Exactly one year ago, while enjoying a beer by the lakes in Copenhagen, my partner Andreas and I found ourselves discussing a shared frustration: the tedious and repetitive task of mapping the digital footprints of actors and devices in cyberspace.

There had to be an easier way—an automated solution capable of handling 90% of the work in a fraction of the time. A platform powered by rich, diverse sources of internet data, allowing analysts to hunt and track adversaries through unique pivot points and enrichments.

This was the line of thinking that gave birth to Webscout. Building on the foundational work of giants in the field like Shodan, ProjectDiscovery, Spiderfoot, and many more, we started to tackle this challenge head-on.

Before Webscout, a typical reconnaissance session could look a little something like this for us. First, we would crawl and fingerprint websites using tools like Burpsuite, Nuclei, Wappalyzer, and Katana. Then, we would inspect and scan the website’s IP-addresses with passive tools, such as Shodan and Censys, and active tools, such as Nmap and Nabuu. After that comes the search for additional domains and subdomains using both active and passive tools for DNS enumeration such as certificate logs, dnsdumpster, ffuf, and subfinder. Finally, rinse and repeat the procedure on all the newly identified data points. A reconnaissance session like this could easily take hours and dozens of different tools.

Webscout started out as a patchwork of automation scripts and oneliners, with output from one OSINT tool feeding into the next, creating a chain of intelligence gathering and structuring of data. It was not pretty to say the least, and we have come a long way since then. This blogpost celebrates some of our biggest achievements, and provides a view into what the future holds for Webscout.

After a stressful 2022 filled with late nights, deconstructing initial versions, and continuously refining our approach based on lessons from setbacks and challenges, we're now beginning to see the rewards of our persistence. This section outlines some of our most notable achievements.

• Collaboration with IntelligenceX for e-mail discovery
• Association with DataPlane for insights on internet background noise
• Honored with the UN Sustainable Development Grant
• Alliance with ProjectDiscovery for subdomain enumeration
• Awarded the Innofounder Program for promising Danish startups

Collaboration with IntelligenceX for e-mail discovery. In the early stages of 2022, even before our Proof of Concept was live, we approached the Czech intelligence company, IntelligenceX, with a request to access their extensive dataset of breached accounts. To our big surprise, despite our near-nonexistent presence on the internet, they graciously granted us limited access to their dataset which later led to Webscout's feature on Episode 290 of IntelTechniques’ popular podcast, “The Privacy, Security, & OSINT Show”. We express our deep gratitude for their partnership and urge our readers to explore what IntelligenceX have to offer.

Association with DataPlane for insights on internet background noise. In the beginning of 2023, I attended a security conference in Spain about cyber defence, forensics, and incident-response. It was here that John Kristoff from DataPlane showcased their innovative network of sensors, specifically designed to monitor both targeted and random web vulnerability scanning and internet background noise. Inspired by their work, I caught Kristoff after his talk and introduced him to Webscout and our vision for the project. After a quick chat, John graciously approved our request to integrate data from the DataPlane network - please check them out and support them if you can.

Honored with the UN Sustainable Development Grant. Come Spring 2023, we were thrilled to receive a grant from the UN, designated for startups striving towards any one of the UN's 17 Sustainable Development Goals. We were recognized for our efforts to securing critical digital infrastructure. The financial boost from the grant enabled us to invest in hardware necessary to scale quickly in response to demand and to delve deeper into internet data at large.

Alliance with ProjectDiscovery for subdomain enumeration. It's no secret that Webscout has been profoundly influenced by ProjectDiscovery from its inception. Their array of web reconnaissance tools is nothing short of groundbreaking, and their mission to make information security and bug bounty hunting accessible to all resonates deeply with us. We are privileged to announce our partnership with ProjectDiscovery, who have allowed us to harness the power of their Chaos project for our subdomain discovery endeavors. If you aren't using at least one of their tools yet, you're missing a significant opportunity. Check them out here.

Awarded the Innofounder Program for promising Danish startups. We are honored to be accepted into the prestigious Innofounder program, which seeks to accelerate and support the most promising startups based in Denmark. The Innovation Fund of Denmark's Innofounder program is dedicated to transforming innovative ideas into impactful solutions that not only drive growth but also address pressing societal challenges. Accepting the programme requires us to commit full-time to our project, so we're excited to share that starting in November 2023, we will be going full-time on Webscout. We can’t wait to embark on this unique opportunity to finally give Webscout the time and dedication it deserves.

Way ahead

Currently, many of our users are bug bounty hunters and web security researchers who use Webscout as one of many web reconnaissance tools. While we have a strong interest in OSINT and web reconnaissance, our true passion and expertise lie in cyber threat intelligence. With each feedback loop and project iteration, it has become increasingly clear that our most meaningful direction is CTI.

Therefore, moving forward, we will focus on developing a cyber threat intelligence platform. While the details are still evolving, we envision a platform that enables deep dives into hundreds of terabytes of raw internet data, supporting the large-scale enrichments necessary to efficiently identify, hunt, and track adversaries in cyberspace.

Our ultimate goal is to build tomorrow’s community platform for cyber threat intelligence sharing and internet security research; a platform where every web artifact and indicator is clickable, pivotable, and where large-scale enrichments are both easy and intuitive to perform.

Thank you so much for your continued support. We can't wait to show you what we are capable of. Back to work.

❤️
Jonathan & Andreas