Aseem Shrey Profile picture
Mar 27, 2022 8 tweets 4 min read Read on X
Top 7 #Shodan Dorks :

A thread 🧵👇
1️⃣ Search for secret API keys publicly exposed on websites :
ex : Searching for slack API token on all the scanned websites

http.html:"xoxb-"
2️⃣ Search using 'favicon' hash :
- One of the most accurate way of finding services

ex- Find all jenkins server : http.favicon.hash:81586312

A list of favicon hashes : github.com/sansatart/scra…

shodan.io/search?query=h…
3️⃣ Search using website's title :

ex - Find all grafana dashboards

http.title:"Grafana"
4️⃣ Search services vulnerable to a particular CVE :

ex - Search all machines vulnerable to 'eternal blue'. vuln:ms17-010

or

Search a particular CVE :
ex - Services that are vulnerable to Heartbleed
vuln:CVE-2014-0160

Note:This is only available to users of higher API plan
5️⃣ Search for a particular port + service :

ex - SSH on port 22 or 3333
ssh port:22,3333
or
proftpd port:21

You can use this to find services on non-standard port.

Like : ssh -port:22

ssh which is not on port 22
6️⃣ Search for a particular OS :

e.g. Checking for vulnerable win 10 home version

os:"Windows 10 Home 19041"
7️⃣ Combine filters to generate more targeted results

e.g. All windows 7 machines in India

country:"IN" os:"windows 7"

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with Aseem Shrey

Aseem Shrey Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @AseemShrey

Apr 12, 2022
A 3 step process to finding and reporting critical secrets :

🧵👇
1️⃣ Find secrets :

➡ Look into source control like Github, gitlab etc

Use github dorks for more directed searches. Like github.com/techgaun/githu…
➡ Search for secrets in commit history and full organisation by trufflehog : github.com/trufflesecurit…
Read 10 tweets
Feb 18, 2022
7 Things To Get Started With Android Pentesting :

A Thread 🧵👇
1️⃣ Get the APK
Download from :
apkpure.com
apkmirror.com
aptoide.en.aptoide.com
en.uptodown.com/android
apps.evozi.com/apk-downloader/ (Downloads from PlayStore)
Note: These are 3rd party sites, hence, install only on your testing device/emulator.
↪ Get apk from your own device using android adb :

Find app in PlayStore using a 'browser'. URL of the app contains the package name.

1. Connect your device to your laptop.
2. Enable 'USB debugging' on your device

Run the commands : stackoverflow.com/a/18003462
Read 11 tweets
Jun 17, 2021
Android Hacking | Deeplink Issues | What, Why & How

➤ What, Why, How of Deeplink ?
➤ Hacking Deeplinks - Insecure URL Validation
➤ Finding, exploiting and fixing them
➤ Demo

#android #hacking #bugbounty #hackingsimplified
🧵👇
1. What's a Deeplink ?

In context of mobile apps, deeplinks are URLs that send users to a certain point in the app.

For example : If you click this :

fb://profile/100009566573630

It would open my facebook profile on your FB mobile app.

Hosted Link : bl.ocks.org/LuD1161/raw/1c… Image
2. Why are they used ?

Increase user engagement on the app.

e.g. Email Marketing
A company can have their deeplink URIs sent in emails and would want to redirect users into the app from there.

Detailed Read : clevertap.com/blog/5-reasons…
Read 9 tweets

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Don't want to be a Premium member but still want to support us?

Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Or Donate anonymously using crypto!

Ethereum

0xfe58350B80634f60Fa6Dc149a72b4DFbc17D341E copy

Bitcoin

3ATGMxNzCUFzxpMCHL5sWSt4DVtS8UqXpi copy

Thank you for your support!

Follow Us!

:(