Tag Archives: Bug Bounty

MIPT/PhysTech guest lecture: Vulnerabilities, Money and People

MIPT/PhysTech guest lecture: Vulnerabilities, Money and People. On December 1, I gave a lecture at the Moscow Institute of Physics and Technology (informally known as PhysTech). This is a very famous and prestigious university in Russia. In Soviet times, it trained personnel for Research Institutes and Experimental Design Bureaus, in particular for the Soviet nuclear program.

MIPT open lecture about vulnerabilities

Nowadays MIPT closely cooperates with Russian and foreign companies, trains business people, software developers and great scientists. For example, the researchers who discovered Graphene and won Nobel Prize for this in 2010 were once MIPT graduates.

This is a very interesting place with a rich history. So it was a great honor for me to speak there.

Continue reading

What’s inside Vulners.com database and when were security objects updated last time

What’s inside Vulners.com database and when were security objects updated last time. As I already wrote earlier, the main advantage of Vulners.com, in my opinion, is openness. An open system allows you to look under the hood, make sure that everything works fine and ask developers uncomfortable questions why there were no updates for a long time for some types of security objects.

You can do this by using the https://vulners.com/api/v3/search/stats/ request, that I already mentioned in “Downloading entire Vulners.com database in 5 minutes

First of all, let’s look at the security objects. This will give us an understanding of Vulners.com basis.

Vulners objects

Continue reading

Getting public IP address ranges for an organization

Getting public IP address ranges for an organization. Small bash script to automate the work with Qrator Radar public API.

Qrator Radar

The idea is to get autonomous system (AS) number of the organization by it’s name and retrieve all related IPv4 Prefixes. Why you may need it? To be sure, for example, that you scan all the hosts of organization available from the Internet for vulnerability management, penetration testing or bug bounty activity. For smaller organizations that don’t have own AS that obviously will not work.

Continue reading

Have you heard about vulners.com?

Have you heard about vulners.com? Vulners.com is a new search engine for security content.

Vulners.com searching engine

Guys from vulners.com collect vendor security bulletins, lists of vulnerabilities found by researchers,  content of open vulnerability and exploit databases, posts on hack forums and even detection rules from vulnerability scanners. They investigate dependencies among all this entities and provide fast and efficient searching interface. Moreover, you can even automate searching process with Vulners Search API. All for free!

Vulners.com 'Heartbleed' search results

You can read Russian translation of this post on seclab. I can also recommend a great article “Vulners.com, a Shodan of vulnerability data” by Denis Gorchakov.

Why might you need it? Continue reading