ShadowTrackr
Log in >
$ and are used like any other query in the searchbar, API, reports and alerts. They can sometimes be combined with regular Query Syntax. You cannot do join-like statements in the ShadowTrackr query language, but if you need one just contact support and we'll fix it with a magic query for you.| Query | What it does | Extra keywords |
|---|---|---|
Query: $remote_login_services_report | What it does: Show on overview of all remote login services (like citrix, SSH and remote desktop) found for your assets | Extra keywords: last_seen, tags |
Query: $mailservers_report | What it does: An overview of your mailservers and their SPF/DKIM/DMARC settings | Extra keywords: last_seen, tags |
Query: $shared_hosting_report | What it does: Show which of your assets are using shared hosting, and where the hosts are | Extra keywords: last_seen, tags |
Query: $dns_dependency_report | What it does: Show which of your domains are using which nameservers | Extra keywords: last_seen |
Query: $non_webserver_hosts_report | What it does: Show hosts that have ports open other than 80 and 443 | Extra keywords: last_seen, tags |
Query: $rare_ports_report | What it does: Shows hosts that have uncommon ports open | Extra keywords: last_seen, tags |
Query: $isp_report | What it does: Provides an overview of all your hosts grouped by ISP | Extra keywords: last_seen, tags |
Query: $exposed_email_addresses_report | What it does: Shows all email addresses, where they where discovered, and what breaches they are in | Extra keywords: |
Query: $phishy_domains_report | What it does: Shows domains that look like yours and can be used to phish, with a phishyness score and details | Extra keywords: last_seen, tags |
Query: $software_overview_report | What it does: Shows an overview of all software (with and without versions) found on your assets | Extra keywords: last_seen, tags, url |
Query: $cisa_vulnerabilities_report | What it does: Shows vulnerabilities found on your assets that are in the CISA Common Vulnerabilities and Exposures (CVE) database | Extra keywords: last_seen, tags, url |
Query: $exploited_vulnerabilities_report | What it does: Shows vulnerabilities found on your assets that are known to be exploited | Extra keywords: last_seen, tags, url |
Query: $software_vulnerabilities_report | What it does: Shows all vulnerabilities found on your assets | Extra keywords: last_seen, tags, url |
Query: $stale_dns_records_report | What it does: Show DNS A and AAAA records that don't have a website or host associated with them | Extra keywords: last_seen, tags |
Query: $cloudprovider_report | What it does: Shows all cloud providers found for your assets | Extra keywords: last_seen, tags |
Query: $domains_report | What it does: An overview your domains, the number of mailservers per domain, and DNSSEC and SPF settings | Extra keywords: last_seen, tags |
Query: $internet_standards_report | What it does: The results of the Modern Internet Standards test (like internet.nl) for all your domains | Extra keywords: last_seen, tags |
Query: $blacklisted_assets_report | What it does: Overview of your assets listed on public blacklists | Extra keywords: last_seen |
Query: $websites_security_report | What it does: Shows Observatory security scores and details for all your websites | Extra keywords: last_seen, tags |
Query: $hosts_without_dns | What it does: Shows a list of hosts that don't have a DNS record associated with them | Extra keywords: last_seen |
Query: $urls_hosts_asns | What it does: Shows a list of URLs and the IP addresses and ASNs for them (a join you cannot make with the query language) | Extra keywords: last_seen |
Query: $weekly_pdf_report | What it does: The weekly PDF report send by email | Extra keywords: tags |
production, you would write:$weekly_pdf_report AND tags=production
$weekly_pdf_report AND (tags=production OR tags=staging)
$remote_login_services last_seen>-7d
$software_vulnerabilities_report last_seen>-7d url=shadowtrackr.com