Hacker News
- Comodo issued valid certificate for [scam URL] amazon buckets https://censys.io/certificates/7ff0e2dd7692fd12020c29298a67787e5b0d07d67d1ec471d536ab317b0e8dac 16 comments
- Find and analyze any reachable server and device on the internet https://censys.io/ 51 comments
- Censys is a search engine for the hosts and networks that compose the Internet https://censys.io 2 comments
- * List of certificates issued by Let's Encrypt containing “Paypal” https://censys.io/certificates?q=paypal+and+parsed.issuer_dn%3A+%22c%3Dus%2C+o%3Dlet%27s+encrypt%2C+cn%3Dlet%27s+encrypt+authority+x3%22 3 comments netsec
- Censys: A search engine that allows computer scientists to ask questions about the devices and networks that compose the Internet https://censys.io/tutorial 4 comments programming
Linking pages
- The Million Dollar Dissident: NSO Group's iPhone Zero-Days used against a UAE Human Rights Defender - The Citizen Lab https://citizenlab.org/2016/08/million-dollar-dissident-iphone-zero-day-nso-group-uae/ 411 comments
- GitHub - trimstray/the-book-of-secret-knowledge: A collection of inspiring lists, manuals, cheatsheets, blogs, hacks, one-liners, cli/web tools and more. https://github.com/trimstray/the-book-of-secret-knowledge 270 comments
- Running a fake power plant on the internet for a month | by Grimminck | Medium https://grimminck.medium.com/running-a-fake-power-plant-on-the-internet-for-a-month-4a624f685aaa 167 comments
- Early Impacts of Let's Encrypt • Insufficient.Coffee https://tacticalsecret.com/early-impacts-of-letsencrypt/ 94 comments
- A penetration tester’s guide to subdomain enumeration | by Bharath | Appsecco https://blog.appsecco.com/a-penetration-testers-guide-to-sub-domain-enumeration-7d842d5570f6 68 comments
- Running in Circles: Uncovering the Clients of Cyberespionage Firm Circles - The Citizen Lab https://citizenlab.ca/2020/12/running-in-circles-uncovering-the-clients-of-cyberespionage-firm-circles/ 65 comments
- Despite Decades of Hacking Attacks, Companies Leave Vast Amounts of Sensitive Data Unprotected — ProPublica https://www.propublica.org/article/identity-theft-surged-during-the-pandemic-heres-where-a-lot-of-the-stolen-data-came-from#1246909 49 comments
- Hooking Candiru: Another Mercenary Spyware Vendor Comes into Focus - The Citizen Lab https://citizenlab.ca/2021/07/hooking-candiru-another-mercenary-spyware-vendor-comes-into-focus/ 47 comments
- Pegasus vs. Predator: Dissident's Doubly-Infected iPhone Reveals Cytrox Mercenary Spyware - The Citizen Lab https://citizenlab.ca/2021/12/pegasus-vs-predator-dissidents-doubly-infected-iphone-reveals-cytrox-mercenary-spyware/ 34 comments
- A Call To Let’s Encrypt: Stop Issuing “PayPal” Certificates https://www.thesslstore.com/blog/lets-encrypt-paypal/ 29 comments
- BAD TRAFFIC: Sandvine’s PacketLogic Devices Used to Deploy Government Spyware in Turkey and Redirect Egyptian Users to Affiliate Ads? https://citizenlab.ca/2018/03/bad-traffic-sandvines-packetlogic-devices-deploy-government-spyware-turkey-syria/ 27 comments
- GitHub - smicallef/spiderfoot: SpiderFoot automates OSINT for threat intelligence and mapping your attack surface. https://github.com/smicallef/spiderfoot 26 comments
- Advisory | Seagate Central Storage Remote Code Execution 0day – Pentest Blog https://pentest.blog/advisory-seagate-central-storage-remote-code-execution/ 22 comments
- Scan the whole internet while drinking coffee | by Uri Shamay | Medium https://cmpxchg16.medium.com/scan-the-whole-internet-while-drinking-coffee-9c4085539594 21 comments
- Filter Before You Parse: Faster Analytics on Raw Data with Sparser · Stanford DAWN https://dawn.cs.stanford.edu/2018/08/07/sparser/ 17 comments
- Asset Discovery: Doing Reconnaissance the Hard Way https://0xpatrik.com/asset-discovery/ 16 comments
- GitHub - gfek/Lepus: Subdomain finder https://github.com/gfek/Lepus 15 comments
- OSINT Resources for 2019. Let’s take a look at some essential… | by Steve Micallef | Medium https://medium.com/@micallst/osint-resources-for-2019-b15d55187c3f 12 comments
- GitHub - trimstray/the-book-of-secret-knowledge: A collection of inspiring lists, manuals, cheatsheets, blogs, hacks, one-liners, cli/web tools and more. https://github.com/trimstray/awesome-ninja-admins 10 comments
- Attack Surface Management. You’re (probably) doing it wrong. | by Steve Micallef | Medium https://medium.com/@micallst/attack-surface-management-youre-probably-doing-it-wrong-608719da1cab 10 comments