Hello, welcome to the Monday, October 26, 2020 edition of the Sandcent, Center Storm Center's Stormcast.

My name is Johannes Ulrich, and I'm recording from Jacksonville, Florida.

Probably the most popular site to find systems that are exposed to the internet.

That tends to be Shodan.

Shodan of course builds itself sort of as the search engine for the internet of things

and regularly scans the internet for systems that are exposed.

In a diary from this weekend, Guy reminds us that Shodan is not alone.

There are other sites in particular census is a site that Guy introduces here with some links

and examples and how to use the site.

Somewhat similar to Shodan in this approach, they are essentially port scanning the internet

in regular intervals and then publish information

about certificates and banners.

Personally, I found census in particular useful

to look for certificates.

Also, of course, things like shared certificates among different

sites. And the second diary from this weekend was also tool-oriented. Of course, Russ is always good

in introducing new and interesting tool. This time it's about SUDY. SUDE was written for SOC analysts in order to have a

quick and simple command line tool to research IP addresses, domain names, and the like.

Pretty neat tool, pretty simple. And that's really the goal here to make it simple and fast.

And of course, attacks against machine learning is one of the up-and-coming trends these days,

and Microsoft, MITR, IBM, and a number of other companies got together to essentially create something like the

Miter Attack Matrix for machine learning. One of the risks, of course, of machine learning is that

...