Dear Netlas.io users!
The Alpha testing phase is close to completion. There will be a major update to Netlas.io in a few days. This update opens the Beta phase. We believe that the core features of Netlas.io are stable and ready to use. We will continue to develop the service, but now it is extremely important for us to move on to monetization. So, the upcoming update will bring a subnoscription system. 💵📈
Read more about upcoming update: https://netlas.io/blog/tpost/xv2e7alik1-upcoming-beta-release
The Alpha testing phase is close to completion. There will be a major update to Netlas.io in a few days. This update opens the Beta phase. We believe that the core features of Netlas.io are stable and ready to use. We will continue to develop the service, but now it is extremely important for us to move on to monetization. So, the upcoming update will bring a subnoscription system. 💵📈
Read more about upcoming update: https://netlas.io/blog/tpost/xv2e7alik1-upcoming-beta-release
🔥2🎉2👍1
Netlas goes to the Beta testing phase.
We added new search tools - host summary and domain whois search, new protocols, privacy detection features and much more. But the general novation is a subnoscription system.
Read more: https://netlas.io/blog/tpost/ol3n2r3b41-netlas-v0180-release-notes
We added new search tools - host summary and domain whois search, new protocols, privacy detection features and much more. But the general novation is a subnoscription system.
Read more: https://netlas.io/blog/tpost/ol3n2r3b41-netlas-v0180-release-notes
🎉3❤1
Fortinet appliances are in the spotlight today!
Authentication Bypass Technical Deep Dive (CVE-2022-40684) by Horizon3.ai: https://tinyurl.com/yc82pwut
Fortinet on Netlas.io:
👉🏼 Dork: tag.name:(fortinet OR fortigate_vpn)
👉🏼 Link to search: https://app.netlas.io/responses/?q=tag.name%3A(fortinet%20OR%20fortigate_vpn)&page=1&indices=
Authentication Bypass Technical Deep Dive (CVE-2022-40684) by Horizon3.ai: https://tinyurl.com/yc82pwut
Fortinet on Netlas.io:
👉🏼 Dork: tag.name:(fortinet OR fortigate_vpn)
👉🏼 Link to search: https://app.netlas.io/responses/?q=tag.name%3A(fortinet%20OR%20fortigate_vpn)&page=1&indices=
🔥5
ConnectWise Recover and R1Soft Server Backup Manager RCE bug (CVE-2022-36537) disclosure: https://tinyurl.com/ydresab7
They say: “there has been no evidence of exploitation in the wild”, but it is likely a matter of hours or days.
About 5,600 instances potentially affected.
Server Backup Manager on Netlas.io:
👉🏼 Dork: http.body:(("zk.wcs" OR "zk.wpd") AND ("Server Backup")) OR http.favicon.hash_sha256:b7b4ce41a9cc86e1923997f5324b476686c953e87e22424e8375eddeb65e63ec
👉🏼 Search link: https://app.netlas.io/responses/?q=http.body%3A…
They say: “there has been no evidence of exploitation in the wild”, but it is likely a matter of hours or days.
About 5,600 instances potentially affected.
Server Backup Manager on Netlas.io:
👉🏼 Dork: http.body:(("zk.wcs" OR "zk.wpd") AND ("Server Backup")) OR http.favicon.hash_sha256:b7b4ce41a9cc86e1923997f5324b476686c953e87e22424e8375eddeb65e63ec
👉🏼 Search link: https://app.netlas.io/responses/?q=http.body%3A…
Huntress
ConnectWise/R1Soft Server Backup Manager Remote Code Execution & Supply Chain Risks | Huntress
Huntress has validated an initial report for an authentication bypass and sensitive file leak present in the Java framework “ZK”, used within the ConnectWise R1Soft software Server Backup Manager SE.
🔥3🕊1
The OpenSSL punycode vulnerability (CVE-2022-3602): Overview, detection, exploitation, and remediation by Datadog Security Labs
OpenSSL 3.0.0 - 3.0.6 on Netlas.io:
👉🏼 Dork: tag.openssl.version:(>=3.0.0 AND <3.0.7)
👉🏼 Link to search: https://tinyurl.com/3d94dt6y
OpenSSL 3.0.0 - 3.0.6 on Netlas.io:
👉🏼 Dork: tag.openssl.version:(>=3.0.0 AND <3.0.7)
👉🏼 Link to search: https://tinyurl.com/3d94dt6y
👍2⚡1
Ron Bowes from Rapid7 published deep-dive into CVE-2022-41622 and CVE-2022-41800
https://tinyurl.com/ysfczh9e
F5 BIG-IP & BIG-IQ on Netlas.io:
👉🏼 Dork: tag.name:(f5_bigip OR f5_big_ip) OR http.favicon.hash_sha256:a8eef57d094fcf99bae2378eb2c2fc2fb15d12f856c028cc979c04451bee84c2
👉🏼 Link to search: https://tinyurl.com/26zn9jdf
https://tinyurl.com/ysfczh9e
F5 BIG-IP & BIG-IQ on Netlas.io:
👉🏼 Dork: tag.name:(f5_bigip OR f5_big_ip) OR http.favicon.hash_sha256:a8eef57d094fcf99bae2378eb2c2fc2fb15d12f856c028cc979c04451bee84c2
👉🏼 Link to search: https://tinyurl.com/26zn9jdf
Rapid7
CVE-2022-41622 and CVE-2022-41800 (FIXED): F5 BIG-IP and iControl REST Vulnerabilities and Exposures | Rapid7 Blog
👍2
Uncover v.1.0.0 by ProjectDiscovery.io was published today. This new release brings Netlas.io support.
So happy to be on board! 😃🎉💫
https://github.com/projectdiscovery/uncover/releases/tag/v1.0.0
So happy to be on board! 😃🎉💫
https://github.com/projectdiscovery/uncover/releases/tag/v1.0.0
🔥7👍2❤1👏1
Right now you can purchase Netlas.io subnoscription with an 80% discount for a month or even a year! In 5 days the prices will go up.
Choose your pricing plan:
https://app.netlas.io/plans/
Choose your pricing plan:
https://app.netlas.io/plans/
🔥4⚡1🎄1
Users of Zoho ManageEngine are being urged to patch their instances against CVE-2022-47966. This vulnerability allows an unauthenticated adversary to execute arbitrary code.
Zoho ManageEngine on Netlas.io:
👉🏼 Dork: tag.name:"manageengine_servicedesk"
👉🏼 Link to search: https://tinyurl.com/yuw2uucn
Zoho ManageEngine on Netlas.io:
👉🏼 Dork: tag.name:"manageengine_servicedesk"
👉🏼 Link to search: https://tinyurl.com/yuw2uucn
👍2🔥1👏1
Many thanks to Intercepter NG for the great post. An interesting use-case 👍👏
https://www.facebook.com/groups/1676741942723339/posts/1712949169102616/
We are pleased to give a six months Business subnoscription 🙏🎉 Join his FB group! There are a lot of pretty useful posts there.
https://www.facebook.com/groups/1676741942723339/posts/1712949169102616/
We are pleased to give a six months Business subnoscription 🙏🎉 Join his FB group! There are a lot of pretty useful posts there.
Facebook
Log in or sign up to view
See posts, photos and more on Facebook.
👍2👏1😁1
Critical CVE-2022-27596, SQL Injection in QNAP NAS appliances, CVSSv3: 9,8 🫣
The fix is available. Security advisory: https://www.qnap.com/en/security-advisory/qsa-23-01
Check if your networks are affected on Netlas.io (just correct an IP range): https://tinyurl.com/4pb4aaz9
The fix is available. Security advisory: https://www.qnap.com/en/security-advisory/qsa-23-01
Check if your networks are affected on Netlas.io (just correct an IP range): https://tinyurl.com/4pb4aaz9
QNAP Systems, Inc. - Network Attached Storage (NAS)
Vulnerability in QTS and QuTS hero - Security Advisory
QNAP designs and delivers high-quality network attached storage (NAS) and professional network video recorder (NVR) solutions to users from home, SOHO to small, medium businesses.
⚡4❤1👍1🆒1
JARM Support
Are you a threat hunter? If so, we are pleased to announce that the latest scan has brought JARM support for HTTPS protocol!
👉🏼 Use it in responses search: jarm:*
More about JARM fingerprinting: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a/
Are you a threat hunter? If so, we are pleased to announce that the latest scan has brought JARM support for HTTPS protocol!
👉🏼 Use it in responses search: jarm:*
More about JARM fingerprinting: https://engineering.salesforce.com/easily-identify-malicious-servers-on-the-internet-with-jarm-e095edac525a/
Salesforce Engineering Blog
Easily Identify Malicious Servers on the Internet with JARM - Salesforce Engineering Blog
JARM is an active Transport Layer Security server fingerprinting tool that provides the ability to identify and group malicious servers.
🔥7👍3
A couple of interesting facts about 🔥Jenkins CVE-2023-27898, CVE-2023-27905:
⚠️ Jenkins releases from March, 2021 to March 2023 are affected
⚠️ Even unreachable from the Internet instances could be exploited
⚠️ At least 47,5K vulnerable instances available (directly reachable)
How to search vulnerable Jenkins instances on Netlas.io:
👉🏼 Dork: http.headers.x_jenkins:[2.270 TO 2.393]
👉🏼 Search link: https://tinyurl.com/487t5s8f
Here is the blog post by Aqua Nautilus Security Research Team about these CVE:
https://blog.aquasec.com/jenkins-server-vulnerabilities
⚠️ Jenkins releases from March, 2021 to March 2023 are affected
⚠️ Even unreachable from the Internet instances could be exploited
⚠️ At least 47,5K vulnerable instances available (directly reachable)
How to search vulnerable Jenkins instances on Netlas.io:
👉🏼 Dork: http.headers.x_jenkins:[2.270 TO 2.393]
👉🏼 Search link: https://tinyurl.com/487t5s8f
Here is the blog post by Aqua Nautilus Security Research Team about these CVE:
https://blog.aquasec.com/jenkins-server-vulnerabilities
🔥5👍1
This media is not supported in your browser
VIEW IN TELEGRAM
Netlas v.0.21.0 Released!
This new release brings a long awaited feature – Bookmarks. Now you can save your favorite search queries by clicking on the star icon in the search string.
Search by favicon feature is significantly improved. Now can search not only exact matches, but also nearest matches. We use perceptual hash for this. Perceptual hash algorithms are opposite to standard cryptographic hashes — they are optimized to change as little as possible for similar inputs. So you can find answers with favicons that look pretty close to a given input, but use a different color, for example.
This new release brings a long awaited feature – Bookmarks. Now you can save your favorite search queries by clicking on the star icon in the search string.
Search by favicon feature is significantly improved. Now can search not only exact matches, but also nearest matches. We use perceptual hash for this. Perceptual hash algorithms are opposite to standard cryptographic hashes — they are optimized to change as little as possible for similar inputs. So you can find answers with favicons that look pretty close to a given input, but use a different color, for example.
🔥10❤2👍2
Netlas.io is now integrated with tines.io
Want to use netlas API in your tines.io automations? Just sign in to tines, open the template library and search "Netlas". You can get any IP or domain summary, whois data, scan results and other information from any netlas.io library.
Now it's easy to use netlas.io data within tines.io stories using hundreds of automation templates with no code!
Want to use netlas API in your tines.io automations? Just sign in to tines, open the template library and search "Netlas". You can get any IP or domain summary, whois data, scan results and other information from any netlas.io library.
Now it's easy to use netlas.io data within tines.io stories using hundreds of automation templates with no code!
🤝5👍1
Pumps are under attack!!!
Ten vulnerabilities in Osprey pump controllers discovered by Zero Science Lab in February remain unpatched. The list of disclosed vulnerabilities includes RCE and Administrator Backdoor Access. Osprey: door-mounted, irrigation and landscape pump controllers.
Osprey pumps on Netlas.io:
👉🏼 Search: nt.ls/upZRN
👉🏼 Dork: http.noscript:(Osprey Controller)
https://www.zeroscience.mk/en/vulnerabilities/
#Friday_Horrors
Ten vulnerabilities in Osprey pump controllers discovered by Zero Science Lab in February remain unpatched. The list of disclosed vulnerabilities includes RCE and Administrator Backdoor Access. Osprey: door-mounted, irrigation and landscape pump controllers.
Osprey pumps on Netlas.io:
👉🏼 Search: nt.ls/upZRN
👉🏼 Dork: http.noscript:(Osprey Controller)
https://www.zeroscience.mk/en/vulnerabilities/
#Friday_Horrors
😱3
Adobe ColdFusion RCE vulnerabilities:
Adobe ColdFusion 2018 Update 15 and earlier and 2021 Update 5 and earlier affected to critical CVE-2023-26359 and CVE-2023-26360. Arbitrary code execution exploited in the wild.
Netlas.io gives about 180,000 instances:
👉🏼 Dork: tag.name:"adobe_coldfusion"
👉🏼 Search link: nt.ls/adbcf
Technical analysis by Rapid7: https://attackerkb.com/topics/1iRdvtUgtW/cve-2023-26359/rapid7-analysis
Adobe ColdFusion 2018 Update 15 and earlier and 2021 Update 5 and earlier affected to critical CVE-2023-26359 and CVE-2023-26360. Arbitrary code execution exploited in the wild.
Netlas.io gives about 180,000 instances:
👉🏼 Dork: tag.name:"adobe_coldfusion"
👉🏼 Search link: nt.ls/adbcf
Technical analysis by Rapid7: https://attackerkb.com/topics/1iRdvtUgtW/cve-2023-26359/rapid7-analysis
🔥5⚡1
An awesome guide to create a fast passive one-shot recon noscript with Netlas CLI tools.
Do not miss the github link at the end of the article!
https://link.medium.com/q5F85TIESyb
Do not miss the github link at the end of the article!
https://link.medium.com/q5F85TIESyb
👍3👾3🔥2
Both Domain Whois and IP Whois Datasets are finally published at https://app.netlas.io/datastore/.
Carefully collected and parsed by Netlas.io from major internet routing registries and domain registrants.
✓ IP WHOIS Database covers all existing IPv4 addresses (more than 4 billion addresses). Each entry contains both parsed data structure and raw text records.
✓ Domain WHOIS Database covers more than 270 millions active domains, including just registered, published and parked domains, domains on redeption grace period (waiting for renewal), and domains pending delete.
☝️All datasets and updates to them are available to Corporate and Enterprise subscribers for free.
Carefully collected and parsed by Netlas.io from major internet routing registries and domain registrants.
✓ IP WHOIS Database covers all existing IPv4 addresses (more than 4 billion addresses). Each entry contains both parsed data structure and raw text records.
✓ Domain WHOIS Database covers more than 270 millions active domains, including just registered, published and parked domains, domains on redeption grace period (waiting for renewal), and domains pending delete.
☝️All datasets and updates to them are available to Corporate and Enterprise subscribers for free.
👍5👾5