SShortSingh.
Back to feed

ScanSearch Lets Developers Audit Exposed Network Services Without Active Scanning

0
·1 views

ScanSearch is an internet-wide search engine that continuously indexes network devices, their running services, and associated vulnerability data, offering an alternative to traditional port scanning tools like nmap. Developers and security professionals can use its query language to search for specific service names, port numbers, or software versions exposed on the public internet. A typical use case involves identifying devices running outdated software, such as older nginx versions, which can then be cross-referenced against public CVE databases to assess patch urgency. The tool is particularly useful for auditing IoT fleets or verifying that internal services are not unintentionally exposed. While it does not currently support direct CVE ID queries, targeted version-based searches can help surface potentially vulnerable infrastructure at scale.

Read the full story at DEV Community

This is an AI-generated summary. ShortSingh links to the original source for the complete article.

Discussion (0)

Log in to join the discussion and vote.

Log in

Related stories

0
ProgrammingDEV Community ·

Developer Releases Two Open-Source CLI Tools for Personal Finance and Cybersecurity

A developer named Nishant has released two open-source projects, PocketPilot and Archangel Security Suite, aimed at solving everyday problems in personal finance and cybersecurity. PocketPilot is a lightweight, command-line budgeting tool built with Go, Cobra, and SQLite that stores financial data locally, prioritizing user privacy over cloud-based ecosystems. Archangel Security Suite is a developer-friendly security toolkit focused on defensive security, automation, and raising vulnerability awareness throughout the software development lifecycle. Both projects are publicly hosted on GitLab and are open to community contributions including new features, testing, and documentation. The tools share a common philosophy that technology should give users greater control and confidence over their digital lives.

0
ProgrammingDEV Community ·

Developer Documents Multi-Day AWS Lambda and X API OAuth Integration Battle

A software developer set out to build an autonomous AI-powered content engine on AWS that could generate and post Wizarding World-themed content to X without human involvement. What appeared to be a simple weekend project — posting a single tweet from AWS Lambda — quickly became a complex struggle with X's multiple authentication methods. The developer initially used a Bearer Token, which returned 403 Forbidden errors, before discovering that posting tweets requires OAuth 2.0 User Context credentials representing an actual user, not just an application. A breakthrough came when switching from the tweet endpoint to a user-verification endpoint, which confirmed successful authentication for the first time. However, a new obstacle emerged when media uploads continued to fail with 403 errors, pointing to yet another layer of API permission requirements.

0
ProgrammingDEV Community ·

DevSwitch Automates SSH Key and Git Profile Management Across Multiple Accounts

Developers managing multiple GitHub accounts on a single machine have long relied on manual SSH config edits and folder-based identity routing, a process prone to misattributed commits and permission errors. A developer has built DevSwitch, a free, open-source desktop app and CLI tool, to automate this workflow on macOS, Windows, and Linux. The tool handles ED25519 key generation, uploads public keys to GitHub via OAuth, and switches Git identities instantly without requiring projects to be stored in specific folders. DevSwitch updates both global and local Git configurations and loads the correct SSH key into the agent with a single command or click. The app is available for free download at devswitch.in, installable via npm, and stores all data locally without transmitting private keys externally.

0
ProgrammingDEV Community ·

Developers Debate Best Practices for Managing AI Agent Skills Across Projects

A developer new to Agent Skills has raised practical questions about managing the growing complexity of skill files in AI-assisted workflows. Key concerns include how to avoid accumulating unnecessary skill files and deciding which resources genuinely add value to a project. The developer also questions how to keep locally stored skill files current as their upstream sources evolve over time. Portability is another challenge, with uncertainty around whether Git repositories or curated install lists are the best way to sync skills across projects and devices. The post invites the broader developer community to share established tools or workflows that address these management challenges.

ScanSearch Lets Developers Audit Exposed Network Services Without Active Scanning · ShortSingh