Have you heard about the DeadBolt attack targeting QNAP NAS devices? It's horrible! 😨 Netlas.io is scanning the internet right now. You can see how new encrypted devices appear almost in real time.
https://app.netlas.io/responses/?q=http.body%3A%22All%20your%20files%20have%20been%20locked%20by%20DeadBolt%22&page=1&indices=32%2C29

Subdomain Dictionaries – new datasets published last Friday. It is an aggregation of subdomains by different zones sorted by frequency of use.

The TOP-100 dictionary is free to all registered users. TOP 1K and 10K are also available for a small fee.
https://app.netlas.io/datastore/

Are you using a honeypot to secure your network? Internet scanners are good at detecting honeypots. Check if Netlas.io was able to uncover yours.

Tom Kraz posted a great review with search examples and practical tips. Huge thanks from the Netlas.io team! #Netlas_io_Hints
https://tkcyber.com/index.php/2022/02/23/what-is-netlas-and-how-to-use-it-in-2022/

Here is an interesting review of Netlas.io containing examples of use and comparison with shodan.io, censys.io, fofa.so, zoomeye.org and others
https://www.hackread.com/netlas-io-a-new-atlas-of-internet/

There were several requests to make a light theme. We hope you'll enjoy it!

Forward DNS datasets have been updated today. More than 2,1 billion of records!
https://app.netlas.io/datastore/

Meet the Birthday Netlas.io Release! Brand new Whois search tool, advanced support for popular IoT protocols, redesigned search examples followed by help articles and much more.
https://netlas.io/blog/tpost/ejektipnj1-netlas-v0160-release-notes

Did you know that Netlas IP whois database is also available through the API and CLI?
More importantly, you can purchase and download complete Netlas IP whois data collection from our datastore.
https://app.netlas.io/datastore/product/40/

High-profile vulnerabilities in PLC and HMI devices by AutomationDirect (CVE-2022-2003 - CVE-2022-2006) as seen on http://Netlas.io. The United States is the most affected.
#vulnerability_map

Netlas.io Dorks for finding sensitive IoT Data (adopted and little bit expanded "TOP Shodan Dorks for finding sensitive IoT data" by @0xhunster)

Try these dorks at https://app.netlas.io

Fresh 1-day vulnerabilities in VMware Workspace ONE Access, Identity Manager и vRealize Automation (CVE-2022-31656 - CVE-2022-31659) as seen on Netlas.io. CVSSv3 - 9,8!

http.body:"VMware vRealize Automation Appliance" OR http.favicon.hash_sha256:7eef5dc4dc1055c6e3e479a8ab95efbe0a11660fa7152d1163377bca7d2b8428

Netlas (sub)domain search will be available through OWASP Amass soon.
https://github.com/OWASP/Amass/pull/818

We have significantly improved Netlas Domain Resolver. The latest resolve brings much better quality 💪More than 2 billion domains resolved 🌎

Did you know google.com has more than 500 A-records?
https://app.netlas.io/domains/?q=domain%3Agoogle.com&page=1&indices=

Here is an interesting article by Rapid7 about CVE-2022-36804 (scored 8,8) related to Bitbucket Server:
https://attackerkb.com/topics/iJIxJ6JUow/cve-2022-36804/rapid7-analysis

And here is a good example of Netlas.io search query using versions for this CVE:
https://app.netlas.io/responses/?q=tag.atlassian_bitbucket.version%3A%5B7.6%20TO%207.6.17%5D%20OR%20tag.atlassian_bitbucket.version%3A%5B7.17%20TO%207.17.10%5D%20OR%20tag.atlassian_bitbucket.version%3A%5B7.21%20TO%207.21.4%5D%20OR%20tag.atlassian_bitbucket.version%3A%5B8.0%20TO%208.0.3%5D%20OR%20tag.atlassian_bitbucket.version%3A%5B8.1%20TO%208.1.3%5D%20OR%20tag.atlassian_bitbucket.version%3A%5B8.2%20TO%208.2.2%5D%20OR%20tag.atlassian_bitbucket.version%3A%5B8.3%20TO%208.3.1%5D&page=1&indices=

About 33% of the current scan completed. This time we have added support for DNS protocol (both TCP and UDP) and two more industrial protocols: Modbus and Siemens S7 communications.

https://app.netlas.io/responses/?q=protocol%3A(modbus%20OR%20s7%20OR%20dns)&page=1&indices=43

An interesting article on SecureList about Schneider Electric controllers vulnerabilities CVE-2020-28212, CVE-2021-22779 and flawed patch. More than 600 industrial controllers possibly affected according to our latest scan (~2/3 completed).

Here is the link to Netlas.io search: https://app.netlas.io/responses/?page=1&q=modbus.mei_response.objects.product_code.keyword%3A%2F%28BME%20%28H%7CP%29%29%7C%28BMX%20P34%29.%2A%2F

Dear Netlas.io users!

The Alpha testing phase is close to completion. There will be a major update to Netlas.io in a few days. This update opens the Beta phase. We believe that the core features of Netlas.io are stable and ready to use. We will continue to develop the service, but now it is extremely important for us to move on to monetization. So, the upcoming update will bring a subnoscription system. 💵📈

Read more about upcoming update: https://netlas.io/blog/tpost/xv2e7alik1-upcoming-beta-release

Netlas goes to the Beta testing phase.

We added new search tools - host summary and domain whois search, new protocols, privacy detection features and much more. But the general novation is a subnoscription system.

Read more: https://netlas.io/blog/tpost/ol3n2r3b41-netlas-v0180-release-notes

Fortinet appliances are in the spotlight today!

Authentication Bypass Technical Deep Dive (CVE-2022-40684) by Horizon3.ai: https://tinyurl.com/yc82pwut

Fortinet on Netlas.io:
👉🏼 Dork: tag.name:(fortinet OR fortigate_vpn)
👉🏼 Link to search: https://app.netlas.io/responses/?q=tag.name%3A(fortinet%20OR%20fortigate_vpn)&page=1&indices=

Favicon search is a rarely used but very powerful search tool! Sometimes this is the only way to identify an application.

Try it! It works great 🔎💪🤩

#howto