Hacking Exposed: Leveraging Google Dorks, Shodan, and Censys for Cyber Attacks and the Defense Against Them
In recent years, cyberattacks have increased in sophistication, using a variety of tools to exploit vulnerabilities across the global digital landscapes. Among the most commonly used tools at an attacker’s disposal are Google dorks, Shodan, and Censys, which offer unprecedented access to exposed sys...
Saved in:
| Main Authors: | , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
MDPI AG
2025-01-01
|
| Series: | Computers |
| Subjects: | |
| Online Access: | https://www.mdpi.com/2073-431X/14/1/24 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1832588780386648064 |
|---|---|
| author | Abdullah Alabdulatif Navod Neranjan Thilakarathne |
| author_facet | Abdullah Alabdulatif Navod Neranjan Thilakarathne |
| author_sort | Abdullah Alabdulatif |
| collection | DOAJ |
| description | In recent years, cyberattacks have increased in sophistication, using a variety of tools to exploit vulnerabilities across the global digital landscapes. Among the most commonly used tools at an attacker’s disposal are Google dorks, Shodan, and Censys, which offer unprecedented access to exposed systems, devices, and sensitive data on the World Wide Web. While these tools can be leveraged by professional hackers, they have also empowered “Script Kiddies”, who are low-skill, inexperienced attackers who use readily available exploits and scanning tools without deep technical knowledge. Consequently, cyberattacks targeting critical infrastructure are growing at a rapid rate, driven by the ease with which these solutions can be operated with minimal expertise. This paper explores the potential for cyberattacks enabled by these tools, presenting use cases where these platforms have been used for both offensive and defensive purposes. By examining notable incidents and analyzing potential threats, we outline proactive measures to protect against these emerging risks. In this study, we delve into how these tools have been used offensively by attackers and how they serve defensive functions within cybersecurity. Additionally, we also introduce an automated all-in-one tool designed to consolidate the functionalities of Google dorks, Shodan, and Censys, offering a streamlined solution for vulnerability detection and analysis. Lastly, we propose proactive defense strategies to mitigate exploitation risks associated with such tools, aiming to enhance the resilience of critical digital infrastructure against evolving cyber threats. |
| format | Article |
| id | doaj-art-84a0bbe15cae42e78a96b32899d9b2e7 |
| institution | Kabale University |
| issn | 2073-431X |
| language | English |
| publishDate | 2025-01-01 |
| publisher | MDPI AG |
| record_format | Article |
| series | Computers |
| spelling | doaj-art-84a0bbe15cae42e78a96b32899d9b2e72025-01-24T13:27:54ZengMDPI AGComputers2073-431X2025-01-011412410.3390/computers14010024Hacking Exposed: Leveraging Google Dorks, Shodan, and Censys for Cyber Attacks and the Defense Against ThemAbdullah Alabdulatif0Navod Neranjan Thilakarathne1Department of Cybersecurity, College of Computer, Qassim University, Buraydah 52571, Saudi ArabiaDepartment of ICT, Faculty of Technology, University of Colombo, Colombo 00700, Sri LankaIn recent years, cyberattacks have increased in sophistication, using a variety of tools to exploit vulnerabilities across the global digital landscapes. Among the most commonly used tools at an attacker’s disposal are Google dorks, Shodan, and Censys, which offer unprecedented access to exposed systems, devices, and sensitive data on the World Wide Web. While these tools can be leveraged by professional hackers, they have also empowered “Script Kiddies”, who are low-skill, inexperienced attackers who use readily available exploits and scanning tools without deep technical knowledge. Consequently, cyberattacks targeting critical infrastructure are growing at a rapid rate, driven by the ease with which these solutions can be operated with minimal expertise. This paper explores the potential for cyberattacks enabled by these tools, presenting use cases where these platforms have been used for both offensive and defensive purposes. By examining notable incidents and analyzing potential threats, we outline proactive measures to protect against these emerging risks. In this study, we delve into how these tools have been used offensively by attackers and how they serve defensive functions within cybersecurity. Additionally, we also introduce an automated all-in-one tool designed to consolidate the functionalities of Google dorks, Shodan, and Censys, offering a streamlined solution for vulnerability detection and analysis. Lastly, we propose proactive defense strategies to mitigate exploitation risks associated with such tools, aiming to enhance the resilience of critical digital infrastructure against evolving cyber threats.https://www.mdpi.com/2073-431X/14/1/24Google dorksShodanCensysscript kiddiescyber securityvulnerability scanning |
| spellingShingle | Abdullah Alabdulatif Navod Neranjan Thilakarathne Hacking Exposed: Leveraging Google Dorks, Shodan, and Censys for Cyber Attacks and the Defense Against Them Computers Google dorks Shodan Censys script kiddies cyber security vulnerability scanning |
| title | Hacking Exposed: Leveraging Google Dorks, Shodan, and Censys for Cyber Attacks and the Defense Against Them |
| title_full | Hacking Exposed: Leveraging Google Dorks, Shodan, and Censys for Cyber Attacks and the Defense Against Them |
| title_fullStr | Hacking Exposed: Leveraging Google Dorks, Shodan, and Censys for Cyber Attacks and the Defense Against Them |
| title_full_unstemmed | Hacking Exposed: Leveraging Google Dorks, Shodan, and Censys for Cyber Attacks and the Defense Against Them |
| title_short | Hacking Exposed: Leveraging Google Dorks, Shodan, and Censys for Cyber Attacks and the Defense Against Them |
| title_sort | hacking exposed leveraging google dorks shodan and censys for cyber attacks and the defense against them |
| topic | Google dorks Shodan Censys script kiddies cyber security vulnerability scanning |
| url | https://www.mdpi.com/2073-431X/14/1/24 |
| work_keys_str_mv | AT abdullahalabdulatif hackingexposedleveraginggoogledorksshodanandcensysforcyberattacksandthedefenseagainstthem AT navodneranjanthilakarathne hackingexposedleveraginggoogledorksshodanandcensysforcyberattacksandthedefenseagainstthem |