Exclusive Interview with SPYSE Team

Rishi Narang
 /  security, hacking  /
Exclusive Interview with SPYSE Team

I don’t think many of you have heard of SPYSE (I didn’t before this interview) before, but let me tell you - they are amazing people, great developers and believe me when I say they are contributing great to information security community with their amazing tools and projects. I got interested and frankly heard about them when I checked out on certdb and findsubdomains projects - remarkable sites and highly recommended to have a look! I authored a review on their projects - CertDB is a free SSL Search Engine, and Finding Sub-Domains for Open Source Intelligence and have spoken highly of them. So, in last few days I got a chance to ask them some questions on their project CertDB, and their ongoing efforts to share with you all.

What is CertDB? Who’s the backbone of CertDB?

We are SPYSE team, skilled specialists in the field of web-analytics and digital security. In 2017 we formed a unit, that on voluntary basis will develop non-profit tools and services for exploration and analytics of general data available on the internet.

CertDB.com - internet-wide search engine for research and analytics of digital certificates. This is the first project of the SPYSE team that gathered in 2017 with an ambition to make a search engines across the entire Internet infrastructure for educational, research and practical purposes, which combines the key capabilities of f.e. Censys, Shodan, Domaintools and other services, and significantly exceeds them in terms of data completeness and analytical capabilities. Our portfolio currently includes besides Certdb such services as FindSubdomains.com designed to automate subdomains discovering. Currently we are working on another project related to DNS. We plan on releasing one project every month.

The mission of the project lies in blurring the widespread belief that an SSL Certificate is just a minor collection of the data files that digitally bond the cryptographic key to the businesses' details. On the opposite, the creators of CertDB aim to change the nature of things around the average users of the internet.

Future projects include analytic tools for domain/subdomain analysis, IP ranges, DNS addresses, and connections between organizations and their digital assets. We believe that our team is quite strong and we plan on releasing one project every month. In about 4 months, we intend to group these services together to create a search engine that would encompass all of these areas. We make a search engine across the entire Internet infrastructure, which combines the key capabilities of Censys, Shodan, Domaintools and other services, and significantly exceeds them in terms of data completeness and analytical capabilities. This tool will have a more complete pool of data than any existing resource on the web.

Examples of available queries: https://certdb.com/about and CertDB use cases:

  1. Newly issued certificate could help identify a launch of a new service, merger between organizations and other market activities faster than any press release.
  2. It is of utmost importance to keep track of SSL certificates expiration times. Once SSL certificate expires, it could mean unpleasant consequences for both the website and the end user. These could include loss of trust, drop in profits due to abandoned shopping carts, damage to organization’s image and reputation, privacy risks.
  3. CertDB is not a mechanism that is of use only to the professionals in the IT field. Exploring SSL certificates one can analyze business activity of not only individual organizations but also whole industries or markets, and identify trends.
  4. The company of the focus may issue the certificate in an organization with the domains of other companies, which could mean the collaboration or purchase of one company by another. Such information could potentially generate profits as insight information or even lead to the start of the investigation (if there are indications of unfair business practices)
  5. A company specializing in security breaches may use CertDB for researching the problematic certificates to weaken the possibility of the hacker attacks ultimately.
  6. The commercial SSL-selling firm may increase its sales by “warning” the companies suffering from the affected subdomains and domains.
  7. The company could register the domain hinting the upcoming start of the initial coin offerings. This promising piece of evidence can help with the competitive analysis or business analytics among others. Besides, it gives the data owner an ability to gather funds for the potential investment.
  8. The registration of a new unknown domain in Palo Alto may hints at a new start-up; switching from the “Wildcard” certificate to “Let’s Encrypt” tells us about the organization’s budget constraints.
  9. Based on the number of SSL certificates issued to domains of a particular country, as well as number of certificates per capita, one can gauge the maturity of IT infrastructure in different countries.

We are just at the beginning of our journey and would really appreciate any help or assistance – constructive feedback, advice, mentions, coverage options and connections.

Do you have any active market competition and what is your USP?

CertDB’s key selling points:

  • it’s completely free; we’re developing this projects as volunteers for educational & research proposes so they will be free forever;
  • its the most complete certs base in internet;
  • its the most accurate and updated every day scanning the whole internet;
  • CertDB has the best UI because we care not only about data but about user experience too.

We analyze the web 24/7 to offer you the most complete and up-to-date information about SSL certificates on the internet.

CertDB provides free access to its powerful API. You can use API for practical research or educational purposes, or for implementation of other programs and services.

Our service provides search capabilities by multiple criteria, quality filtering. We also aggregate data by various criteria, which makes it possible to see the picture on a larger scale.

We pay great attention to UX / UI, page load speed and other details, our projects are user-oriented. Our developers constantly investigate behavioral factors and feedback from users in order to make projects better.

How do you stack against crt.sh or Censys (censys.io)?

Our work on certificates, at first glance, is very similar to censys.io. We proceeded from the same problems of developers and experts, therefore our search mechanisms have a number of coincidences. At the same time, it should be noted that we largely sought to make the project so that they could be used by non-professionals and also receive valuable information. We understand that this is a complex and lengthy process, but we are deeply committed to making and showing the market a product not for geeks, but for a wide audience.

You mentioned about scanning and having sensors. How do you categorize or short-list the websites?

In fact, our team does not only deal with digital certificates, of course. At the moment, we are exploring the web part of the entire IPv4 range by a variety of different techniques. A significant part of the data for the starting point of the research was taken from public sources, some were discovered by ourselves, some are obtained from partners. The SUBMISSION form seems to us inexpedient due to the fact that there are hardly any domains that we do not know about.

How often do you plan to scan websites and do you have a priority criterion for scanning?

In the near future we are preparing an infrastructure for regular and systemic scanning of all known points on the Internet, according to our plans, in no more than a month we will be able to update the information for each point that has given any signs of life for the last 6 months at least every two weeks, in reality, according to our expectations, much more often.

From a security point of view have you gone through any security testing or assessment in the past, or planned to do so?

The main part of the SPYSE team works in IT security. Project ideas were originally born out of our daily needs. We did and do testing for many companies (under NDA), we have quite a lot of knowledge. However, we distance our current services from our work, we target them for a much wider audience, for educational purposes, to give interested people more opportunities to study the Internet, and researchers to explore and analyze it for free.

If we talk about the security of our projects, then we try to make it right, although we have not focused on security issues separately - we have nothing to steal.

Do you plan to keep the service free, or launch any subscription based, or pricing model for better search, filters etc. in the future?

We plan to keep our services entirely free. We want to believe that our current affairs are useful to people. This motivates us the most. We really want to spread the message about our free services and make them accessible to regular users. Hope that readers of this article can support us in that.

Keep it up guys, and we are excited for your new projects.

Cover Image: Jonathan Velasquez