Preface In a recent turn of events, RedHunt Labs’ Attack Surface Management (ASM) research team uncovered a potentially disastrous data leak incident involving the automotive giant, Mercedes-Benz. This incident not…
Introduction If you are in the Information Technology sector, you most likely have come across the terms Cloud Object Storage, S3 buckets, and/or buckets. Cloud object storage buckets are like…
In the ever-evolving digital landscape, organizations are constantly grappling with the challenge of securing their vast and ever-expanding attack surfaces. An attack surface refers to the collection of assets and…
Subdomain enumeration holds a critical role in our reconnaissance and Attack Surface Management (ASM) workflows. In this blog, we’ll dive deep into the complexities of subdomain enumeration, exploring the diverse array of tools and techniques available. Furthermore, addressing the challenge of mitigating false negatives, i.e. missing out on subdomains, is paramount for ensuring robust security evaluations.
Hey there, cybersecurity enthusiasts! Ever wondered how to up your game in subdomain enumeration? Well, we’ve got some exciting news. Subfinder, a tool you probably know and love, is now integrated with RedHunt’s Attack Surface Recon API. Yep, you heard that right, your favourite subdomain enumeration tool just got even better with more comprehensive results.
Introduction In the ever-evolving landscape of cybersecurity, staying ahead of potential threats is paramount. As the digital realm expands, so does the attack surface of organizations, presenting a challenge for…
Intro Typosquatting and phishing are quite a headache for businesses. Creating fake websites that look almost identical to legitimate ones has become a piece of cake for attackers. Experts can…
RedHunt Labs introduces BucketLoot – a cutting-edge, automated S3-compatible Cloud Object Storage bucket inspector designed to empower users in securing their data. BucketLoot offers an array of powerful features, allowing users to seamlessly extract valuable assets, detect secret exposures, and search for custom keywords and Regular Expressions within publicly-exposed storage buckets.