Project Resonance is an effort to 'give back to the community' and improve security of the Publicly Exposed data / information followed by a deep analysis & data correlation.
We focus specifically on identifying different kinds of Systems and components that are unknown to Security teams. Examples of such systems/components are unknown custom headers, data leak patterns, modern technology stacks, custom protocols, and third party dependencies, etc.
Waves are sent out to billions of assets collected by our cluster of bots across the internet, and useful insights are extracted and shared with the community to serve a larger purpose of making the Internet a more secure place.
This blog post is about our recent study related to misconfigured CNAME records that can cause subdomain takeovers on a massive scale, ~ 220 Million Subdomains across the internet.
Project Resonance is an effort to improve the security of the publicly exposed assets through the study of the services, applications, and technologies running on these assets followed by deep analysis and data correlation.
All our released datasets are publicly available at https://redhuntlabs.com/project-resonance-datasets.
Under any circumstances, we don’t access any authenticated / restricted / protected resources. Our collectors only collect data from public sources on the internet.
All our studies are non-intrusive. We take special care of making sure no systems are negatively affected because of our research.
If you don’t want to be in included in our studies, drop us an email at exclusion@project-resonance.com and we will exclude your assets from all our future research.
We use a combination of open-source tools and our own in-house developed tools. We are polishing them and they will be out in Open Source community soon.