Explore Waves: Insights from Our Internet-Wide Research

The vibe coding revolution has empowered millions to build and deploy websites using natural languages. Entrepreneurs, artists, and small businesses can now bring their ideas to life online without writing a single line of code. But has this convenience come at a hidden security cost?

The internet has tons of services we love to use every day, whether it’s posting a picture on Instagram, shopping on Amazon, or playing an online game with your friends. These apps and services work by interacting with servers using something called “application programming interfaces”, or “APIs” for short.

At RedHunt Labs, we conduct extensive internet-wide studies as part of Project Resonance to stay ahead of the evolving cyberspace and enhance our Attack Surface Management (ASM) platform. This blog highlights our recent research, where we analyzed billions of IP addresses to check for port 80 open, uncovering fascinating insights.

At RedHunt Labs, we regularly perform various internet-wide studies as a part of Project Resonance, to keep up with ever-changing cyberspace and enrich our Attack Surface Management product, NVADR. This blog post is about our recent study in which we analysed the Tranco Top 1 Million websites, resulting in interesting insights.

We decided to dive deep into this issue and look into what the state of security looks like when it comes to storage buckets that we discovered from across the internet this wave is all about it, so brace yourselves for seeing the exciting insights that we were able to pull from here!

We at RedHunt Labs conducted a mass scan on a sample of ~40000 Firebase subdomains to understand their state of security. This wave details the common misconfiguration found in Firebase applications and our findings from the scan regarding data breaches.