SecurityTrails Blog
Top 13 Online Vulnerability Scanning Tools
Web apps and vulnerabilities go hand-in-hand. The best thing you can do is to not only patch vulnerabilities when your programmers find one, or when a third party cybersecurity company notifies you, but to also act in a proactive way—by setting up your own scheduled vulnerability scans.
Know your attacker: Speaking with Josh Kamdjou from Sublime Security
We’re all aware of the age-old debate among those in cybersecurity circles about who’s better, red team or blue team? The lighthearted “animosity” between red and blue teams can be fun, but the truth is, there is no benefit to picking sides, as both ultimately have the same goal — preventing cyber crimes.
How to generate & download custom subdomain lists
We’re back with new updates to our product SurfaceBrowser™.
WHOIS Lookup: The Hidden Key in Domain Infosec Investigations
It encompasses millions of users on the Internet. And it doesn’t matter if you’re a web designer, the owner of a car company, a photographer, a fast food restaurant manager, or any kind of business owner — you’re part of it even if you don’t know it.
Bringing Cybersecurity into Academia: We Talk with Patrik Hudak
The rise of cyberthreats, in both scale and technique, has brought an increased attention to and demand for cybersecurity. However, academia and the publication of academic papers, struggle to keep up with the frequent shifts in trends and methods. Coupled with the fact that many people interested in cybersecurity are working professionals who may not have the time to read more lengthy academic papers, we are seeing more people turn to conference papers and blog posts for this information.
IP Lookup: Exploring the Top 8 Ways to Perform an IP Address Lookup
Every machine located within a TCP/IP network (it could be a LAN -local network- or a Wan -the Internet-) has a uniquely assigned Internet Protocol address. This address is known as the IP address, or simply, the IP.
SecurityTrails Subdomain Finder Tools: The Fastest Way to Discover Subdomains in Your DNS Recon
For 99% of the times you’re performing intel gathering steps during infosec research or penetration testing, DNS reconnaissance is a primary course of action.
No Incident Unnoticed: Interview with Troy Mursch from Bad Packets Report
In 2017 we saw the rise of cryptojacking and botnet activity. Even through 2018, it showed no signs of stopping. Notably, we saw plenty of unique cryptojacking campaigns that targeted vulnerable MikroTik routers and Drupal websites, as well as other types of botnets that were Mirai-like aberrations.
DNS Toolbox: How to Perform a Full DNS Enumeration and Domain Research
As we’ve said before, DNS is still the heart and soul of the Internet. It’s the core service that makes everything work—without it the net wouldn’t be as widespread as it is today.
OSINT is Maturing: Our Interview with Steve Micallef from SpiderFoot
Only a few years back, OSINT wasn’t that widespread, but today advancements in the OSINT field have encouraged the constant growth of, not just the tools that are available, but also the community around it.