To become a hacker or Pen-Tester, the following are some search engines hackers and pen-testers must know and use; these search engines are not regular.
These are more advanced search engines streamlined to meet specific parameters.
We will look at different search engines and how to use them.
Shodan.io
Shodan is the world’s first search engine for internet-connected devices.
Most search engines are text indexes allowing a search for content based on keywords.
Shodan maintains servers across the globe and scans internet-connected devices, harvesting the banners of whatever is running on the servers.
Before Shodan, scanning, indexing the ports and services running, and then searching for internet-connected devices at the internet’s scope and scale was impossible.
Shodan made it possible by generating a random IP, Port, checking the random IP and port, and then repeating the process.
Get started here.
wigle.net
Wigle consolidates the location and information of wireless networks worldwide to a central database.
Wigle has a user-friendly desktop and web applications that can map, query, and update the database.
Wigle can help you track WIFI around you and their details; this is relatively awesome if you intend to hack the WIFI of a particular service or organization.
Check here to see how I created a WIFI cracker in 10 mins.
Get started here
Hunter.io
Hunter.io works by searching and indexing emails on company websites across the internet. Hunter.io will log the common email patterns for the email addresses it finds and apply that logic to the websites its users are searching.
HUnter.io is a good recognizant model for building a database of emails of your targeted subject.
Job finders can also use this to get emails from the company they intend to send Cvs, which might be cool.
Get started here
Vulners.com
Vulners.com is the security database containing descriptions of many software vulnerabilities in a machine-readable format. Cross-references between bulletins and updating the database keep you abreast of the latest information security threats.
Vulners shows you the updated vulnerability of software, zero-day threats, and news. It also gives you the best way to attack that system.
Get started here
Crt.sh
crtsh allows getting information about an HTTPS website. e.g., Search subdomains. This tool uses Certificate Transparency logs.
Crt gives detailed knowledge on whether a site has a certificate, making it easy for a pen tester to know how best to attack.
Crt has a GUI Graphical User Interface, making it easy for beginners to navigate.
Get started here
fullhunt.io
FullHunt is the next-generation attack surface management platform. FullHunt enables companies to discover all of their attack surfaces, monitor them for exposure, and continuously scan them for the latest security vulnerabilities.
Fullhunt.io is incredible for finding vulnerable surfaces.
Get started here
Searchcode.com
Search code helps you find code binaries and real-world examples of functions, APIs, and libraries in 243 languages across 10+ public codes.
Pentesters can study codes to find loopholes by advanced programmers and PenTesters. Still, for beginners, this might be too complex to work on.
Get started here