. You can use it to check if your accounts have been compromised or exposed in a data breach
Security Trails: Security Trails is a search engine that provides extensive DNS data, such as domain names, subdomains, IP addresses, WHOIS records, SSL certificates, and more. You can use it to discover the attack surface of any domain or IP address
DorkSearch: DorkSearch is a search engine that allows you to perform fast and efficient Google dorking. Google dorking is a technique that uses advanced search operators to find information that is not easily accessible on a website. You can use it to uncover sensitive data, hidden pages, vulnerable files, and more
ExploitDB: ExploitDB is a search engine that archives various exploits and corresponding vulnerable software. You can use it to find exploits for different platforms, languages, types, and ports. You can also submit your own exploits or request for specific ones