![]() ![]() If you are interested to find out what else is on the network of that company, you can check out what IP addresses they own, or which netblocks they are assigned, and you can query them. A netblock is a range of consecutive IP addresses that are appointed to a party, in this case MIT. This is the IP address belonging to the URL and when opening the link to the information page, we see it is located in netblock AS3. Within Shodan and Censys you can query a single IP address, and get information on that single address as shown here. Especially when you’re looking into a company. But it’s always a good idea to at least have a look within Shodan or Censys to see what they’ve scanned on that IP address, or even the netblock it is part of. When it turns out to be a home router there usually isn’t a lot of information to gain so that’s where they stop. When you have an IP address that you need to investigate, a lot of people simply check them via a Whois query, or run them through a website like ipinfo.io and leave it at that. And even the free account will give you access to some helpful filters already. To be able to use most of the filters that are explained in this blog post, you will need to register an account. ![]() Why might it be a good idea to look at an IP address via Shodan or Censys, and how could they help you in an investigation? In this article we’ll go over some use cases and show how they might be able to propel an investigation forwards or investigate a digital component like a webserver. ![]() It is possible that you are working as a penetration tester that needs some information on a client, but also an investigator that is looking into online activity can use some of these skills. When it comes to IoT or other online devices, there are quite a lot of options to investigate them. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |