- 16 May 2023
- 1 Minute to read
- Print
- DarkLight
Use favicon searches
- Updated on 16 May 2023
- 1 Minute to read
- Print
- DarkLight
Favicons are small icons that appear as content in a browser's address bar, and next to the website name in tabs.
Favicons are used by threat actors to create a sense of legitimacy for fake websites that host malware, or are designed to harvest credentials.
Silent Push features a search facility that identifies any instances of your organization's favicons, or similair images, being used elsewhere on the Internet.
Navigate to
Advanced Query Builder > IPv4 Queries > Scan Data - Favicon
Specify an
IPv4 address
Specify a
netmask
to search across a broad range of IPv4 addressesUse the
In
orNot In
button to find records where the specified IPv4 address is either 'in' or 'not in' the designated subnetSpecify an
MD5
hashSpecify a
MurmurHash
Automatically calculate an
mmh3
hash from a URL and search for the sameLimit
the number of results to returnClick
Search
(Optional) Click
Copy Raw Data
to use the results elsewhere(Optional) Click Copy
API URL
to integrate an API endpoint into your existing security stack
Saving queries
Organizational users are able to save individual queries ran from Advanced Query Builder
, and store them in the Private Queries
menu for future analysis, or to share with their organization.
Specify the query parameters
Click
Save Query
Give your query a
Name
Specify a
Description
to add more contextClick
Save