- 17 Feb 2024
- 1 Minute to read
- Print
- DarkLight
Web Scanner
- Updated on 17 Feb 2024
- 1 Minute to read
- Print
- DarkLight
Web Scanner is a feature of the Community and Enterprise console that allows users to execute command line or constructor queries that interrogate the Silent Push web content database, and hunt for malicious websites impersonating their brand or attempting to circumvent certificate transparency standards.
We collect data across 90+ input parameters including (but not limited to):
- Body SSDeep data
- Certificates
- HTML titles
- Geo location
If a domain, IP or URL is involved in a redirect chain, Web Scanner doesn't limit results to a single scanned page, we make all the observable data available so that users can see the path taken through multiple hops, e.g. - Cloudflare holding pages, deffered login pages.
Web Scanner queries are executed using SPQL - a simple, free-form query language that enables data exploration via the Silent Push API.