Blog

Project Resonance Wave 1: Internet-Wide Analysis of Subdomain Takeover

At RedHunt Labs, we regularly perform various internet-wide studies under Project Resonance, to keep up with ever-changing cyberspace as well as to enrich our product NVADR. This blog post is about one of our recent studies related to misconfigured CNAME records that can cause subdomain takeovers on a massive scale. Introduction to Subdomain Takeover DNS

Read More

Burp Suite Extension – Asset History [Tool Release]

Burp Suite extension to identify the historic URLs of the domains in scope from WayBackMachine. Helps in Asset Discovery and Attack Surface Management.

Read More

CISO’s Guide to Attack Surface Management (ASM)

CISOs have a vast array of responsibilities, including identifying and protecting against current threats as well as being prepared for the threats of the future. From a perimeter security perspective, knowing what is visible to an external attacker is one of the primary challenges.  In one of our previous blog ‘Redefining Assets – A Modern

Read More

RedHunt Labs Launches ‘NVADR’ – Attack Surface Management (ASM) Solution

We are excited to launch our Attack Surface Management Platform NVADR for organizations in order to help them gain holistic visibility of their perimeter security. NVADR provides Continuous Asset Discovery as well as Data Leak Monitoring through its wide-spread distributed collectors and notifies organizations in case a new asset/data leak/security vulnerability belonging to the organization,

Read More

Project Resonance – WAVE 0

Project Resonance is an effort to improve the internet security of the publicly exposed assets through the study of the services, applications, and technologies running on these assets followed by deep analysis and data correlation.

Read More

BurpSuite Extension – Asset Discover [Tool Release]

In our last post Redefining Assets – A Modern Perspective we talked about how the definition of an ASSET has evolved with time and is now more inclusive. In this post, we are going to talk about why and how asset discovery should be done while manually testing the web application. We are also releasing a Burp

Read More