Certificate Scan Errors

The TLS scan engine has been having some trouble in the last two weeks. For some certificates, scans could not be completed. This often resulted in an Error instead of a grade in the certificate report. I some cases, the scan results were missing entirely.

The errors have been fixed now, and the newly update scan engine has been running since October 10. It can still take a few days to catch up on all certificates, but by the end of this week all certificate errors should be gone. If you do still see them, please report it.

Tagging keywords

Keyword monitoring can be very useful to track dataleaks, or just the general news on specific subjects. You don’t want to miss news about your company or maybe specific software or vulnerabilities.

For those general news cases, a simple keyword often is enough. But if you are monitoring a set of keywords related to a specific dataleak it’s hard to keep track over time. This is why we got a feature request to add tags to keywords. It’s implemented and keyword tagging is now available for all.

Match your hosts against a list of bad IPs

One of the popular use cases for ShadowTrackr is to quickly match a list of IPs against your hosts. Lists of Cobalt Strike servers, list of vulnerable Fortinet servers, lists of exploitable Exchange servers …

ShadowTrackr keeps track of your current hosts and can easily export them. But next you had to compare the lists yourself. By hand. When you have to do the same thing regularly it is time to automate it. So, that’s what we did!

Under "Tools" in the left hand menu, there’s a new option: match-ips. You can paste your list of IPs here and ShadowTrackr will show you the matches found. Since often you get the IPs from sites like pastebin we’ve also included the option to drop in a url instead of the list with IPs. We’ll scrape and filter the ips from the url for you.

If you have more use cases like this where we can automate things for you, please let us know. Happy hunting!