
Let’s start by clarifying that DuckDuckGo (DDG) isn’t exactly a search engine. In fact, it’s more of an aggregator that compiles answers from various search engines. It utilizes search results from Yahoo, Bing, Yummly, Yandex, Wikipedia, and hundreds of other “reliable” sources.
This characteristic makes DuckDuckGo (DDG) very accurate when the sources contain information specifically related to the query. It easily provides comprehensive answers to queries like “linux df”, “long happy life”, “Java InterruptedException”, or even “is it raining”. However, once you enter something more complex that isn’t found in DDG’s sources, the results will look disappointing, especially when compared to Google.
One of the main features of DuckDuckGo (DDG) is its Instant Answers, a more complex mechanism built on information sources. This is an excellent starting point to discuss this unique service.
Instant Answers
What DuckDuckGo refers to as Instant Answers is actually quite similar to Google’s suggestion feature: if a user enters a specific query and the search engine knows the exact answer, it will display it on the screen without requiring the user to click further.
The difference here is that Instant Answers follows simple well-known rules and can be expanded by users. The DuckDuckGo Instant Answers catalog contains about 1,200 scripts, enabling the search engine to provide information in response to a wide variety of queries, most of which are technical in nature.
DuckDuckGo can provide a quick reference for Linux commands in response to the query linux cheat sheet, find the necessary Debian packages (such as debian version vim), display your location information (where am i), show instructions on how to delete your account from various services (delete my facebook account), tell you who’s currently in orbit (people in space), decode emoji meanings ((O_o)), and even display Chuck Norris jokes (chuck norris jokes).
From a technical standpoint, it’s a fairly rudimentary system that often fails if you slightly alter the search query. However, in experienced hands, DuckDuckGo (DDG) can accomplish a lot, transforming into a fully functional command line.

The Ultimate Command Line
DuckDuckGo’s instant answers include many features that are not directly related to search. One example is cheat sheets like the linux cheat sheet, javascript cheat sheet, vim cheat sheet, and many others. Essentially, these are hardcoded into the search engine, so it doesn’t need to access external resources to display them.
There are also much more intriguing examples.
IP Addresses, URLs, DNS Records, and Email Address Validation
The simplest query to DuckDuckGo might look like this:
ip
It displays your IP address, location, and even postal code. This straightforward information can be accessed without visiting external websites.
A more complex query:
dns records xakep.ru
It will display DNS records related to the domain xakep.ru. Simple and elegant.
If desired, you can also ping xakep.ru:
is xakep.ru down
Find information about our Twitter:
@xakepru
Or verify the validity of an email address belonging to one of its editors:
validate zobnin@gmail.com
Want to shorten a long link to an article from xakep.ru? No problem:
shorten https://xakep.ru/2017/02/23/bitlocker-hacking/
Roll it back? Easy:
expand https://is.gd/8TIGsL
You can even generate a QR code to quickly open the link on your phone:
qr https://is.gd/8TIGsL
All of this can be done without needing to visit external websites or install browser extensions. Simple and straightforward.
Password and Hash Generator
DuckDuckGo can help you if you need a strong password of a specific length:
password 10
It can even generate a passphrase:
random passphrase
Or encode the data using the Base64 algorithm:
base64 encode <text>
Need a hash? Nothing could be easier. Take your pick:
md5 <text>
sha <text>
If you already have a hash but don’t know which algorithm was used to generate it, that’s not an issue:
hash <hash>

Programming
DuckDuckGo’s features designed for programmers aren’t limited to cheatsheets and automatically displaying answers from Stack Overflow. There are other tools as well.
Looking to find the right Python module in the PyPI repository? It’s easy:
python pyhub
Looking for information on a specific jQuery method? You’ve got it:
jquery .ajaxsuccess
Not sure if you’ve written the regular expression correctly? Here’s how to check it:
regex /(?x: (w+) s (w+) )/ hacker magazine
What about complex equations? Sure, Google can handle simple calculations like two plus two, but this one is definitely beyond its capabilities:
compute Integral Of X^2 Dx Solve X+2>3x
In fact, you can even write a script without leaving the main DDG page:
python syntax highlighter
Send this request, and you’ll get a full-fledged editor with Python syntax highlighting. Unfortunately, you won’t be able to run the application.
HTML Codes, Colors, and CSS
DuckDuckGo is not only programmer-friendly but also caters to web developers and designers. They have a color chart available (although, to be fair, it’s a subpar 16-bit color chart).
color codes
CSS Color Chart:
css colors
And here is the HTML character table:
html chars
With the ability to search for the desired character:
html dollar

Additional Handy Features
DuckDuckGo can handle more than just formulas, search for packages, and generate passwords and hash sums. It can respond to a wide variety of other queries as well. For instance, it can find information about file extensions:
file .txt
Understanding the numerical representation of permissions in UNIX-like operating systems:
chmod 755
Convert lowercase letters to uppercase and vice versa:
uppercase xakep.ru
lowercase XAKEP.RU
There is a built-in calendar:
calendar
Timer:
countdown 10m
And the stopwatch:
stopwatch
There’s even a function for creating banners using ASCII characters:
figlet xakep.ru

Bang Searches
All these features are implemented through the same Instant Answers mechanism. You enter a query and immediately receive an answer right on the search results page. But what if you need multiple options instead of a single specific answer? For instance, the “best” answer from Stack Overflow might not suit your needs. For such cases, DDG offers the bang query mechanism.
Bang queries are one of the most well-known and frequently used features of DuckDuckGo. The concept is quite simple: if you want to find information on a specific website, there’s no need to visit it and look for the search bar. You can simply do the following:
!so Java InterruptedException
And DuckDuckGo will redirect you to the Stack Overflow answer page. Similarly, you can search on Twitter (!twitter), eBay (!ebay), YouTube (!yt), Facebook (!facebook), and on 9,000 other websites.
Interestingly, Chrome has a similar feature: you type in the website’s name, press space, and enter your search query. However, Chrome requires you to visit the site at least once before the feature works. In contrast, bang queries will function even if you’re using a browser that doesn’t store your activity data (such as Tor Browser or Brave), or if you’re running an operating system like Tails from a USB stick.
Search Operators
Like Google, DuckDuckGo supports operators that allow you to refine your search. For instance, you can use them to search for a specific phrase on a designated website:
gentoo kernel panic site:linux.org.ru
Or find only specific types of files:
android security report f:.pdf
Or search using page titles without considering their content:
intitle:"iphone 8"
In a query, you can immediately exclude words that don’t interest you:
intitle:"iphone 8" -android
And of course, there are the operators “and” and “and/or”:
(apple)AND((macos)OR("os x"))
This query will find all pages containing “apple macos” or “apple os x.”
Settings
DuckDuckGo has another significant advantage — a well-developed settings system that allows you to modify a wide range of parameters. You can change everything from the appearance of the search window (with six themes available and the option to create your own) and the default mapping service, to HTTPS settings (enabled by default) and ad display options (yes, ads can be disabled through standard settings).

Keyboard Shortcuts
- Down/Up — navigate to the next/previous search result;
- Left/Right — navigate through quick answers;
- / or h — jump to the search bar;
- t — go to the top of the page;
- o — open the selected result;
- Ctrl + Enter or Cmd + Enter — open the selected result in a background tab;
- d — search for a phrase within the selected result’s site.
Conclusions
DuckDuckGo is definitely not the best search engine in the world, so it’s not exactly something to recommend to all your friends. However, it is a great tool that can replace various web services and make life easier for a programmer, web developer, or even a “Hacker” magazine editor. And, of course, DuckDuckGo won’t track you.

2022.06.01 — Routing nightmare. How to pentest OSPF and EIGRP dynamic routing protocols
The magic and charm of dynamic routing protocols can be deceptive: admins trust them implicitly and often forget to properly configure security systems embedded in these protocols. In this…
Full article →
2022.06.01 — Cybercrime story. Analyzing Plaso timelines with Timesketch
When you investigate an incident, it's critical to establish the exact time of the attack and method used to compromise the system. This enables you to track the entire chain of operations…
Full article →
2023.07.07 — VERY bad flash drive. BadUSB attack in detail
BadUSB attacks are efficient and deadly. This article explains how to deliver such an attack, describes in detail the preparation of a malicious flash drive required for it,…
Full article →
2022.01.11 — Pentest in your own way. How to create a new testing methodology using OSCP and Hack The Box machines
Each aspiring pentester or information security enthusiast wants to advance at some point from reading exciting write-ups to practical tasks. How to do this in the best way…
Full article →
2023.02.21 — Pivoting District: GRE Pivoting over network equipment
Too bad, security admins often don't pay due attention to network equipment, which enables malefactors to hack such devices and gain control over them. What…
Full article →
2022.06.01 — First contact. Attacks on chip-based cards
Virtually all modern bank cards are equipped with a special chip that stores data required to make payments. This article discusses fraud techniques used…
Full article →
2022.01.12 — First contact. Attacks against contactless cards
Contactless payment cards are very convenient: you just tap the terminal with your card, and a few seconds later, your phone rings indicating that…
Full article →
2022.02.09 — Dangerous developments: An overview of vulnerabilities in coding services
Development and workflow management tools represent an entire class of programs whose vulnerabilities and misconfigs can turn into a real trouble for a company using such software. For…
Full article →
2023.07.20 — Evil modem. Establishing a foothold in the attacked system with a USB modem
If you have direct access to the target PC, you can create a permanent and continuous communication channel with it. All you need for this…
Full article →
2023.07.07 — Evil Ethernet. BadUSB-ETH attack in detail
If you have a chance to plug a specially crafted device to a USB port of the target computer, you can completely intercept its traffic, collect cookies…
Full article →