Sign in

Author: Heige (a.k.a Superhei) of KnownSec 404 Team https://twitter.com/80vul 09/12/2021

[Note: The ZoomEye search data in the article is based on the results of the query on September 11, and the target data has been overwritten and updated]

Before starting the article, please read the following articles to facilitate understanding…


Author: Heige (a.k.a Superhei) of KnownSec 404 Team https://twitter.com/80vul 09/08/2021

Yesterday, a detailed article on “behavior mapping” in cyberspace was published. The article introduced an example of using a ZoomEye query to get all the Trickbot C2 ips all at once:

https://80vul.medium.com/behavior-mapping-in-cyberspace-one-net-cleans-apt-and-botnet-c2s-ed49a9b7d426

Today I will bring you another typical case:…


Author: Heige (a.k.a Superhei) of KnownSec 404 Team https://twitter.com/80vul 09/07/2021

“Behavior (American English) or behaviour (British English; see spelling differences) is the actions and mannerisms made by individuals, organisms, systems or artificial entities in conjunction with themselves or their environment, which includes the other systems or organisms around as well…


Author: Heige (a.k.a Superhei) of KnownSec 404 Team https://twitter.com/80vul 06/15/2021

In recent years, there have been many cases of power outages at the national level due to cyber attacks and other reasons. …


* Add filter “iconhash:” to support favicon.ico hash search (support both md5 hash and mmh3 hash) Eg: iconhash:891e510219786f543ca998282ed99f45 or iconhash:325177753


Previously, ZoomEye released a survey report on the Plex UDP port used for reflection amplification DDos attacks (https://80vul.medium.com/zoomeye-report-nearly-40-000-plex-services-around-the-world-may-be-used-for-reflective-ddos-c1257dade7df ). Baidu Labs released a report (https://paper.seebug.org/1482/ ) on the use of https DTLS protocol for reflection amplification DDos attacks on February 5, 2021.

We noticed that as early as December 2020…


On January 7, 2021, Baidu Security Lab issued an early warning saying that a DDoS reflection attack initiated by the network service of Plex (media playback platform) was captured in January 2021 [1]

According to the article of Baidu Security Lab, the hacker used the DDoS reflection attack based on…


Author: Heige(a.k.a Superhei) of KnownSec 404 Team 01/16/2021

Currently, the objects of cyberspace surveying and mapping are mainly around IPv4/IPv6/website/darkweb ,Of course most search engines only support IPv4/IPv6 addresses . …


Author: Heige(a.k.a Superhei) of KnownSec 404 Team 12/10/2020

As the world’s leading search engine for cyberspace mapping, ZoomEye has been working hard! I would like to thank all the friends who support ZoomEye.

API-KEY

ZoomEye has always been committed to being more friendly and open to developers. For example, in August…


Author: Heige(a.k.a Superhei) of KnownSec 404 Team 05/25/2020

[Article release: https://paper.seebug.org/1219/ (Chinese) https://paper.seebug.org/1220/ (English)]

We had released ZoomEye’s historical data API query interface in ZoomEye 2020 that had launched in January this year: https://medium.com/@80vul/zoomeye-2020-has-started-8414d6aaf38

heige

The Leader of the KnownSec 404 Team ( ZoomEye http://www.zoomeye.org SeeBug http://www.seebug.org KCon http://kcon.knownsec.com)

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store