ShadowTrackr

Log in >
RSS feed

More supplier detections, more software detection rules

24 November 2025
This week n bunch of new and improved detection rules have gone live, and more suppliers are detected. You can check out the suppliers yourself in the new suppliers index.

For now, it remains undocumented. When the software suppliers are added it's complete enough to be used, and it will be available as a report in the report library.

Sneak preview: supplier index

17 November 2025
To better prepare and handle supply chain attacks, you first need to have a list of your suppliers. For any reasonably sized company, this can be quite a challenge. ShadowTrackr already has quite a lot of data on your hosting providers, software (including SaaS) providers, certificate issuers, domain registrars and more. All this information will now be gathered in a separate index named "suppliers". Not everything is in there yet, so it's not production ready. But, if you are interested, you can have a sneak peak with this query: 

index=suppliers


Patched software overview

10 November 2025
The new vulnerabilities progress chart from last week is extended with a table showing which vulnerabilities from the previous week are no longer seen. If a vulnerability is no longer seen, it can be because it is patched, or because the website could not be scanned.

If a vulnerability is patched, you will see the new version number detected, or just the name of the software in cases where the version could not be determined. If the website could not be scanned because it was not up, or returned an error, the table shows "not seen". You can investigate the details yourself by clicking on the url.

The urls you see are specific for an ip address, since a website can be hosted on multiple servers. There are cases where your website runs in the cloud and appears on always changing ip addresses. In that case, the new cloud websites are compared against the old, and the comparison based on a specific ip address is not done.

There are probably some more edge cases that can result in weird results. If you find one, please report it :-)
Older posts >

Overview
Use cases
Plans and pricing
FAQ
Resources
API
Blog
Documentation
Integrations
Shodan
OpenCTI
Company
About
Contact us
Legal & Policy