SecurityTrails Blog

Introducing the SecurityTrails API™ PHP Wrapper
An API can be accessed in different ways, via your browser or your command line, but the easiest way is by using an API wrapper. While API access points may change over time, using an API wrapper will ensure the way you call the API always remains the same in your code.

Exploring Watering Hole Attacks: Tactics, Examples and Prevention
In order to survive, cybercrime must evolve. Cybersecurity experts are constantly working on tools, tactics and practices to monitor, prevent and respond to threats, patch vulnerabilities and avoid zero day threats. And while technology is constantly evolving, cybercriminals are constantly creating new attacks to fit the trends as well as tweak existing attacks to avoid detection.

Introducing Regex (RLIKE) Support for Hostnames in SQL Explorer
A couple of months ago we were delighted to share big news about one of the hottest features of SurfaceBrowser™: SQL Explorer. Introducing this new SQL-based feature allowed many of our customers to perform classic SQL-based queries against our massive infosec database and all its host and IP attributes.

Understanding Data Loss Prevention - DLP
Data loss has long been a serious issue for businesses of all sizes. Yet despite growing awareness surrounding the issue — and the security measures taken to prevent it — the number of data breaches continues to grow every year. Even worse, losing data isn’t only just losing data: it also brings with it financial impact, loss of customer trust, corporate liability, loss of current and future business, and often some very hefty legal fines.

Recon Safari #2: Looking at the OSINT Behind Fake US Census Bureau Domains
Just recently, we came across a flash alert released by the FBI concerning 63 domains that were impersonating the US Census Bureau. We were intrigued and wanted to investigate further, so for our second Recon Safari we’re going to look at what OSINT data we can uncover from these spoofed domains.

Shodan: Diving into the Google of IoT Devices
In this day and age, IoT devices are just about anywhere and everywhere. It’s not uncommon to find a smart TV, a WiFi router or even a webcam in the garage—not to mention all the other internet-connected devices we use every day.

Why It’s Important to Play in the Safe Zone and Use a Sandbox
Imagine an operating system without much security. Installing any new program would be risky business—it could replace your system files, discover passwords, even delete everything. Sounds like a nightmare? Well, that’s what a sandbox can prevent.

Attack Surface Mapper - A Tool for Boosting Your Reconnaissance Process
Are you aware of your infrastructure’s weakest spots? Attackers surely are. Target reconnaissance is one of their first steps toward getting full insight into an objective, one that will eventually develop into a complete attack strategy to compromise assets.

Managing Cyber Exposure One of Security’s Most Dangerous Perils
Security professionals today constantly need to appease the growing number of digital assets on a network: cloud platforms, containers, web applications, IoT devices, operational technologies, and the list goes on. The more assets one has, the more opportunities for malicious actors to break defenses and get access to sensitive data.

Recon Safari #1: A Closer Look at Friendemic’s Data Breach
We’ve been having some Friday fun running SecurityTrails Recon Safari on Twitter. Over the past few months, we’ve conducted over 30 successful investigations that were easy to research thanks to SecurityTrails API™ and SurfaceBrowser™. And as a result, Recon Safari began in the form of long Twitter threads, eventually evolving into fun and digestible infographics, ultimately followed by a writeup on our blog.