- 02 May 2023
- 1 Minute to read
- Print
- DarkLight
Scan through passive DNS data
- Updated on 02 May 2023
- 1 Minute to read
- Print
- DarkLight
Silent Push allows you to execute powerful scans that search through passive DNS data across a range of query types, including:
- Standard forward and reverse lookups for specific DNS records
- Search for domains hosted on a server
- Search for Domains hosted on an IP
- IPs hosting a domain
- Lookup IP diversity
- Scan for nameserver changes
- Lookup TXT records
Results are populated in the Explore
screen. From this screen, users are able to:
- Monitor observables
- Save observables to a feed
- Perform further DNS queries on individual pieces of data
- Export raw data
- Obtain risk scores
- Enrich an observable
When performing a passive DNS lookup, wildcards are supported at the beginning or end of the domain string but not both at once.
Navigate to
Explore DNS Data > Explore Indicator DNS Data
Enter a domain or IP in the search bar
Click
Lookup PADNS
Enter a domain or IP in the search bar in the top navigation pane
Click
Lookup PADNS
Monitoring data
You can monitor results populated on the Explore
screen for any changes, saving you time and resources by automating key queries across a range of internal workflows.
Monitors run once every 24 hours. You'll be alerted when Silent Push detects new results via email (filtering/sorting options are not applied)
Once you've received a set of results, click the
Monitor
button on the top rightSpecify a
Monitor name
Enter a
Description
Click
Save
Your monitored query is now visible in
Monitors > Monitored Queries
Read this article for information on how to share a monitor