Skip to main content
Zondex
login
Browse Stats Pricing Blog Dorks How-To Docs
Tutorial 4 min read

How to Find Exposed Docker Daemon APIs

Locate Docker daemons with unauthenticated API access — a critical security risk.

1

Search for Docker API (HTTP)

Docker daemon API on port 2375 (unencrypted) — the most dangerous misconfiguration.

search port:2375 product:docker
lightbulb

An exposed Docker API = full root access on the host.

2

Search for Docker API (HTTPS)

Port 2376 is the TLS-encrypted Docker daemon port.

search port:2376 product:docker
3

Find by country

Focus on a specific region.

search port:2375 product:docker country:US

shield Remediation & Hardening

  • check_circle Never expose Docker daemon on 0.0.0.0 — bind to unix socket or localhost only
  • check_circle If remote access is needed, use TLS mutual authentication (--tlsverify)
  • check_circle Use Docker contexts instead of exposing the daemon directly
  • check_circle Consider using Portainer or Docker Swarm with proper auth instead
  • check_circle Monitor for unauthorized container creation

Try It Now

Search for Docker API across 85M+ indexed hosts — free, no registration required.

search Search Docker API

link Related Resources

label
Browse Tags Explore tagged services
code
Search Dorks Pre-built search queries
description
Search Syntax Query reference docs
router
Browse Ports Top ports by frequency
settings
Browse Services Services across the internet
bar_chart
Statistics Internet-wide data overview

More How-To Guides

school How to Find Exposed Redis Servers school How to Find Exposed MongoDB Databases school How to Find Exposed Elasticsearch Clusters school How to Find Exposed Jenkins Servers school How to Find Exposed RDP Servers school How to Find Exposed MySQL Databases school How to Find Exposed Kubernetes Clusters
support_agent
Zondex Support
Usually replies within minutes
Hi there!
Send us a message and we'll reply as soon as possible.