ShadowTrackr

Log in >
RSS feed

Vulnerabilities progress chart

03 November 2025
The main thing of the current update is the stacked bar chart showing the number of vulnerabilities over time. They are stacked by severity (CRITICAL, HIGH, etc.) and you can see the last 4 weeks and two months ago. You'll want to see the height of the bar going down of course, that would indicate a shrinking attack surface.

If you want to see which specific vulnerabilities you need to patch first to reduce you attack surface the most, have a look at the My vulnerabilities overview. The ones at the top are causing the biggest risks.

New: Shared hosting report

27 October 2025
There is a new report available in the report library that shows third party websites running on shared hosting where your websites are hosted too. These third party websites could be a security risk or damage your brand reputation, so you should have a look at them regularly.
You can also look up the shared hosting for your organization directly with this magic query:

$shared_hosting_report last_seen>-7d

If you find trouble, contact the hosting company and ask them to organize the shared hosting in such a way that the offending website is not sharing a host with your website anymore. Another option of course is using dedicated hosting.

Also, completely unrelated to shared hosting, with this weeks update everyone running a group account can now manage all users from the subaccounts in the groupaccount too.

New report options

20 October 2025
There have been some additions to the data and query language that allow better searching, reports and alerts.

The first is that you can and a url, with wildcard, to all of the magic software queries. A magic query is one that starts with a $, and it is magic because it gathers data in a way that is not possible in the query language in ShadowTrackr. Here's an example: 

$software_vulnerabilities_report last_seen>-7d url="*.com"

This will create a report of all vulnerable software found, with a list of assets with vulnerabilities that are found in the last week, but only for all your .com domains.

The second change is that you can use asset as a column in the assets and cves_assets indexes. Asset can be an ip address or a url/domain and it supports wildcards. Example: 

index=cves_assets asset="*.nl"

This will list all vulnerabilities (one per line) found on your .nl domains. Note that this index contains older (patched) vulnerabilities too, so if you only want the recents ones do: 

index=cves_assets last_seen>-7d asset="*.nl"

The third and last addition is the days column in the certificates index. It shows how long a certificate is valid in days. This allows you to make types of new reports, like this overview that groups certificates and issuers per how long the certificates are valid. 

index=certificates last_seen>-7d by days | table days issuer
Older posts >

Overview
Use cases
Plans and pricing
FAQ
Resources
API
Blog
Documentation
Integrations
Shodan
OpenCTI
Company
About
Contact us
Legal & Policy