Tag list and their meaning within riskscan
riskscan contains a subset of data that can be found in datascan and vulnscan categories. In riskscan, we focus on most important threats, the one you should fix on your Internet connected devices. For instance, if you have a database exposed without authentication, a rdp service, or a critical vulnerability, you should act quickly.
In the below list of tags, we indicate the source dork that was used to match against the given risk. We then show the corresponding riskscan dork and the meaning of the risk. Finally, we explain why it is important to take care of identified risk.
Tags and their meanings
risk::criticalcve
Source dork: category:vulnscan -exists:cve riskscan dork: category:riskscan tag:risk::criticalcve
risk::sensitiveprotocol
Source dork: category:datascan ?protocol:rpc ?protocol:wcf ?protocol:sip ?protocol:adb ?protocol:rdp ?protocol:x11 ?protocol:vnc ?protocol:smb ?protocol:ssh ?protocol:snmp ?protocol:ntp ?protocol:rsync ?protocol:telnet ?protocol:xdmcp ?protocol:winrm ?protocol:dcerpc ?protocol:fw1topo ?app.http.component.product:“RD Web Access” riskscan dork: category:riskscan tag:risk::sensitiveprotocol
risk::sensitivedevice
Source dork: category:datascan ?device.class:medical ?device.class:C2 ?device.class:infostealer ?device.class:SCADA ?device.class:printer ?device.class:camera ?device.class:hvac ?device.class:ups riskscan dork: category:riskscan tag:risk::sensitivedevice
risk::opendatabase
Source dork: category:datascan device.class:database tag:open riskscan dork: category:riskscan tag:risk::opendatabase
risk::exposeddatabase
Source dork: category:datascan device.class:database !tag:open riskscan dork: category:riskscan tag:risk::exposeddatabase
risk::vpnserver
Source dork: category:datascan device.class:“vpn server” riskscan dork: category:riskscan tag:risk::vpnserver
risk::compromised
Source dork: category:datascan tag:compromised riskscan dork: category:riskscan tag:risk::compromised
risk::certexpired
Source dork: category:datascan -tlsexpired:1 riskscan dork: category:riskscan tag:risk::certexpired
risk::loginmanagement
Source dork: category:datascan tag:login tag:management riskscan dork: category:riskscan tag:risk::loginmanagement
risk::loginpage
Source dork: category:datascan tag:login !tag:management riskscan dork: category:riskscan tag:risk::loginpage
risk::smbnullsession
Source dork: category:datascan app.smb.nullsession:true riskscan dork: category:riskscan tag:risk::smbnullsession
risk::ftpanonymous
Source dork: category:datascan app.ftp.anonymous:true riskscan dork: category:riskscan tag:risk::ftpanonymous
risk::openbucket
Source dork: category:datascan tag:openbucket riskscan dork: category:riskscan tag:risk::openbucket
risk::opendir
Source dork: category:datascan tag:opendir riskscan dork: category:riskscan tag:risk::opendir
risk::opensip
Source dork: category:datascan tag:open protocol:sip riskscan dork: category:riskscan tag:risk::opensip
risk::infodisclosure
Source dork: category:datascan ?tag:phpinfo ?tag:serverinfo ?tag:serverstatus riskscan dork: category:riskscan tag:risk::infodisclosure
risk::debug
Source dork: category:datascan tag:debug riskscan dork: category:riskscan tag:risk::debug
risk::backupsolution
Source dork: category:datascan device.class:“Backup Solution” riskscan dork: category:riskscan tag:risk::backupsolution
risk::iot
Source dork: category:datascan device.class:IOT riskscan dork: category:riskscan tag:risk::iot
risk::obsolete
Source dork: category:datascan tag:obsolete riskscan dork: category:riskscan tag:risk::obsolete