ShadowTrackr

Log in >
RSS feed

SSL certificate reports page

14 October 2018
Besides fixing the bugs that come with a major update, I've also been working on some minor improvements. Nothing really fancy, just more consistent checks and better, more specific messages. For instance if the host name on the certificate does not match, ShadowTrackr not only shows the error message but also the common names the certificate is actually issued for. This is the first thing I want to know when I see this error, and I guess most of you too.

The biggest change has been on the certificates reports page. Up until this weekend there was a separate Bleichenbacher/ROBOT report page. It showed wich certificates on which urls where vulnerable. The overview was nice, but why stop there? You'll also want to know about Ticketbleed, DROWN, and all the other SSL vulnerabilities right? So, the separate Bleichenbacher page is now gone. Any certificates vulnerable to this and other attacks are explicitly shown on the certificate report page. Nothing there? That means you're good :-)

Monitoring is now done separately for each url on each endpoint (instead of just the url like before). So if the same certificate appears on an ipv4 and ipv6 address, it will appear twice in the list with the ip shown next to the url. Most of the vulnerabilities you can have are related to the server anyway and not the certificate itself, so this provides a more accurate overview.

Although these are small steps, I hope you enjoy the improvements.
Older posts >

Resources
API
Blog
Documentation
Integrations
Shodan
OpenCTI