Blog

Dependency Confusion Attack – What, Why, and How?

In the dependency confusion attacks, a user can be tricked into installing a malicious dependency/library instead of the one they intended to install.
In this article, we are going to talk about some techniques that exploit interesting behaviors of package managers as well as some generic problems like Typosquatting.

RedHunt Labs Limited – An Attack Surface Management Company

Read More

Wave 2 – Analysis of Internet Wide Web Servers

At RedHunt Labs, we regularly perform various internet-wide studies as a part of Project Resonance, to keep up with ever-changing cyberspace as well as to enrich our Attack Surface Management product NVADR. This blog post is about our recent study in which we analyzed 65 million web servers resulting in interesting insights. At the end of this blog post, we are releasing a few datasets from our internet scan results for the community.

Read More

Five Ways to Avoid Data Breaches

We, at RedHunt Labs, focus on reducing your organization’s attack surface, help your organization avoid data breaches and help companies mitigate threats before it is too late?

Read More

Project Resonance Wave 1: Internet-Wide Analysis of Subdomain Takeover

At RedHunt Labs, we regularly perform various internet-wide studies under Project Resonance, to keep up with ever-changing cyberspace as well as to enrich our product NVADR. This blog post is about one of our recent studies related to misconfigured CNAME records that can cause subdomain takeovers on a massive scale. Introduction to Subdomain Takeover DNS

Read More

Burp Suite Extension – Asset History [Tool Release]

Burp Suite extension to identify the historic URLs of the domains in scope from WayBackMachine. Helps in Asset Discovery and Attack Surface Management.

Read More

CISO’s Guide to Attack Surface Management (ASM)

CISOs have a vast array of responsibilities, including identifying and protecting against current threats as well as being prepared for the threats of the future. From a perimeter security perspective, knowing what is visible to an external attacker is one of the primary challenges.  In one of our previous blog ‘Redefining Assets – A Modern

Read More