SecurityTrails Blog
DMitry: Diving Into an Old-School Information Gathering Tool
How much information about a target can you possibly get? Is there an invisible barrier that delimits when enough information is gathered? What about cross-checking results and looking for differences? Data retrieval results may vary, depending on the location source you’re running for the analysis.
Declaring War on Surface Area Sprawl
SecurityTrails got a big gut check at the beginning of last week. One of our Elasticsearch servers was unintentionally left open when an engineer was trying to fix an outage. This caused a series of self inflicted drama.
Top 30+ Best Blue Team Tools
We’re back to enriching your security toolkit, and this time we’re moving to the defensive side of security. Whether the best defense is a good offense, or the other way around, the truth is one can’t work without the other. That’s why the importance of having both red and blue teams in place and challenging each other, as well as maintaining an organization’s security posture, is crucial.
Incident: Re-generate API keys due to open Elasticsearch server
TL;DR: On Monday, June 29, 2020 we were notified by a security researcher that one of our Elasticsearch clusters was exposed to the Internet without any authentication. The configuration issue is resolved, but API usage logs may have been exposed.
Attack Surface Analysis: APT “à la carte”
Your company has assets. Those assets are very interesting to somebody. And now, that “somebody” has decided to take them. Congratulations! You’ve just been served to an APT, for lunch.
Top 100+ Best Security Companies in 2020
With organizations connecting their critical business operations and sensitive data to information technology systems, they rely on a number of networks, software, protocols and services. This makes detecting intrusion and threats increasingly challenging. And particularly when it’s necessary to determine the essential who, where, how and why before a threat results in an actual cyber attack, disrupting operations and compromising sensitive data.
Covert Channel Discovery: Understanding Network Extrusions
Based on a true series of events: “…I was ready to begin this long-awaited vacation at that awesome paradisical location I’ve been dreaming of for years. Oh no! The moment I stepped out of the room it hit me: I’d completely forgotten to send that incredibly urgent and important email before leaving home. This needs to be fixed right now! But how? Look at me, I’m at this oceanic hotel villa under a palm tree in the middle of nowhere. Internet pricing here is absurd, there’s no way I’ll pay for this… what can I do?”
Cyber Espionage: Cloak-and-Dagger in Cyberspace
Spies and the world of espionage have been around since the beginning of time. Information has always been power; even our predecessors knew it.
Masscan: A Fast and Scalable IP Port Scanner
Researchers require tools to make their investigations not only more effective, but also less mundane. Some tools are designed to automate repetitive tasks and other tools are designed to do things that wouldn’t be practical to do manually.
Phishing Toolkit: Top 20 Best Phishing Tools
Phishing is the most common type of social engineering attack, as well as one of the most frequent attack methods on the Internet in general. It’s a simple concept: creating a fake website that impersonates a legitimate one that the target frequents, and sending them a security notice that urges them to ‘click on the following link’—which then leads them to a fake website, where they’ll be prompted to log in.