+John Teacake MVC Posted March 23, 2019 MVC Share Posted March 23, 2019 The idea came from a few weeks ago after a conversion on a Friday afternoon with a colleague. To say that I am passionate about this kind of stuff is an understatement. The motivation stems from a deep rooted personal interest of mine. Anyway I wrote some computer scripts (In Python) to collate the data and ran it. I initially published it here. https://github.com/tg12/MappingGovUKDomains https://www.reddit.com/r/netsec/comments/ayumsf/mapping_the_state_of_the_govuk_domain_space/ Whilst I wasn't expecting this at all I have to say that it has been an very interesting project and I am quite proud of it. I was approached by a journalist who works for Wired/New Scientist. They seemed very interested about running an article if I could answer a few questions about it all, So I enlisted the help of a fellow Redditor. Very talented individual with direct experience in the InfoSec world and we came up with the results. Here is the article. It makes for interesting reading. https://www.newscientist.com/article/2197453-thousands-of-security-flaws-found-on-uk-government-websites/ Here is the data we generated. https://github.com/nannal/GovUK-CVE Please feel free to ask any questions. If you want to publish this further on your blog/site or wherever I would be very grateful/more than happy about it. Jim K, Yogurth, goretsky and 1 other 4 Share Link to comment Share on other sites More sharing options...
+BudMan MVC Posted March 24, 2019 MVC Share Posted March 24, 2019 Be interesting to see what the .gov sites shows Nice script and nice find - but to be honest are you actually surprised at the findings.. I mean really.. Did you get the idea from the scan of all of Austria? https://blog.haschek.at/2019/i-scanned-austria.html Most of the public facing stuff is shambles.. Be it gov controlled or not. Link to comment Share on other sites More sharing options...
+John Teacake MVC Posted March 31, 2019 Author MVC Share Posted March 31, 2019 On 3/24/2019 at 2:53 PM, BudMan said: Be interesting to see what the .gov sites shows Nice script and nice find - but to be honest are you actually surprised at the findings.. I mean really.. Did you get the idea from the scan of all of Austria? https://blog.haschek.at/2019/i-scanned-austria.html Most of the public facing stuff is shambles.. Be it gov controlled or not. Very good point! I didn't expect any less but it was nice to put some numbers behind the research and get picked up by New Scientist. Link to comment Share on other sites More sharing options...
+BudMan MVC Posted April 1, 2019 MVC Share Posted April 1, 2019 oh fantastic! you have to be over the moon! And even if only small % of the sites get the hint and fix some stuff up its a huge win. Link to comment Share on other sites More sharing options...
Recommended Posts