How Just-Metadata Reinvents IP Analysis

By Red Siege | March 21, 2024

Tool developed by: Chris Truncer

Cracking the Code with Just-Metadata

Imagine trying to solve a giant puzzle where each piece is hidden in a massive digital world. That’s what dealing with cybersecurity data can feel like. But here comes Just-Metadata, a cool tool that changes the game for people who protect our computer networks, like cybersecurity pros and CISA’s. It turns the tricky task of looking through tons of data into something way simpler. Just-Metadata helps you see how all the pieces of data are connected, kind of like finding hidden paths on a map. It’s not just about collecting tons of info; it’s about figuring out what it all means so you can make your computer networks stronger.

Discovering Hidden Links

Just-Metadata is like a detective’s magnifying glass for the internet. It helps find secret paths between computers, websites, and user accounts that you wouldn’t notice at first glance. By looking at the data’s metadata (that’s the data about the data!), this tool can show you how everything in your network fits together. This is super important for finding weak spots in the network where bad guys might try to sneak in. With Just-Metadata, people who work to keep our digital world safe get an awesome tool to help them see the whole picture and keep our information secure.

Using Just-Metadata

 

 

To use Just-Metadata, the first thing you will do is load into the tool a list of IPs that Just-Metadata will analyze. This can be done with single IPs on a new line in a text file, or using CIDR notation.

 

Once IPs are loaded into the tool, you can tell Just-Metadata to start gathering data from various sources (a subset of what is supported is shown below).

 

Once the various sources have finished gathering all the data, you can analyze the data and search for various trends, a subset of which are shown below.

 

An example output could look like the following:

 

Learn More

Just-Metadata is just the beginning. If you’re intrigued by the possibilities of peeling back the layers of your network and uncovering the secrets within, there’s more where that came from. Check out Red Siege’s toolbox for an arsenal of free cybersecurity tools. If you’re looking to dive deeper, have questions, or just want to connect with fellow cybersecurity enthusiasts, join us on our Discord.

Adventures in Shellcode Obfuscation! Part 1: Overview

By Red Siege | June 17, 2024

by Mike Saunders, Principal Security Consultant This blog is the first in a series of articles on methods for obfuscating shellcode. I’ll be focusing on how to obfuscate shellcode to […]

Learn More
Adventures in Shellcode Obfuscation! Part 1: Overview

Essential Steps for Management to Maximize the Value of a Penetration Test Report

By Red Siege | June 3, 2024

by Tim Medin, CEO Penetration testing is a critical component of a well-rounded cybersecurity strategy. Penetration testing identifies vulnerabilities before malicious actors can exploit them. However, the true value of […]

Learn More
Essential Steps for Management to Maximize the Value of a Penetration Test Report

Fun With JWT X5u

By Red Siege | May 30, 2024

by Senior Security Consultant Douglas Berdeaux On a recent web application penetration test engagement, I came across a JSON Web Token (JWT) that contained an x5u header parameter. I almost […]

Learn More
Fun With JWT X5u

Find Out What’s Next

Stay in the loop with our upcoming events.