Search for Applications Exposed to Attack Surface Using Product Filter

Search for Applications Exposed to Attack Surface Using Product Filter on Asset Search

There are different applications with official product names in the Information Technology fields and you can identify which of them are running on a specific IP with product filter on Criminal IP.

All you have to do is simply using the filter product;. Using this, you can search for open source products such as nginx, apache, microsoft-iis, and lighttpd, as well as commercial softwares. Take a look at the following search result for sonicwall, often used as a firewall or VPN equipment.

product: filter can be found in IP details

product:sonicwall

Result when Searched product:sonicwall on Criminal IP Asset Search

As the above displays, we can see that sonicwall’s login page also pops up.

sonicwall login page

How to search for the Microsoft Exchange server

Taking the same approach, you can also search for Microsoft Exchange servers. In this case, you can narrow down your search results by adding port:443 to your filter as smtp protocol, an email protocol, can also be searched. For your information, the Microsoft Exchange server was dealt heavy blow by the Zero-Day vulnerability in March, 2021.

product: “microsoft exchange” port:443

Result when Searched product: “microsoft exchange” port:443 on Criminal IP Asset Search

Outlook Login Page

How to search for the VMWare ESXi server

For another example, as of now, 46,000 results were found when searched for VMWare ESXi. If you want to search for used cases of the 443 port and OVH host server as an application to Microsoft Exchange server example, type as below. Our CIP team has posted an analysis report on VMWare ESXi attack surface vulnerability before. Click on the following link to learn more about the case.

product: vmware vcenter server as_name: “ovh sas” port:443

VMWare login page

Criminal IP’s Element Analysis feature allows you to check the full list of products by port. The link below is a product list on the 443 port.

Result when Searched port:443 on Criminal IP Element Analysis

Source: Criminal IP

By Criminal IP|2022-08-04T18:12:56+09:00June 10th, 2022|2 Comments

About the Author: Criminal IP

AI Spera is a pioneer in cyber threat intelligence powered by AI and machine learning.

2 Comments

Security Vulnerabilities That Alters Exposed NGINX Configuration Files 2022-10-21 at 5:19 pm - Reply

[…] you want to find out how to search for webservers built using NGINX, check out our article “Search for Applications Exposed to Attack Surface Using Product Filter on Asset Search” which explains how to use the product […]
Security Vulnerabilities That Alters Exposed NGINX Configuration Files 2022-10-21 at 5:20 pm - Reply

[…] you want to find out how to search for webservers built using NGINX, check out our article “Search for Applications Exposed to Attack Surface Using Product Filter on Asset Search” which explains how to use the product […]

	Docker Container Sec… on API Key, a Key to Credential L…
	IP Camera Hacking -… on Criminal IP Analysis Report on…
	Criminal IP, Splunk… on VPN Detection: Finding Unwelco…
	Algolia API Key Rais… on API Key, a Key to Credential L…
	I didn’t know… on Cobalt Strike Beacon: Finding…

Search for Applications Exposed to Attack Surface Using Product Filter on Asset Search

How to search for the Microsoft Exchange server

How to search for the VMWare ESXi server

Share this:

Share This Story, Choose Your Platform!

About the Author: Criminal IP

Related Posts

CIP Weekly Blacklist : Phishing and Malicious URLs in the 4th Week of January

CIP Weekly Blacklist : Phishing and Malicious URLs in the 3rd Week of January

KIOSK Hacking: Tips to Improve Your Kiosk Security

CIP Weekly Blacklist : Phishing and Malicious URLs in the 2nd Week of January

Check ‘Flipper Zero (Hacker’s Tamagochi)’ Phishing Site

CIP Weekly Blacklist : Phishing and Malicious URLs in the 4th Week of December

2 Comments

Leave a Reply Cancel reply