Contents x
      Use favicon searches
      • 16 May 2023
      • 1 Minute to read
      • Print
      • Dark
        Light
      Contents

      Use favicon searches

      • Updated on 16 May 2023
      • 1 Minute to read
      • Print
      • Dark
        Light
      Article summary

      Favicons are small icons that appear as content in a browser's address bar, and next to the website name in tabs.

      Favicons are used by threat actors to create a sense of legitimacy for fake websites that host malware, or are designed to harvest credentials.

      Silent Push features a search facility that identifies any instances of your organization's favicons, or similair images, being used elsewhere on the Internet.

      1. Navigate to Advanced Query Builder > IPv4 Queries > Scan Data - Favicon

      2. Specify an IPv4 address

      3. Specify a netmask to search across a broad range of IPv4 addresses

      4. Use the In or Not In button to find records where the specified IPv4 address is either 'in' or 'not in' the designated subnet

      5. Specify an MD5 hash

      6. Specify a MurmurHash

      7. Automatically calculate an mmh3 hash from a URL and search for the same

      8. Limit the number of results to return

      9. Click Search

      10. (Optional) Click Copy Raw Data to use the results elsewhere

      11. (Optional) Click Copy API URL to integrate an API endpoint into your existing security stack

      Saving queries

      Organizational users are able to save individual queries ran from Advanced Query Builder, and store them in the Private Queries menu for future analysis, or to share with their organization.

      1. Specify the query parameters

      2. Click Save Query

      3. Give your query a Name

      4. Specify a Description to add more context

      5. Click Save

      Was this article helpful?
      What's Next