How to Use the Domain Search Engine
Step-by-step guide for using DigitalStakeout's Domain Search Engine to uncover linked IPs, subdomains, DNS records, certificates, and exposed infrastructure.
How to Use the Domain Search Engine
DigitalStakeout’s Domain Search Engine enables investigators and analysts to search billions of DNS and infrastructure records in real time. With integrated filters and cross-linked datasets, it supports fast identification of domain-based threats and digital attack surface exposures.
Primary Use Cases
- 🔎 Threat Hunting – Discover C2 infrastructure, phishing kits, or abuse indicators via DNS pivoting
- 🛡️ Brand Protection – Detect domain abuse, lookalikes, and fake branded assets
- ⚙️ Incident Response – Investigate IPs, domains, and certificate logs for rapid correlation
- 🌐 External Surface Mapping – Uncover exposed servers, IoT footprints, and public cloud leaks
- 📊 Due Diligence & Risk Analysis – Evaluate digital risk in M&A or supplier vetting scenarios
- 🔍 Competitive Intelligence – Understand domain activity patterns and web tech adoption
Searchable Indexes
You can explore the following indexed datasets with linked pivoting across selectors:
Index | Description |
---|---|
Registered Domains | 300M+ WHOIS-visible domains |
Forward DNS / Subdomains | 1.5B+ continuously refreshed hostname records |
Certificate Transparency Logs | Newly issued certificates tied to new or malicious domains |
Typosquat Domains | Lookalike and homoglyph-based phishing domains |
ASNs & Networks | IP-to-AS mappings and ISP attribution |
Frontpage Content | Snapshots of homepage-level HTML from popular domains |
IoT / Exposed Direct IPs | Web-exposed embedded devices and services on IPs |
Running a Search
1. Start a Query
- Navigate to Domain Search Engine in the console
- Enter domain, keyword, wildcard (e.g.
*.paypal.com
), or fuzzy search string (e.g.paypal.com~1
)
2. Filter Results
Use Load Console Filter and Edit Filter options to narrow results by:
- IP address
- Domain suffix
- Linked ASN
- Country
- Last seen date
- Certificate/WHOIS attributes
3. Pivot and Explore
Select any result to:
- View associated hostnames, IPs, and related infrastructure
- Pivot into different indexes or feed data into related modules (e.g. Profile Tracker, Monitor)
Advanced Search Examples
Search | Purpose |
---|---|
*.paypal.com | Discover all known subdomains |
paypal.com~1 | Fuzzy search to detect typosquatted clones |
"Certificate Transparency Logs" | Filter entries by newly logged certs |
Best Practices
- Combine keyword + DNS + cert data for fuller discovery.
- Bookmark frequent queries or use Saved Views.
- Use filters early to reduce overload from common domains.
- Monitor behavior over time — many threats emerge gradually.
Want to learn about features, coverage, and use cases?
Visit the Domain Search Engine product page on our main site.
Updated 1 day ago