Our Cyber Security Services (CSS) division spend a fair amount of time working with companies on threat assessments. They’ve been doing this stuff for several years, and during that time, they developed some useful tools to make their jobs easier.
One of those tools is Riddler. It’s a web crawler that makes Internet metadata available via a search interface, and it’s useful for looking at relationships between domains, hosts, and IP addresses. It also lists metadata associated with sites that can give you clues as to any potential security issues. I got a hold of Riddler about half a year ago, and have had quite a bit of fun playing around with it since then.
Riddler has been available to the public for a while now, but as a company we’ve not really made much noise about it. You can access a web interface to it at riddler.io. The free version only returns ten results from a query, so it has limited use, but the subscription version is a lot more interesting. With that, you get access to a command-line interface and an API which makes it pretty easy to build your own mapping and monitoring tools.
I just finished writing a white paper about Riddler, which is available here. The paper tells the story behind Riddler – why and how we built it, a short guide on how to use it, and some ideas about what it can be used to do. If you’re interested in doing threat assessments, or like myself, just enjoy digging through Internet metadata, give it a look!