ShadowTrackr

Log in >
RSS feed

Tagging keywords

19 September 2021
Keyword monitoring can be very useful to track dataleaks, or just the general news on specific subjects. You don’t want to miss news about your company or maybe specific software or vulnerabilities.

For those general news cases, a simple keyword often is enough. But if you are monitoring a set of keywords related to a specific dataleak it’s hard to keep track over time. This is why we got a feature request to add tags to keywords. It’s implemented and keyword tagging is now available for all.

Match your hosts against a list of bad IPs

12 September 2021
One of the popular use cases for ShadowTrackr is to quickly match a list of IPs against your hosts. Lists of Cobalt Strike servers, list of vulnerable Fortinet servers, lists of exploitable Exchange servers …

ShadowTrackr keeps track of your current hosts and can easily export them. But next you had to compare the lists yourself. By hand. When you have to do the same thing regularly it is time to automate it. So, that’s what we did!

Under "Tools" in the left hand menu, there’s a new option: match-ips. You can paste your list of IPs here and ShadowTrackr will show you the matches found. Since often you get the IPs from sites like pastebin we’ve also included the option to drop in a url instead of the list with IPs. We’ll scrape and filter the ips from the url for you.

If you have more use cases like this where we can automate things for you, please let us know. Happy hunting!

Reliable weekly pdf and hello Sydney!

05 September 2021
Besides basic maintenance and bug fixes, not much happened during the summer. But now holidays are over and development has fully started again.

Today’s weekly report will be send with Sendgrid instead of directly from the ShadowTrackr server. It is becoming harder and harder to run a mailing without having your server occasionally blocked. It possible, but it just takes a lot of time that is better invested elsewhere. After a second client complained about not receiving the weekly, the decision was made. If this first run is a success, we’ll be moving mail notifications to Sendgrid as well. Please send a message if your weekly pdf is not in your mailbox on Monday morning.

Certificate scans are running great with the new engine and we hope to start scanning TLS certificates on more ports soon. But capacity has been an issue. The number of clients has been growing, and some have lots of certificates to scan. Even after optimisations the scanning nodes could not keep up. That means time to throw more hardware at it and a chance to add a new scan location: Sydney. The new location might result in existing clients detecting more cloud endpoints if you have services with a global profile on Azure of Amazon (which is good off course).
Older posts >

Overview
Use cases
Plans and pricing
FAQ
Resources
API
Blog
Documentation
Integrations
Shodan
OpenCTI
Company
About
Contact us
Legal & Policy