Clearnet

The Clearnet module in our system is a cutting-edge Open Source Intelligence (OSINT) engine that automatically leverages thousands of advanced Google dorks (search queries) to uncover sensitive, exposed, or misconfigured information related to your organization. Unlike manual searches, our system executes these queries at scale across all your monitored domains and consolidates the results into a structured, prioritized dashboard.

This transforms ordinary Google search into a powerful security reconnaissance capability, enabling organizations to detect leaked data, vulnerable files, misconfigurations, or exposed assets on the public internet before attackers exploit them.

In short: our system weaponizes open search to protect your enterprise.

How It Works

1. The system runs 8,000 predefined dorks across your registered domains.

2. Each dork corresponds to a category of exposure (e.g., passwords, sensitive directories, vulnerable servers).

3. The results are aggregated in the dashboard under clearly defined categories, each with a severity level (Low, Medium, High, Critical).

4. Analysts can immediately click on a category (e.g., Files Containing Passwords) to drill into the specific findings.

This approach ensures complete visibility into internet-facing risks sourced directly from search engine data.

Dashboard Categories & What They Mean

Each card on the Clearnet Dashboard represents a specific exposure category discovered via dorks. Examples include:

• Foothold (The Severity): Indicates potential initial access points, such as exposed resources that may allow deeper exploitation.

• Files Containing Usernames (The Severity): Detects files with usernames, posing risks if combined with leaked credentials.

• Sensitive Directories (The Severity): Finds private or critical directories accessible via search, which could lead to data compromise.

• Web Server Detection (The Severity): Identifies exposed details about web servers, including versions that may have known vulnerabilities.

• Vulnerable Files (The Severity): Highlights files accessible online that attackers can exploit.

• Vulnerable Servers (The Severity): Flags servers with weaknesses discoverable via public search.

• Error Messages (The Severity): Shows error responses revealing configuration details useful to attackers.

• Files Containing Passwords (The Severity): Detects plaintext passwords — one of the most dangerous exposures.

• Sensitive Online Shopping Info (The Severity): Identifies exposed financial or e-commerce data.

• Network or Vulnerability Data (Medium): Reveals misconfigurations or exploitable network data.

• Pages Containing Login Portals (The Severity): Detects accessible login portals that could be brute-forced or phished.

• Various Online Devices (The Severity): Lists internet-connected devices that may be misconfigured or exposed.

• Advisories and Vulnerabilities (The Severity): Finds public alerts tied to known weaknesses in your tech stack.

• Code Repositories (The Severity): Detects exposed source code repositories that may contain secrets or exploitable code.

• Paste Sites (The Severity): Finds credentials or code snippets shared on pastebin-like platforms.

• File Sharing (The Severity): Flags online file-sharing locations that may hold sensitive data.

Why It’s Powerful

• Breadth: Executes thousands of dorks automatically, something analysts cannot do manually at scale.

• Depth: Covers everything from exposed code to login portals, ensuring no digital footprint is left unchecked.

• Prioritization: Severity ratings (Low → Critical) allow teams to focus efforts on the most dangerous exposures.

• Proactive Defense: Detects risks before adversaries weaponize them.