At RedHunt Labs, (under Project Resonance), we frequently conduct internet-wide research in different shapes and formats to understand the state of security across the internet. In this iteration, we conducted a study about the current state of DNS configurations (SPF, DKIM and DMARC records) from a security perspective. We scanned more than 2.2 billion domains but before we discuss the insights, let’s quickly go over the basics.
We analyzed the top 1,000 GitHub organizations. It involved scanning 38,691 GitHub repositories (Ruby, Python, JavaScript, Go, and PHP code).
In the dependency confusion attacks, a user can be tricked into installing a malicious dependency/library instead of the one they intended to install.
We analyzed 65 million web servers resulting in interesting insights. Also, we are releasing a few datasets from our internet scan results for the community.
