{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,11,15]],"date-time":"2025-11-15T17:24:36Z","timestamp":1763227476330,"version":"build-2065373602"},"reference-count":56,"publisher":"MDPI AG","issue":"1","license":[{"start":{"date-parts":[[2025,1,15]],"date-time":"2025-01-15T00:00:00Z","timestamp":1736899200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"funder":[{"name":"Qassim University","award":["QU-APC-2024-9\/1"],"award-info":[{"award-number":["QU-APC-2024-9\/1"]}]}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Computers"],"abstract":"<jats:p>In recent years, cyberattacks have increased in sophistication, using a variety of tools to exploit vulnerabilities across the global digital landscapes. Among the most commonly used tools at an attacker\u2019s disposal are Google dorks, Shodan, and Censys, which offer unprecedented access to exposed systems, devices, and sensitive data on the World Wide Web. While these tools can be leveraged by professional hackers, they have also empowered \u201cScript Kiddies\u201d, who are low-skill, inexperienced attackers who use readily available exploits and scanning tools without deep technical knowledge. Consequently, cyberattacks targeting critical infrastructure are growing at a rapid rate, driven by the ease with which these solutions can be operated with minimal expertise. This paper explores the potential for cyberattacks enabled by these tools, presenting use cases where these platforms have been used for both offensive and defensive purposes. By examining notable incidents and analyzing potential threats, we outline proactive measures to protect against these emerging risks. In this study, we delve into how these tools have been used offensively by attackers and how they serve defensive functions within cybersecurity. Additionally, we also introduce an automated all-in-one tool designed to consolidate the functionalities of Google dorks, Shodan, and Censys, offering a streamlined solution for vulnerability detection and analysis. Lastly, we propose proactive defense strategies to mitigate exploitation risks associated with such tools, aiming to enhance the resilience of critical digital infrastructure against evolving cyber threats.<\/jats:p>","DOI":"10.3390\/computers14010024","type":"journal-article","created":{"date-parts":[[2025,1,15]],"date-time":"2025-01-15T04:42:08Z","timestamp":1736916128000},"page":"24","update-policy":"https:\/\/doi.org\/10.3390\/mdpi_crossmark_policy","source":"Crossref","is-referenced-by-count":4,"title":["Hacking Exposed: Leveraging Google Dorks, Shodan, and Censys for Cyber Attacks and the Defense Against Them"],"prefix":"10.3390","volume":"14","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-4400-5140","authenticated-orcid":false,"given":"Abdullah","family":"Alabdulatif","sequence":"first","affiliation":[{"name":"Department of Cybersecurity, College of Computer, Qassim University, Buraydah 52571, Saudi Arabia"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-7761-2035","authenticated-orcid":false,"given":"Navod Neranjan","family":"Thilakarathne","sequence":"additional","affiliation":[{"name":"Department of ICT, Faculty of Technology, University of Colombo, Colombo 00700, Sri Lanka"}]}],"member":"1968","published-online":{"date-parts":[[2025,1,15]]},"reference":[{"key":"ref_1","unstructured":"IoT Analytics (2024, October 27). State of IoT 2024: Number of connected IoT devices growing 13% to 18.8 Billion Globally. Available online: https:\/\/iot-analytics.com\/number-connected-iot-devices\/."},{"key":"ref_2","unstructured":"(2024, October 27). AI and the Global \u2018Datasphere\u2019: How Much Information Will Humanity Have By 2025?. Available online: https:\/\/www.datauniverseevent.com\/en-us\/blog\/general\/AI-and-the-Global-Datasphere-How-Much-Information-Will-Humanity-Have-By-2025.html."},{"key":"ref_3","unstructured":"LinkedIn (2024, October 27). Are Your Smart Devices Putting Your Company at Risk? A Guide to Securing Your Connected Future. Available online: https:\/\/www.linkedin.com\/pulse\/your-smart-devices-putting-company-risk-guide-securing-connected-iiwsf\/."},{"key":"ref_4","unstructured":"(2024, October 27). Cyber Security Breach Statistics 2024. Available online: https:\/\/www.stationx.net\/cyber-security-breach-statistics\/."},{"key":"ref_5","unstructured":"Palo Alto Networks (2024, October 27). The 2024 Benchmark Report on IoT Security. Available online: https:\/\/www.paloaltonetworks.com\/resources\/research\/the-2024-benchmark-report-on-iot-security."},{"key":"ref_6","unstructured":"Evolve Security (2024, October 27). The Actual Cost of Cybercrime. Available online: https:\/\/www.evolvesecurity.com\/blog-posts\/actual-cost-of-cybercrime."},{"key":"ref_7","doi-asserted-by":"crossref","unstructured":"Kanakasabai, J.N., Othman, S.H., Siraj, M.M., Rahman, M.H., and Darus, M.Z.A. (2023, January 13\u201315). Google Dorking Commands-based Approach for Assisting Forensic Investigators in Gender Identification of Social Media Text Data. Proceedings of the 2023 3rd International Conference on Intelligent Cybernetics Technology & Applications (ICICyTA), Denpasar, Indonesia.","DOI":"10.1109\/ICICyTA60173.2023.10428736"},{"key":"ref_8","doi-asserted-by":"crossref","first-page":"255","DOI":"10.1007\/978-3-319-40667-1_13","article-title":"Google Dorks: Analysis, Creation, and New Defenses","volume":"Volume 9721","author":"Caballero","year":"2016","journal-title":"Detection of Intrusions and Malware, and Vulnerability Assessment"},{"key":"ref_9","doi-asserted-by":"crossref","unstructured":"Phulre, A.K., Kamble, M., and Phulre, S. (2020, January 28\u201329). Content Management Systems hacking probabilities for Admin Access with Google Dorking and database code injection for web content security. Proceedings of the 2nd International Conference on Data, Engineering and Applications (IDEA), Bhopal, India.","DOI":"10.1109\/IDEA49133.2020.9170655"},{"key":"ref_10","doi-asserted-by":"crossref","unstructured":"Evangelista, J.R.G., Sassi, R.J., and Romero, M. (2022). Google Hacking Database Attributes Enrichment and Conversion to Enable the Application of Machine Learning Techniques. Res. Sq.","DOI":"10.21203\/rs.3.rs-1995597\/v1"},{"key":"ref_11","first-page":"59","article-title":"The Attack Vector on the Critical Information Infrastructure of the Fuel and Energy Complex Ecosystem","volume":"3035","author":"Korneev","year":"2021","journal-title":"CEUR Workshop Proc."},{"key":"ref_12","doi-asserted-by":"crossref","first-page":"4","DOI":"10.1016\/S1353-4858(09)70025-X","article-title":"Google hacking 101","volume":"2009","year":"2009","journal-title":"Netw. Secur."},{"key":"ref_13","unstructured":"Matherly, J. (2024, December 01). Complete Guide to Shodan. Available online: https:\/\/ia800705.us.archive.org\/17\/items\/shodan-book-extras\/shodan\/shodan.pdf."},{"key":"ref_14","doi-asserted-by":"crossref","unstructured":"Bada, M., and Pete, I. (2020, January 14\u201316). An exploration of the cybercrime ecosystem around Shodan. Proceedings of the 2020 7th International Conference on Internet of Things: Systems, Management and Security (IOTSMS), Paris, France.","DOI":"10.1109\/IOTSMS52051.2020.9340224"},{"key":"ref_15","doi-asserted-by":"crossref","unstructured":"Mulero-Palencia, S., and Baeza, V.M. (2023). Detection of Vulnerabilities in Smart Buildings Using the Shodan Tool. Electronics, 12.","DOI":"10.3390\/electronics12234815"},{"key":"ref_16","doi-asserted-by":"crossref","unstructured":"Rae, J.S., Chowdhury, M.M., and Jochen, M. (2019, January 20\u201322). Internet of Things Device Hardening Using Shodan.io and ShoVAT: A Survey. Proceedings of the 2019 IEEE International Conference on Electro Information Technology (EIT), Brookings, SD, USA.","DOI":"10.1109\/EIT.2019.8834072"},{"key":"ref_17","doi-asserted-by":"crossref","first-page":"114","DOI":"10.1016\/j.ijcip.2014.03.001","article-title":"Evaluation of the ability of the Shodan search engine to identify Internet-facing industrial control devices","volume":"7","author":"Bodenheim","year":"2014","journal-title":"Int. J. Crit. Infrastruct. Prot."},{"key":"ref_18","first-page":"1044","article-title":"A Study of Exposure of IoT Devices in India: Using Shodan Search Engine","volume":"Volume 672","author":"Bhateja","year":"2018","journal-title":"Information Systems Design and Intelligent Applications"},{"key":"ref_19","doi-asserted-by":"crossref","unstructured":"Albataineh, A., and Alsmadi, I. (2019, January 10\u201312). IoT and the Risk of Internet Exposure: Risk Assessment Using Shodan Queries. Proceedings of the 2019 IEEE 20th International Symposium on \u201cA World of Wireless, Mobile and Multimedia Networks\u201d (WoWMoM), Washington, DC, USA.","DOI":"10.1109\/WoWMoM.2019.8792986"},{"key":"ref_20","doi-asserted-by":"crossref","unstructured":"Bennett, C., Abdou, A., and Van Oorschot, P.C. (2021, January 25). Empirical Scanning Analysis of Censys and Shodan. Proceedings of the 2021 Workshop on Measurements, Attacks, and Defenses for the Web, Virtual.","DOI":"10.14722\/madweb.2021.23009"},{"key":"ref_21","doi-asserted-by":"crossref","unstructured":"Daskevics, A., and Nikiforova, A. (2021, January 15\u201317). ShoBeVODSDT: Shodan and Binary Edge based vulnerable open data sources detection tool or what Internet of Things Search Engines know about you. Proceedings of the 2021 Second International Conference on Intelligent Data Science Technologies and Applications (IDSTA), Tartu, Estonia.","DOI":"10.1109\/IDSTA53674.2021.9660818"},{"key":"ref_22","doi-asserted-by":"crossref","first-page":"2696","DOI":"10.1002\/sec.1262","article-title":"ShoVAT: Shodan-based vulnerability assessment tool for Internet-facing services","volume":"9","author":"Genge","year":"2016","journal-title":"Secur. Comm. Netw."},{"key":"ref_23","doi-asserted-by":"crossref","unstructured":"Zolotykh, M. (2021, January 13\u201314). Study of Crawlers of Search Engine \u2018Shodan.io\u2019. Proceedings of the 2021 Ural Symposium on Biomedical Engineering, Radioelectronics and Information Technology (USBEREIT), Yekaterinburg, Russia.","DOI":"10.1109\/USBEREIT51232.2021.9455018"},{"key":"ref_24","doi-asserted-by":"crossref","unstructured":"Fern\u00e1ndez-Caram\u00e9s, T.M., and Fraga-Lamas, P. (2020). Teaching and Learning IoT Cybersecurity and Vulnerability Assessment with Shodan through Practical Use Cases. Sensors, 20.","DOI":"10.3390\/s20113048"},{"key":"ref_25","doi-asserted-by":"crossref","first-page":"1563","DOI":"10.1007\/s10586-021-03330-3","article-title":"Vulnerability assessment of industrial systems using Shodan","volume":"25","author":"Alsmadi","year":"2022","journal-title":"Clust. Comput"},{"key":"ref_26","doi-asserted-by":"crossref","unstructured":"Al-Alami, H., Hadi, A., and Al-Bahadili, H. (2017, January 6\u20137). Vulnerability scanning of IoT devices in Jordan using Shodan. Proceedings of the 2017 2nd International Conference on the Applications of Information Technology in Developing Renewable Energy Processes & Systems (IT-DREPS), Amman, Jordan.","DOI":"10.1109\/IT-DREPS.2017.8277814"},{"key":"ref_27","doi-asserted-by":"crossref","unstructured":"Munir, R., Mufti, M.R., Awan, I., Hu, Y.F., and Disso, J.P. (2015, January 24\u201326). Detection, Mitigation and Quantitative Security Risk Assessment of Invisible Attacks at Enterprise Network. Proceedings of the 2015 3rd International Conference on Future Internet of Things and Cloud, Rome, Italy.","DOI":"10.1109\/FiCloud.2015.24"},{"key":"ref_28","doi-asserted-by":"crossref","first-page":"75359","DOI":"10.1109\/ACCESS.2020.2988691","article-title":"Exploring Shodan from the Perspective of Industrial Control Systems","volume":"8","author":"Chen","year":"2020","journal-title":"IEEE Access"},{"key":"ref_29","doi-asserted-by":"crossref","first-page":"261","DOI":"10.1007\/978-981-15-6048-4_23","article-title":"IOT Search Engines: Study of Data Collection Methods","volume":"Volume 1188","author":"Saeed","year":"2021","journal-title":"Advances on Smart and Soft Computing"},{"key":"ref_30","doi-asserted-by":"crossref","unstructured":"Durumeric, Z., Adrian, D., Mirian, A., Bailey, M., and Halderman, J.A. (2015, January 12\u201316). A Search Engine Backed by Internet-Wide Scanning. Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security, Denver, CO, USA.","DOI":"10.1145\/2810103.2813703"},{"key":"ref_31","doi-asserted-by":"crossref","unstructured":"Lee, S., Shin, S.-H., and Roh, B. (2017, January 4\u20137). Abnormal Behavior-Based Detection of Shodan and Censys-Like Scanning. Proceedings of the 2017 Ninth International Conference on Ubiquitous and Future Networks (ICUFN), Milan, Italy.","DOI":"10.1109\/ICUFN.2017.7993960"},{"key":"ref_32","doi-asserted-by":"crossref","unstructured":"Fagroud, F.Z., Lahmar, E.H.B., Amine, M., Toumi, H., and El Filali, S. (2019, January 23\u201324). What does mean search engine for IOT or IOT search engine. Proceedings of the 4th International Conference on Big Data and Internet of Things, Rabat, Morocco.","DOI":"10.1145\/3372938.3372958"},{"key":"ref_33","doi-asserted-by":"crossref","unstructured":"Ueda, T., Sasaki, T., Yoshioka, K., and Matsumoto, T. (2022, January 23\u201326). An Internet-Wide View of Connected Cars: Discovery of Exposed Automotive Devices. Proceedings of the 17th International Conference on Availability, Reliability and Security, Vienna, Austria.","DOI":"10.1145\/3538969.3543802"},{"key":"ref_34","first-page":"602","article-title":"Characterizing Google Hacking: A First Large-Scale Quantitative Study","volume":"Volume 152","author":"Tian","year":"2015","journal-title":"International Conference on Security and Privacy in Communication Networks"},{"key":"ref_35","doi-asserted-by":"crossref","unstructured":"Lee, S., Im, S., Shin, S.-H., Roh, B., and Lee, C. (2016, January 19\u201321). Implementation and vulnerability test of stealth port scanning attacks using ZMap of censys engine. Proceedings of the 2016 International Conference on Information and Communication Technology Convergence (ICTC), Jeju, Republic of Korea.","DOI":"10.1109\/ICTC.2016.7763561"},{"key":"ref_36","unstructured":"Krebs on Security (2024, November 15). As Scope of 2012 Breach Expands, LinkedIn to Again Reset Passwords for Some Users. Available online: https:\/\/krebsonsecurity.com\/2016\/05\/as-scope-of-2012-breach-expands-linkedin-to-again-reset-passwords-for-some-users\/."},{"key":"ref_37","doi-asserted-by":"crossref","unstructured":"Lee, N. (2024). Cyberattacks, Prevention, and Countermeasures. Counterterrorism and Cybersecurity, Springer International Publishing.","DOI":"10.1007\/978-3-031-63126-9_10"},{"key":"ref_38","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1145\/3546068","article-title":"A Systematic Analysis of the Capital One Data Breach: Critical Lessons Learned","volume":"26","author":"Khan","year":"2023","journal-title":"ACM Trans. Priv. Secur."},{"key":"ref_39","unstructured":"UpGuard (2024, November 15). Losing Face: Two More Cases of Third-Party Facebook App Data Exposure. Available online: https:\/\/www.upguard.com\/breaches\/facebook-user-data-leak."},{"key":"ref_40","doi-asserted-by":"crossref","first-page":"19","DOI":"10.34190\/iccws.17.1.29","article-title":"Don\u2019t Drink the Cyber: Extrapolating the Possibilities of Oldsmar\u2019s Water Treatment Cyberattack","volume":"17","author":"Cervini","year":"2022","journal-title":"ICCWS"},{"key":"ref_41","doi-asserted-by":"crossref","first-page":"32","DOI":"10.1080\/09636412.2022.2040584","article-title":"Cyber Operations, Accommodative Signaling, and the De-Escalation of International Crises","volume":"31","author":"Lonergan","year":"2022","journal-title":"Secur. Stud."},{"key":"ref_42","unstructured":"Lehman, G., and Maras, P. (2024, December 01). Cyber-Attack Against Ukrainian Power Plants. Prykarpattyaoblenergo and Kyivoblenergo. Available online: https:\/\/nsarchive.gwu.edu\/media\/15331\/ocr."},{"key":"ref_43","unstructured":"API Security News (2024, November 18). Issue 111: API Vulnerabilities in AWS, Tesla Backup Gateway, Twitter. Available online: https:\/\/apisecurity.io\/issue-111-api-vulnerabilities-aws-tesla-backup-gateway-twitter\/."},{"key":"ref_44","unstructured":"(2024, November 18). Hackers Are Targeting Internet-Connected Gas Stations. Available online: https:\/\/www.vice.com\/en\/article\/hackers-are-targeting-internet-connected-gas-stations\/."},{"key":"ref_45","doi-asserted-by":"crossref","unstructured":"Margolis, J., Oh, T.T., Jadhav, S., Kim, Y.H., and Kim, J.N. (2017, January 24\u201325). An In-Depth Analysis of the Mirai Botnet. Proceedings of the 2017 International Conference on Software Security and Assurance (ICSSA), Altoona, PA, USA.","DOI":"10.1109\/ICSSA.2017.12"},{"key":"ref_46","unstructured":"Palo Alto Networks (2024, November 18). The Right Approach to Zero Trust Security for Medical IoT Devices. Available online: https:\/\/www.paloaltonetworks.com\/resources\/whitepapers\/right-approach-zero-trust-medical-iot."},{"key":"ref_47","doi-asserted-by":"crossref","unstructured":"Alshamsi, O., Shaalan, K., and Butt, U. (2024). Towards Securing Smart Homes: A Systematic Literature Review of Malware Detection Techniques and Recommended Prevention Approach. Information, 15.","DOI":"10.3390\/info15100631"},{"key":"ref_48","doi-asserted-by":"crossref","unstructured":"McGrath, J.K. (2018). Will Updated Electricity Infrastructure Security Protect the Grid? A Case Study Modeling Electrical Substation Attacks. Infrastructures, 3.","DOI":"10.3390\/infrastructures3040053"},{"key":"ref_49","first-page":"554","article-title":"Smart Meter Security: Vulnerabilities, Threat Impacts, and Countermeasures","volume":"Volume 935","author":"Lee","year":"2019","journal-title":"Proceedings of the 13th International Conference on Ubiquitous Information Management and Communication (IMCOM) 2019, Phuket, Thailand, 4\u20136 January 2019"},{"key":"ref_50","unstructured":"Cyberintel Magazine (2024, November 18). Dahua Cameras That Haven\u2019t Been Fixed Are Susceptible to Unauthenticated Remote Access. Available online: https:\/\/cyberintelmag.com\/iot\/dahua-cameras-that-havent-been-fixed-are-susceptible-to-unauthenticated-remote-access\/."},{"key":"ref_51","doi-asserted-by":"crossref","first-page":"613","DOI":"10.1108\/IMDS-08-2020-0462","article-title":"Cybersecurity awareness training programs: A cost\u2013benefit analysis framework","volume":"121","author":"Zhang","year":"2021","journal-title":"Ind. Manag. Data Syst."},{"key":"ref_52","doi-asserted-by":"crossref","first-page":"939","DOI":"10.1002\/asi.24311","article-title":"How integration of cyber security management and incident response enables organizational learning","volume":"71","author":"Ahmad","year":"2020","journal-title":"J. Assoc. Inf. Sci. Technol."},{"key":"ref_53","unstructured":"Theseus (2024, November 19). The Role of Security Patch Management in Vulnerability Management. Available online: https:\/\/www.theseus.fi\/handle\/10024\/511059."},{"key":"ref_54","doi-asserted-by":"crossref","unstructured":"Alabdulatif, A., and Thilakarathne, N.N. (2024). A Novel Cloud-Enabled Cyber Threat Hunting Platform for Evaluating the Cyber Risks Associated with Smart Health Ecosystems. Appl. Sci., 14.","DOI":"10.3390\/app14209567"},{"key":"ref_55","doi-asserted-by":"crossref","unstructured":"Elhoseny, M., Thilakarathne, N.N., Alghamdi, M.I., Mahendran, R.K., Gardezi, A.A., Weerasinghe, H., and Welhenge, A. (2021). Security and Privacy Issues in Medical Internet of Things: Overview, Countermeasures, Challenges and Future Directions. Sustainability, 13.","DOI":"10.3390\/su132111645"},{"key":"ref_56","doi-asserted-by":"crossref","first-page":"124891","DOI":"10.1016\/j.eswa.2024.124891","article-title":"Image privacy protection scheme based on high-quality reconstruction DCT compression and nonlinear dynamics","volume":"257","author":"Lin","year":"2024","journal-title":"Expert Syst. Appl."}],"container-title":["Computers"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.mdpi.com\/2073-431X\/14\/1\/24\/pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,10,8]],"date-time":"2025-10-08T10:29:04Z","timestamp":1759919344000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.mdpi.com\/2073-431X\/14\/1\/24"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025,1,15]]},"references-count":56,"journal-issue":{"issue":"1","published-online":{"date-parts":[[2025,1]]}},"alternative-id":["computers14010024"],"URL":"https:\/\/doi.org\/10.3390\/computers14010024","relation":{},"ISSN":["2073-431X"],"issn-type":[{"type":"electronic","value":"2073-431X"}],"subject":[],"published":{"date-parts":[[2025,1,15]]}}}