with bad habits. ◦ Reusing infrastructures ▪ Same IP, same domain ◦ Reusing components ▪ Same software, same HTML, same tracker ◦ Reusing SSL certificates ◦ Reusing SSH keys • Reusing something increases a possibility of tracking. ◦ Let’s say it's a fingerprint of an attacker. ◦ You can track him down based on his fingerprint.
◦ Censys performs all IPv4 scan at least once a week and scan popular websites daily. ◦ Censys monitors certificates in near real time with leveraging Certificate Transparency. • Search query syntax: ◦ filtername:value ◦ Logical operators: ▪ AND, OR, NOT ◦ Query examples: ▪ location.country_code:FR ▪ location.country_code:FR AND ports:80
websites. ◦ urlscan.io data include manual submissions and automatic-submissions. ▪ Automatic-submissions: • urlscan.io scans URLs from OpenPhish, PhishTank, URLhaus, etc. with auto. ◦ You can use ElasticSearch syntax to search. ▪ domain:kuronekoyamao.com ▪ domain:jppost-*.top AND page.country:FR ◦ Be careful with the limitations. ▪ urlscan.io scans a website via rotating European VPN exit IPs. ▪ Default UA equals to the latest Google Chrome Stable on Mac OS X.