Search Query Examples

SearchWebsites that require HTTPS connections
HTTP Strict-Transport-Security

SearchApache web servers
product:Apache

SearchServices that have the word "Apache" in their headings
Apache

SearchServices with a hostname containing either "google.com" OR "facebook.com"
hostname:google.com,facebook.com

SearchWebsites that have the word "Apache" in their HTML
http.html:Apache

SearchWebsites that are using the Bootstrap CSS framework
http.component:bootstrap

SearchWebsites that support TLS 1.3
ssl.version:tlsv1.3 HTTP

SearchServices that support SSLv2 and don't support TLS
ssl.version:sslv2 -ssl.version:tlsv1,tlsv1.2,tlsv1.3

SearchNon-HTTPS SSL services that were issued a certificate for *.google.com
ssl.cert.subject.cn:google.com -HTTP

SearchWebsites that support HTTP/2
ssl.alpn:h2

SearchSSL services (HTTPS, SMTPS, POP3S etc.) that were issued a certificate for *.google.com
ssl.cert.subject.cn:google.com

SearchSSH on port 22 OR 3333
ssh port:22,3333

SearchSSH on non-standard ports
ssh -port:22

SearchPublic VNC services hiding behind common web ports
has_screenshot:true rfb disabled port:80,443

SearchIndustrial control systems identified using machine learning
screenshot.label:ics

SearchSearch the OCR in Remote desktops for compromised by ransomware
has_screenshot:true encrypted attention

SearchIndustrial control systems running an industrial protocol (i.e. no web servers)
tag:ics

SearchServices that are vulnerable to Heartbleed
vuln:CVE-2014-0160

SearchCitrix devices in Germany, Switzerland or France that are vulnerable to CVE-2019-19781
vuln:CVE-2019-19781 country:DE,CH,FR