Netlas.io Datastore is here! Now you can download Netlas.io data in CSV and JSON. We have already prepared several datasets. Please, write us what datasets you want to see in Netlas.io Datastore.
https://app.netlas.io/datastore/

An excellent overview of Netlas.io with a focus on vulnerability search functionality at hackers-arise.com
https://www.hackers-arise.com/post/open-source-intelligence-osint-finding-vulnerable-systems-across-the-internet-with-netlas-io

Netlas.io launched a fresh scan last Friday. About 15% has been completed at the time of posting. And so far, more than 8000 Apache servers have been identified as potentially vulnerable to CVE-2021-42013 / CVE-2021-41773 😨
Search on Netlas: https://app.netlas.io/responses/?q=tag.apache.version%3A%5B2.4.49%20TO%202.4.50%5D&page=1&indices=26
#howto #infosec #RCE

Instructive 3 minutes “Netlas.io for Bug Bounty” review with tricky query examples by @tbbhunter on
https://medium.com/@thebugbountyhunter/review-netlas-io-for-bug-bounty-c062a87b544f

NETGEAR makes cool devices. However, it is quite risky to publish an admin panel without authorization by default. We noticed that each new scan finds several hundred devices with unauthorized admin panel access. Mostly AX, AC and EX series access points and repeaters.

Did you know, Netlas.io operates more than 1,7 billion domain names? All types of DNS records are available. Improved datastore and new datasets come with the last Netlas.io update.
https://netlas.io/blog/tpost/h0j8vpujm1-netlas-v0140-release-notes

Netlas.io completed another domain name resolution process today. The most relevant domain index has 1.8 billion records now (7.7% increase)!
2nd level domains - 437 880 749
3rd level domains - 763 323 850
4th and deeper levels - 632 035 600
Do you think Netlas.io was able to find your domain and subdomains? You can check it out right now!

Interested in how often Netlas.io scans the Internet? Go to the help section -> "Scanners, Scans & Datasources" tab. There is information about all active indices, including scan periods and the number of records.

As you can see, Netlas is making another IP/Domain scan right now. Pay attention to the numbers. Each new scan gives more data!

Have you heard about the DeadBolt attack targeting QNAP NAS devices? It's horrible! 😨 Netlas.io is scanning the internet right now. You can see how new encrypted devices appear almost in real time.
https://app.netlas.io/responses/?q=http.body%3A%22All%20your%20files%20have%20been%20locked%20by%20DeadBolt%22&page=1&indices=32%2C29

Subdomain Dictionaries – new datasets published last Friday. It is an aggregation of subdomains by different zones sorted by frequency of use.

The TOP-100 dictionary is free to all registered users. TOP 1K and 10K are also available for a small fee.
https://app.netlas.io/datastore/

Are you using a honeypot to secure your network? Internet scanners are good at detecting honeypots. Check if Netlas.io was able to uncover yours.

Tom Kraz posted a great review with search examples and practical tips. Huge thanks from the Netlas.io team! #Netlas_io_Hints
https://tkcyber.com/index.php/2022/02/23/what-is-netlas-and-how-to-use-it-in-2022/

Here is an interesting review of Netlas.io containing examples of use and comparison with shodan.io, censys.io, fofa.so, zoomeye.org and others
https://www.hackread.com/netlas-io-a-new-atlas-of-internet/

There were several requests to make a light theme. We hope you'll enjoy it!

Forward DNS datasets have been updated today. More than 2,1 billion of records!
https://app.netlas.io/datastore/

Meet the Birthday Netlas.io Release! Brand new Whois search tool, advanced support for popular IoT protocols, redesigned search examples followed by help articles and much more.
https://netlas.io/blog/tpost/ejektipnj1-netlas-v0160-release-notes

Did you know that Netlas IP whois database is also available through the API and CLI?
More importantly, you can purchase and download complete Netlas IP whois data collection from our datastore.
https://app.netlas.io/datastore/product/40/

High-profile vulnerabilities in PLC and HMI devices by AutomationDirect (CVE-2022-2003 - CVE-2022-2006) as seen on http://Netlas.io. The United States is the most affected.
#vulnerability_map

Netlas.io Dorks for finding sensitive IoT Data (adopted and little bit expanded "TOP Shodan Dorks for finding sensitive IoT data" by @0xhunster)

Try these dorks at https://app.netlas.io

Fresh 1-day vulnerabilities in VMware Workspace ONE Access, Identity Manager и vRealize Automation (CVE-2022-31656 - CVE-2022-31659) as seen on Netlas.io. CVSSv3 - 9,8!

http.body:"VMware vRealize Automation Appliance" OR http.favicon.hash_sha256:7eef5dc4dc1055c6e3e479a8ab95efbe0a11660fa7152d1163377bca7d2b8428

Netlas (sub)domain search will be available through OWASP Amass soon.
https://github.com/OWASP/Amass/pull/818