Project Resonance is an effort to give back to the community and improve security of the Publicly Exposed data / information followed by a deep analysis & data correlation.
We focus specifically on identifying different kinds of Systems and components that are unknown to Security teams. Examples of such systems/components are unknown custom headers, data leak patterns, modern technology stacks, custom protocols, and third party dependencies, etc.
Waves are sent out to billions of assets collected by our cluster of bots across the internet, and useful insights are extracted and shared with the community to serve a larger purpose of making the Internet a more secure place.
We respect legal boundaries and privacy concerns, therefore we do responsible research and adhere to the following procedure:
Non-Intrusive: All our research and studies are non-intrusive in nature.
Responsible data release: While we release our datasets, we don’t release all the datasets out in public. We pay very close attention to make sure that no sensitive data is stored as well as released as a part of our datasets. We only release data which helps to facilitate security research but at the same time do not allow any attack exposure for anyone in the world.
Low Rate: We do all our studies on a very low rate so that no one is affected adversely from our research.
Exclusion Lists: If you don’t like to be a part of our research, we respect that preference. We have as exclusion list which we take very seriously. If you don’t want to be in included in our studies, drop us an email at
exclusion@project-resonance.com.
Responsible Disclosure: Many times, we find some components / piece of information / assets which we think shouldn’t be publicly exposed. In such cases, we will responsibly disclose this to the respective owners of the organization.
The data that comes out of Project Resonance has multiple use-cases for Security Researchers, DFIR teams as well as Threat Intelligence teams. Few examples explaining how this data can be used:
All our released datasets are publicly available at
Under any circumstances, we don’t access any authenticated / restricted / protected resources. Our collectors only collect data from public sources on the internet.
All our studies are non-intrusive. We take special care of making sure no systems are negatively affected because of our research.
If you don’t want to be in included in our studies, drop us an email at exclusion@project-resonance.com and we will exclude your assets from all our future research.
No, we don’t crawl any HTTP/HTTPS servers during any phase of our research.
We use a combination of open-source tools and our own in-house developed tools. We are polishing them and they will be out in Open Source community soon.
Get Attack Surface, Recon, Internet Scans and the latest news from RedHunt Labs.
Copyright © 2023 RedHunt Labs Limited
