Engines, DNS Zone fi les, permutation scans, Scraping, Threat Intel APIs etc Related domains: Passive DNS datasets, TLS/SSL Certs etc. We use tools like OWASP Amass, Project Discovery Sub fi nder, Chaos DNS datasets, AltDNS to perform discovery. In future, we will be able to identify related assets such as Code Repos & SaaS services etc. Ikaros
headers, IP ranges, DNS records etc. Identify Tech Stack: By analysing response headers, source code, Behaviour patterns etc. Identify services: Using Shodan Internet DB, Censys etc. In future, we will perform light weight active scans to improve accuracy and coverage. Ikaros
valid DNS records (Active domains • For all active domains, fi nd if they have services exposed to the Internet (Passive scanning) • For all the services, identify the tech stack they are built on
patterns/templates We use Nuclei - an industry-grade open source scanner. • Find CVEs affecting the tech stack of a service. In future, we will integrate this with Sirius service • Find leaked sensitive information across the Internet (In Progress) Ikaros
• In Secret Scanning tool depth(File,Repo,Owner) can be de fi ned. • Based on the above params it crawls through Github APIs to fi nd the results wrt input provided by the user. • If results is identi fi ed, based on the depth it perform the cloning and secret detection operation. So good thing about this tool is if you search for the keyword --> if that key is present on that fi le it identi fi es and also other keys also are can be easily identi fi ed. The current tool which are present are identi fi es the results and manually observation is required and it fi nds speci fi c to the input provided by the user. Secret Scanning :
to be integrated == more coverage • Fine tune the secret scanning engine • Report generation capabilities • Fine grain control over modules to run and scheduling • Real time scanning capabilities •