What is Discovery?

Nimbusec Discovery's Mission

Nimbusec Discovery aims to identify all websites related to your organization and perform a passive security analysis by simulating one single website visitor per domain.

A Nimbusec Discovery report is an objective, external overview of your organization's global web presences with an IT-security focus. Such a report can be used for:

Contrary to penetration testing tools, Nimbusec Discovery does not simulate attacks or any kind of brute force scans and does not represent a risk to live web-applications.

How is it done?

Nimbusec Discovery finds domains based on public WHOIS information and public search engine results. After Discovery discovered all domains, a passive security analysis is performed. This analysis includes actual security incidents like malware distribution, defacements and reputation issues. However, Nimbusec Discovery also detects preventive risk factors like outdated and vulnerable applications and problems with your website encryption.

Nimbusec Discovery only focuses on the initial landing page and does not analyze the entire website.

Tech talk.

Technical speaking, Nimbusec Discovery transmits 3 HTTP requests per FQDN (fully qualified domain name) to the webserver.

Redirects

Very often an identified domain redirects to another (sub)domain. Nimbusec Discovery follows such redirects and eventually only scans the final redirect-chain target.

image-1627895436734.png

Example

http://example.com redirects to https://www.example.com

input is example.com

  1. 1st req. --> try https://example.com (connection fail)
  2. 2nd req. --> try http://example.com (connection success, status 301 redirect www.example.com)
  3. 3rd req. --> try https://www.example.com (connection success, status 200)
  4. 4th req. --> scan https://www.example.com (connection success, status 200).

The first 3 requests are comparable to a ping and do not download any additional resources or scripts. They only check whether the request is successful or not.

The 4th request then simulates one real website visitor and performs the analysis.

 


Revision #1
Created 2 August 2021 09:09:59 by Patrick Wall
Updated 2 August 2021 09:11:04 by Patrick Wall