#Exploring the World of Internet-Connected Devices
Introduction: Unlocking the Secrets of Device Search Engines
In today’s interconnected world, the vast array of internet-connected devices presents both opportunities and challenges. While these devices enhance convenience and productivity, they also pose security risks if not properly secured. Device search engines have emerged as powerful tools to explore and monitor these devices, providing valuable insights for cybersecurity professionals, researchers, and law enforcement agencies. In this beginner’s guide, we delve into the world of device search engines, exploring their functionality, applications, and ethical considerations.
Understanding Device Search Engines: How They Work
Device search engines operate by crawling the internet for publicly accessible devices and network components. These search engines index information about devices such as computers, printers, video recorders, and NAS servers, making it possible to search for specific devices or vulnerabilities. While the primary users of these systems are cybersecurity professionals and researchers, they are also utilized by law enforcement agencies and, Hackers.
Exploring the Top Device Search Engines
Shodan: The Pioneer in Device Search
Shodan is hailed as the world’s first search engine for internet-connected devices. Its user-friendly interface allows users to search for devices based on various parameters such as city, country, operating system, and open ports. Shodan’s extensive database and powerful search capabilities make it a valuable tool for discovering exposed devices and potential vulnerabilities.
Shodan have it’s own command line interface. Also there is interesting tool using Shodan Api called SearchDiggity.
Example of use:
Find Apache servers in New York:
apache city:"New York"Find Nginx servers in Germany:
nginx country:"DE"Find Cisco devices on a particular subnet:
cisco net:"216.219.143.0/24"The basic search filters you can use:
city: find devices in a particular citycountry: find devices in a particular countrygeo: you can pass it coordinateshostname: find values that match the hostnamenet: search based on an IP or /x CIDRos: search based on operating systemport: find particular ports that are openbefore/after: find results within a timeframe
Censys: Discover, Monitor, Analyze
Censys is a comprehensive platform designed to help information security practitioners discover, monitor, and analyze devices accessible from the internet. With its intuitive search interface, users can search for hosts based on specific criteria such as HTTP server headers, protocols, and geographic location. Censys provides valuable insights into the internet’s evolving landscape, enabling proactive security measures.
Example of use:
Search for hosts with the HTTP Server Header “Apache” in Germany
80.http.get.headers.server: Apache and location.country_code: DElocation.country_code: DE and protocols: ("23/telnet" or "21/ftp")ZoomEye: Cyberspace Search Engine
ZoomEye is a versatile cyberspace search engine that records information about devices, websites, services, and components. Its extensive search filters allow users to narrow down results based on application, location, port, operating system, and more. ZoomEye’s intuitive interface and robust search capabilities make it a valuable asset for cybersecurity professionals seeking to monitor and analyze internet-connected assets.
Example of use:
Search by application:
app: application nameSearch by location:
country: country code (for example: UK, IT, ES, FR, CN, JP..)
city: name of city
Search by port:
port: port number
Search by OS:
os: name of the operating system (for example os:linux)
Search by service:
service: service name
Search by hostname:
hostname: hostname (for example hostname:google.com)
Search by IP Address:
ip: ip address (for example ip:8.8.8.8)
Search by CIDR:
cidr: cidr segment (for example cidr:8.8.8.8/24)
Search by site:
site: domain name (for example site:google.com)
Search by HTTP Headers:
headers: headers in HTTP request
Search by SEO keywords:
keywords: keywords defined inside <meta name="Keywords">
Search by description:
desc: description inside <meta name="description">
Search by title:
title: title inside <title>FoFa: The Chinese Equivalent of Shodan
FoFa is often referred to as the Chinese equivalent of Shodan and offers similar functionality with a focus on the Chinese market. Its search filters allow users to refine results based on titles, headers, IP addresses, protocols, and more. FoFa’s client version provides additional features and flexibility for advanced users seeking specific information about internet-connected devices.
Example of use:
Search for websites with specific titles:
title="abc"title="abc"
header="abc"
body="abc"
domain="qq.com"
host=".gov.cn"
port="443"
ip="1.1.1.1"
protocol="https"
city="Beijing"
region="Zhejiang"
country="CN"
cert="google.com"
banner=users && protocol=ftp
type=service
os=windows
server=="Microsoft-IIS/7.5"IVRE: Open-Source Network Reconnaissance
IVRE is an open-source framework for network reconnaissance, leveraging well-known tools such as Nmap, Zmap, Masscan, Bro, and p0f. IVRE gathers network intelligence, stores it in a MongoDB database, and provides tools for analysis. While IVRE requires installation and configuration, it offers unparalleled flexibility and customization for users seeking comprehensive network reconnaissance capabilities.
Example of use:
This tool is not available to the public. You need to install, configure, and gather data on your own before use.
Ethical Considerations and Best Practices
While device search engines offer valuable insights into internet-connected devices, it’s essential to use them responsibly and ethically. Avoid accessing devices without authorization or exploiting vulnerabilities for malicious purposes. Instead, focus on leveraging these tools to identify and mitigate security risks, enhance network visibility, and promote cybersecurity awareness.
Conclusion: Navigating the World of Device Search Engines
As the internet continues to evolve, device search engines play a crucial role in monitoring, analyzing, and securing internet-connected devices. By understanding how these search engines work and employing best practices, cybersecurity professionals can stay ahead of emerging threats and protect critical assets. Whether you’re a seasoned researcher or a novice enthusiast, exploring the world of device search engines offers endless possibilities for learning and discovery.