ShadowTrackr

Log in >
RSS feed

Assets and suggestions overlap checks

13 November 2023
The biggest functional improvement this week is that assets and suggestions are cross-checked from now on. If a new asset is added, manually or through discovery, any suggestions about that same assets are automatically removed. The same goes for new suggestions. They are dropped if the suggested asset already exists.

If feels a bit odd that this is only added now and not much earlier. Thing is, it was not a problem in the past. Some accounts have gotten so big with so many related assets on the attack surface that now it had become a problem.

Again, this week's update had more improvements in software detection, and new scanner nodes were added. With the addition of nodes in Brazil, Italy and Sweden the total number of locations we scan from is now 14.

Custom internet standards report

05 November 2023
A lot of requests came in about customizing which urls are included in the internet standards report. By default, it only included all pay level domains ("shadowtrackr.com") and not subdomains ("twilightsparkle.shadowtrackr.com").

The reason for this is that daily checking all urls in ShadowTrackr would costs a lot of CPU and memory and is not sustainable at current price levels. I do very much understand that some pay level domains are not that interesting and some subdomains are. So, something needed to change.

As of this week you can edit the internet standards report. You can remove pay level domains in the edit function under reports, and you can add subdomains by clicking on the action menu (three dots, upper right) in the url page. Just pick "add to internet standards report".

Again, the infrastructure was upgraded. There were too much delays occurring in the database cluster so it has been moved to bigger servers and got some performance tweaks.

Lastly, a number of other code changes were moved into production. Besides bug fixes, the software detection has improved. Most notably for Cisco, vBulletin, Jira and Confluence.

Historical suggestions overview with undo

25 September 2023
Quite a few of you requested a historical overview of accepted and rejected suggestions. It's available now through the link (right top) on the suggestions page. It features an "undo" button to undo a previous accept or reject. You can also use the search bar to search suggestions and the undo button will appear in your search results too. Try this query to search for a specific domain:
index=suggestions url=*shadowtrackr.com.

The software detection engine got some updates, and the CVE reject bug (where a submitted and later rejected CVEs were shown in the vulnerabilities overview) is gone. Enjoy the new version :-)
Older posts >

Resources
API
Blog
Documentation
Integrations
Shodan
OpenCTI