Documentation Index

Fetch the complete documentation index at: https://help.silentpush.com/llms.txt

Use this file to discover all available pages before exploring further.

Context Graph Search

Updated
  • Updated on Jun 9, 2026
  • Published on Feb 8, 2024
  • 1 minute(s) read
Prev Next

Web Search is a powerful capability within Silent Push that lets you scan the clearnet and dark web for historical infrastructure matching highly granular parameters. It delivers deep visibility into how threat actors build, host, and evolve their online presence over time.

Unlike Live Scan (real-time, single-point results), Web Search uses extensive historical scan data and DNS intelligence to track infrastructure movement and attacker TTPs over time.

Key Capabilities

  • Multi-hop Redirect Analysis — Follows complete redirect chains (including Cloudflare pages, deferred logins, etc.)

  • Rich Data Sources — On-page content, WHOIS, open directories, banners, Tor scans, and more

  • Historical Depth — Analyze changes and infrastructure evolution over time

Choose Your Interface

  • Query Constructor (Simple Search) — Visual building-block interface for fast, intuitive query creation

  • Command Line Interface (CLI / Advanced) — Full SPQL (Silent Push Query Language) support for maximum flexibility

Constructing Powerful Queries

Use 100+ proprietary field names across multiple data sources. Combine with operators (=, !=, >, <, etc.) and AND.

Useful Fields

  • favicon_murmur3 — Unique favicon hash

  • htmltitle — Page title text

  • header.server — Server / CDN header

  • ssl.not_after — SSL certificate expiration

  • body_ssdeep — Fuzzy hash of page content

  • geo — Server geolocation

Real-World Query Examples

1. Brand Spoofing:
favicon_murmur3 = 309020573 AND domain != "paypal.com"

2. CDN Identification:
header.server = "AkamaiGHost"

3. Vulnerable DDoS Servers:
htmltitle = "DDoS* not configured" AND response > 200 AND header.server = "ddos*"

4. Expiring Certificates:
ssl.not_after > now AND ssl.not_after < now+1d

Working with Results

  • Results appear in a fully customizable table — choose exactly which columns to display

  • Click any row to expand rich key-value enrichment data

  • One-click pivots to risk scoring, reputation data, DNS lookups (forward & reverse), and more

  • Export data via the Download button

Use Cases

  • Threat Hunting — Discover related attacker infrastructure and phishing clusters

  • Brand Protection — Detect spoofed domains, favicons, and login pages

  • Attack Surface Management — Map unknown assets and misconfigurations

Related articles