Saved by Chad Hudson
OSINT for Incident Response
Censys and LeakIX are a couple options, both providing search capabilities without registering and a bit more functionality upon free registration:
Censys.io example: https://search.censys.io – ‘ip: [10.1.0.129 to 10.1.0.140]’ or ‘ip: 10.1.0.128/25’
Example IP Range Search on Censys
LeakIX.net example: https://leakix.net “Service” – ip:”10.1.0.128
... See moreBHIS • OSINT for Incident Response
I like DNS Dumpster for this next step because it’s quick, easy to use, and easy to interpret. I’m most interested in “ISP-allocated” IP blocks, e.g. “COMCAST-1234” or “LOCALISP-AS-01,” as opposed to CLOUDFLARENET, MICROSOFT-CORP, etc. Not that I’ll ignore the latter, but self-hosted/on-prem infrastructure seems to be the likelier devil’s playgroun
... See more