Dorks 🔎 Shodan Dorks Megalist – Part 2: Exposed Databases & Services

[dEEpEst]

---

Shodan Dorks Megalist – Part 2: Exposed Databases & Services

Created for Hack Tools Dark Community

---

Disclaimer: This content is for research and ethical testing only. Accessing or interacting with databases without explicit permission is illegal and unethical.

This section focuses on search filters to uncover open, misconfigured, or exposed database services indexed by Shodan. These often contain sensitive data or offer administrative access without credentials.

---

MySQL

• "product:MySQL"
• mysql port:"3306"

MongoDB

• "product:MongoDB"
• mongodb port:27017
• "MongoDB Server Information" port:27017 -authentication
• "Set-Cookie: mongo-express=" "200 OK"

Elasticsearch / Kibana

• port:9200 json
• port:9200 all:elastic
• port:9200 all:"elastic indices"
• kibana content-length:217

Redis

• "product:Redis"
• "product:Redis key-value store"

Memcached

• "product:Memcached"

CouchDB

• "product:CouchDB"
• port:"5984" "Server: CouchDB/2.1.0"

PostgreSQL

• "port:5432 PostgreSQL"

Cassandra

• "product:Cassandra"

Riak

• "port:8087 Riak"

---

PEM Certificate Exposures

• http.title:"Index of /" http.html:".pem"

---

Tor & Onion Sites

• onion-location

---

Next: Part 3 will cover Industrial Control Systems (ICS/SCADA), Electric Infrastructure, Telnet Devices, Smart Homes, and Maritime/Voting/Medical equipment.

---

Join the thread:

Have you found unprotected databases in the wild? Share sanitized findings or cool tricks using these queries.​