RedHunt Labs Blog

Untitled design 1

The Current State of Security, Privacy and Attack Surface on Android: Scanning Apps for Secrets and More – Wave 8

Our research shows that secret leakage is still an issue developers must be addressed with secure development practices. We recommend that developers ensure that any cloud computing solutions they integrate into their apps are correctly configured to avoid the leakage of sensitive information and prevent threats for both the organization and end-users. We recommend that end-users pay attention to what permissions their favourite apps require for everyday usage and check if they are even needed to combat predatory practices.

Read More
banner 1 copy

Millions of Secrets Exposed via Web Application Frontends – Wave 7

Web applications are the cornerstone of anything on the publicly accessible internet. Due to the complexities of the software development life cycle, developers tend to embed secrets within the source code of the applications. As the code-base enlarges, developers often fail to redact the sensitive data before deploying it to production.

Read More
Octopii - An open-source, PII (Personally Identifiable Information) Scanner for Images

Octopii – An open-source, PII (Personally Identifiable Information) Scanner for Images

Say Hi to Octopii, an AI-powered Personal Identifiable Information scanner that uses Tesseract’s Optical Character Recognition (OCR) and a MobileNet Convolutional Neural Network (CNN) model to detect various forms of Government IDs, passports, debit cards, driver’s licenses, photos, signatures, etc. Let’s take a closer look at how Octopii works and why it’s essential to look out for exposed PII throughout your assets.

Read More
banner 1 copy
Project Resonance
Pinaki Mondal

Millions of Secrets Exposed via Web Application Frontends – Wave 7

Web applications are the cornerstone of anything on the publicly accessible internet. Due to the complexities of the software development life cycle, developers tend to embed secrets within the source code of the applications. As the code-base enlarges, developers often fail to redact the sensitive data before deploying it to production.

Read More »
Octopii - An open-source, PII (Personally Identifiable Information) Scanner for Images
Tool-Release
Owais Shaikh

Octopii – An open-source, PII (Personally Identifiable Information) Scanner for Images

Say Hi to Octopii, an AI-powered Personal Identifiable Information scanner that uses Tesseract’s Optical Character Recognition (OCR) and a MobileNet Convolutional Neural Network (CNN) model to detect various forms of Government IDs, passports, debit cards, driver’s licenses, photos, signatures, etc. Let’s take a closer look at how Octopii works and why it’s essential to look out for exposed PII throughout your assets.

Read More »
Untracked Assets and their Risks
Business
Shubham Mittal

Untracked Assets and their Risks – Discussion with Cybernews

Nowadays, securing and managing a company’s digital footprint has become an even more difficult challenge. With so many subdomains, code repositories, and applications, some untracked assets are bound to be overlooked. As the attack surface expands, visibility of the complete landscape is essential to keep an organization’s assets safe.

Read More »
Project Resonance Wave 6
Technology
Somdev Sangwan

Internet-Wide Study: State of SPF, DKIM, and DMARC (Wave 6)

At RedHunt Labs, (under Project Resonance), we frequently conduct internet-wide research in different shapes and formats to understand the state of security across the internet. In this iteration, we conducted a study about the current state of DNS configurations (SPF, DKIM and DMARC records) from a security perspective. We scanned more than 2.2 billion domains but before we discuss the insights, let’s quickly go over the basics.

Read More »

Explore our Blogs

Share in your network

Tweet
LinkedIn
Facebook
Reddit
WhatsApp