Shodan integration

As of this week, you can use you Shodan account to enrich your ShadowTrackr results.

The big difference with ShadowTrackr is that Shodan scans a large part of the hosts on internet and mostly focuses on ICS and IoT. So if Shodan scans a host, there will be more ports scanned and more port data available than you get from a ShadowTrackr scan. ShadowTrackr scans all your assets and all related infrastructure (not the entire internet) and tracks your historic data. So, in short: ShadowTrackr is more suited for discovering and monitoring your entire attack surface, Shodan is more suited for in-depth port scans and ICS/IoT. If you need more port data or expect to find ICS/IoT, then enabling the Shodan integration is useful.

Graphs available through API

You can now get the graphs from the ShadowTrackr GUI through the API.

The first option is to load it fullscreen as a rendered HTML page. This is useful if you want to embed it in another website or if you want to grab your own screenshots. Since it's a force-directed graph that is generated live you should wait a few second before taking the screenshot to get the best results.

The other option is grabbing just the data as a JSON formatted list of nodes and edges, and generate your own graph.

More details available in the API documentation.

More automated tags

Better detection of VPNs, IPs, Hosters, and Hotels has just gone live. If you find that your hosts are not properly categorized or are missing tags that you'd like to see, please let us know.

New options to detect login forms, especially insecure ones, are now in beta. You can read the fields "http_login_form" and "http_login_insecure" through the API. Or you can try this query to make them visible:

index=websites http_login_form=1

Proper visibility in the GUI and reports will follow when it's out of beta.