Changelog
🔑 GET YOUR FREE API KEY🤖 AI Assistant
Start typing to search…
Back to All
added

{ New } - Sensitive Applications Field

16 days ago by Dan Benchetrit

Added sensitive_applications Field to API (additional_fields)

We’ve added a new optional field in the additional_fields array of our API:
🔍 sensitive_applications

This field enriches external domain results with insight into potentially sensitive applications exposed within the compromised machine’s URL structure.

Field name: "sensitive_applications"

Field type: string (enum value within additional_fields)

Description: Adds detection of sensitive applications based on a predefined list of known high-risk web apps and services.

What it does:

Parses compromised URLs to identify references to sensitive applications (e.g. admin panels, security consoles, developer tools, cloud management platforms, etc.).

Flags presence of these apps to help prioritize remediation based on risk exposure.

Request Body Example:

curl --request POST \
     --url https://api.hudsonrock.com/json/v3/search-by-domain \
     --header 'accept: application/json' \
     --header 'api-key: <API_KEY>' \
     --header 'content-type: application/json' \
     --data '
{
  "domains": [
    "tesla.com",
    "teslamotors.com"
  ],
  "types": ["employees"],
  "keywords": ["sso"],
  "keywords_match": "any",
  "filter_credentials": true,
  "additional_fields": ["sensitive_applications"]
}
'

Response Example:

{
   "_id":"67a08ccd465561f4625e840f",
   "stealer":"...",
   "stealer_family":"Lumma",
   "date_uploaded":"2025-02-03T09:30:52.468Z",
   "employeeAt":[
      {
         "..."
      }
   ],
   "clientAt":[
      {
         "..."
      }
   ],
   "date_compromised":"2025-01-25T12:03:26.000Z",
   "ip":"...",
   "computer_name":"...",
   "operating_system":"...",
   "malware_path":"...",
   "antiviruses":[
      {
         "..."
      }
   ],
   "credentials":[
      {
         "url":"https://sso.tesla.com/adfs/ls",
         "domain":"tesla.com",
         "username":"••••••••••,@tesla.com",
         "password":"••••••••••",
         "type":"employee",
         "password_strength":{
            "contains":[
               "lowercase",
               "symbol"
            ],
            "length":10,
            "id":1,
            "value":"Weak"
         }
      }
   ],
   "sensitive_applications":[
      {
         "name":"adfs",
         "description":"Active Directory Federation Services, a software component developed by Microsoft, can run on Windows Server operating systems to provide users with single sign-on access to systems and applications located across organizational boundaries."
      },
      {
         "name":"sso",
         "description":"Single sign-on is an authentication scheme that allows a user to log in with a single ID to any of several related, yet independent, software systems. True single sign-on allows the user to log in once and access services without re-entering authentication factors."
      }
   ]
}