Follow Slashdot stories on Twitter


Forgot your password?

Project Un1c0rn Wants To Be the Google For Lazy Security Flaws 43

Daniel_Stuckey (2647775) writes "Following broad security scares like that caused by the Heartbleed bug, it can be frustratingly difficult to find out if a site you use often still has gaping flaws. But a little known community of software developers is trying to change that, by creating a searchable, public index of websites with known security issues. Think of Project Un1c0rn as a Google for site security. Launched on May 15th, the site's creators say that so far it has indexed 59,000 websites and counting. The goal, according to its founders, is to document open leaks caused by the Heartbleed bug, as well as 'access to users' databases' in Mongo DB and MySQL. According to the developers, those three types of vulnerabilities are most widespread because they rely on commonly used tools. For example, Mongo databases are used by popular sites like LinkedIn, Expedia, and SourceForge, while MySQL powers applications such as WordPress, Drupal or Joomla, and are even used by Twitter, Google and Facebook."
This discussion has been archived. No new comments can be posted.

Project Un1c0rn Wants To Be the Google For Lazy Security Flaws

Comments Filter:
  • by Anonymous Coward

    Seriously? Way to instantly lose all credibility in educated people's eyes

  • by Anonymous Coward

    Given it's a listing of security flaws, and the use of automation in malware, etc, I think it should be Project Un1cr0n.

  • Almost useful (Score:3, Interesting)

    by Anonymous Coward on Wednesday June 11, 2014 @11:48AM (#47212885)

    Ok, you've got Google's list of everything, Un1c0rn's list of everything unsafe. What I want is the subset of Google's list that is not on Un1c0rn's list.

    Someone hack together that metasearch tool and I'll (anonymously) support you.

  • by Doug Otto ( 2821601 ) on Wednesday June 11, 2014 @11:53AM (#47212929)
    The search engine on that site returned 7800 sites when I searched on a single IP address. Maybe the site is useful but the signal to noise ratio is WAY too low to bother with.
    • by ADRA ( 37398 )

      Well to be fair, some hosting companies have like a million sites hosted off a single IP, so not exactly irrelevant unless you know its a buggy scanner. Maybe the introduction of better summarization and breakdown tools are needed to enhance the tool, but hell anything takes time to work well for public consumption.

    • Re:Seriously? (Score:5, Informative)

      by Iarwain Ben-adar ( 2393286 ) on Wednesday June 11, 2014 @12:12PM (#47213103)
      Try putting quotes around your IP address. You'll get better results.
      • Thanks, that did the trick. I too was getting a lot of results when searching for very specific host names. Quotes around either an IP or host name reduced the results to zero (which is obviously what I was hoping for!). And just to test further I put quotes around a random result that did show up in my initial searches and it just came up once, as expected.

        I wouldn't depend it as the only means of double checking a site but it's a good edition to the tool belt. And it should only get better if they don't g

  • I predict... (Score:5, Insightful)

    by Chris Mattern ( 191822 ) on Wednesday June 11, 2014 @11:57AM (#47212969)

    If it's actually useful in uncovering sites with security defects, the owners will all be facing criminal indictments before the year is out.

  • by tiberus ( 258517 ) on Wednesday June 11, 2014 @12:00PM (#47212991)
    Okay, so I want to visit a site. So I have to go search Un1c0rn to see if it's on the list? What about all the ad, video and other sites this sites gets content from? Seems like a plugin that uses data from the "your site is in a poor state" database would be much more practical. It could replace at risk content with a big WHOA! graphic...
  • by fredrated ( 639554 ) on Wednesday June 11, 2014 @12:02PM (#47213007) Journal

    Was this named by a five year old?

  • The search function is worthless, which pretty much makes the whole site worthless. Their data may be good, but if I can't find my site by hostname OR ip without paging through 243 pages of 10 sites at a time... Nope.
    • Try this: add quotes to your search []

      • Added the quotes around my searches and went from way too many results to none. I guess that's a good thing.
        • Yeah, that's what I was hoping for as well. Just to double check the quoting thing though, try this; do a search without the quotes, pick one "hit" from the results and then search for that with the quotes. The expected behavior is that you will get one result. That's what happened when I tried a couple of specific, quoted searches for host names and IP addresses that came back in previous, unquoted searches.

          As I mentioned elsewhere I wouldn't count on this alone but it's a good addition to the other tools

      • Truly? Every second guy on /. is incapable of using a search bar correctly?
  • by q4Fry ( 1322209 )
    So the site [] that is on there: Honeypot?
    • I would say, check the data in there. If it's closed already it's probably a leak. If it's still open it's either : 1. Testing server with no important data 2. Honey pot servers, waiting for project like us to pick on them and collect our scanners IPs. 3. Really careless people
  • Project or password?
  • by koan ( 80826 )

    Shodan HQ?

  • While surprisingly effective IRL, not so much on the Internet.

  • Maybe this was the real reason behind the name:

Loose bits sink chips.