Scanning through Silent Push's store of passive DNS data collected from trusted third parties allows security teams to establish links between disparate records and global attacker infrastructure, and obtain information based on numerous granular DNS/IP parameters.
Our reverse lookups allow you to search passive DNS data using the following record types:
- A
- AAAA
- CNAME
- MX
- NS
- PTR4
- PTR6
- ANY (IPv4 & IPv6)
- SOA
- TXT
- MXHASH
- NSHASH
- SOAHASH
- TXTHASH
Note: Only the qtype and qname fields are mandatory. All other parameters are optional.
-
Select a record type to lookup in
qytype -
Specify a record name in
qname -
(PTR4 or PTR6 qytpes) Specify a
netmask -
(A or AAAA qytpes) Tick the box to include or exclude
subdomains -
Choose to include or exclude
metadatain the results -
Specify a
regular expression(re2) match for domain/host. This overrides the qname parameter -
Specify a timestamp in
first_seen_before(yyyy-mm-dd) -
Specify a timestamp in
first_seen_after(yyyy-mm-dd) -
Specify a timestamp in
last_seen_before(yyyy-mm-dd) -
Specify a timestamp in
last_seen_after(yyyy-mm-dd) -
Use
as_ofto only return records where the the as_of timestamp is between the first_seen and the last_seen timestamp -
Use
sortto order results in a specific order (column/order). This feature may be repeated with different column names to produce a nested sorting effect (separate multiple values with semi-colon):- Columns:
last_seen,first_seen,query,answer - Order:
asc,desc
- Columns:
-
Limitthe number of results to return -
Specify a number of results to
skip -
Click
Search
Saving queries
Organizational users are able to save individual queries ran from Advanced Query Builder, and store them in the Private Queries menu for future analysis, or to share with their organization.
-
Specify the query parameters
-
Click
Save Query -
Give your query a
Name -
Specify a
Descriptionto add more context -
Click
Save