I was searching some query on Shodan and was getting lots of Honeypots and i wanted to filter out all the result which are honeypot, i tried adding -honeypot but still it showed results with honeypot, what am i doing wrong? Help will be appreciated. Thanks
To remove honeypots from the search results you can add -tag:honeypot to the search query. Note that this requires a Corporate subscription.
If you just add -honeypot then you are excluding results where the banner's data property doesn't include the word honeypot. For more information about the search query syntax please visit:
https://help.shodan.io/the-basics/search-query-fundamentals
You need to use search filters to narrow results based on a specific property. A list of available filters is available at:
https://beta.shodan.io/search/filters
You do not need pay for an Enterprise subscription. Make this filter in shodan web:
Add the filter after your pattern search -"792/71644"
In the API terminal type this:
shodan search <your pattern search> | egrep -v "792/71644"
obs: this number is in all honeypot expressions and it is removed with this filter.
I hope aid by by *:
Related
I am trying to filter Google Cloud Security Command Center finding notifications by filter using this link. https://cloud.google.com/security-command-center/docs/how-to-api-filter-notifications
state or parent works fine to filter for. source_properties is one of the fields. Within source_properties ResourcePath is one of the fields, but when I submit to create a field I get back ERROR: (gcloud.scc.notifications.create) INVALID_ARGUMENT: Invalid Filter. If specified, filter should be on a field in the request.
Have tried "state = "ACTIVE" AND source_properties.resourcepath.folders = "456353778849""" filters like this. Anyone had any luck with this and what syntax do you use?
Use this format state="ACTIVE" AND source_properties.resourcepath:"456353778849"
The colon : is a "contain" notation.
In Azure DevOps is possible to #Tag a user in the comments of a work item. Is it possible to query the items to find the work items which have comments which I am tagged in?
Write a query that does a Contains Words on History, then use "#display name"
Use the Work items page and select "Mentioned" from the dropdown.
URL would look like: https://dev.azure.com/*YOURORG*/*YOURPROJECT*/_workitems/mentioned/
Note that this also picks up mentions in other fields such as description, but I find this to be the easiest way.
"Work items" Page
Mentioned" dropdown
Note the number of comments. If there are no comments, then clearly you weren't mentioned in a comment.
Sort by "Mentioned Date". Latest occurrence by default.
You can make a custom query just setting the ID in #RecentMentions like this:
I'm using OpenSearchServer to provide search functionality on a web site. I want to crawl all pages on the site for links to follow but I want to exclude some pages from the index. I can't work out how to do this.
Specifically the website includes a shop that has its own product search and I am keeping this search for products and categories. The product pages have URLs like http://www.thesite/p/123 so I don't want to include any page like this in the search results. However some product pages reference background info pages and I want these to be included in the search index.
The problem I have is that the filter has no effect on the results - it doesn't filter out the /p/ and /c/ results. If I change the filter by unticking the negative box I get no results so it seems to be either the contents of the field or the filter criteria that is causing the problem.
I've tried adding a negative filter to the default query called search in the Query > Filter tab on the index with url:"http://www.thesite/p/*"
but it seems that wildcards are not supported for query filters although they are supported for Crawler > Exclusion list filters.
I've tried adding a new field called urlField in Schema > Fields and populating it using an analyzer configured using the Whitespace Tokenizer and a regular expression (http://www.thesite/(c|p)/). When I use the Test button it seems to generate two tokens for my test URL http://www.thesite/p/123:
http://www.thesite/p/
p
I'd hoped to be able to use the first one in a Query > Filter to exclude all the shop results and optionally be able to use the p (for product) or c (for category) if I need to search the product pages sometime in the future.
The urlShop field in the schema is set up as follows:
Indexed: yes
Stored: no (because I don't need the field back, just want to be able to filter on it)
TermVector: No
Analyzer: urlShop
Copy of: url
I've added urlFilter:"http://www.thesite/p/" to Query > Filters with the negative box ticked.
This seems to have no effect on the results when I use the default renderer.
To see whether it affects the returned results I unticked the negative box in the query filter I get no results in the default renderer. This leads me to believe that the urlShop field is not being populated but I'm not sure how to check this directly.
I would like to know whether there is an easier way to do this but if my approach makes sense in the context of OpenSearchServer please can you help me identify what's wrong?
The website is running under IIS and OpenSearchServer will be configured on the same server running in Tomcat.
Finally figured this out...
Go to query and hit edit for your configured query. Then go to the filters tab. Add a query filter like this:
urlExact:"http://myurltoexclude*"
Check the "negative" box. Click add.
Now make sure to click "save in the tiny little button on the right hand side. This is the part I missed. The URLS are still in the DB and crawl, but at least they aren't returned in results.
We have a website where users put up ads for stuff they want to sell, with parameters such as price, location, title and description. These can then be searched for using sphinx and allowing users to specify min- and maxprice, a location with a searchradius (using google maps) etc. Users can choose to save these searches and get emails when new ads appear that fit their search. Herein lies the problem: We want to perform a reverse search every time an ad is posted. With the price, location, title and description as parameters we want to search through all the saved "searches" and get the ones that would have found the ad. The min- and maxprice should just be performed in a query i suppose, and some Quorom syntax to get all ads with at least 2 or mby just 1 occurance in the title/description. Our problem lies mostly in the geo-search. How do we find all searches where the "search-circles" would include our newly posted location without performing a search for every saved search?
That is the main-question, any comment on our suggested solution to the other problems is also very welcome. Thank you in advance / Jenny
The standard 'geo-search' support on sphinx should work just as well on a Prospective Index, as a normal retrospective search.
Having built a sphinx 'index' of all the saved searches...
And you run a query using the 'ad' as the search query:- rather than the 'filter' using a fixed radius, you just use the radius from the attribute (ie the radius stored on the particular query) - if using the API cant use setFilterRange directly, need to use setSelect, to make a new virtual attribute.
$cl->setSelect("*,IF(#geodist<radius,1,0) as myfilter");
$cl->setFilter('myfilter',array(1));
(and yes, the min/maxprice can just be done with normal filters too - just inverting the logic to that you would use in a retrospective search)
... the complication is in the 'full-text' query, if the saved search is anything more than a single keyword, but you appear to have already figured out that part.
I'm sure this is something simple for which I just haven't found the documentation:
I have a website with a member directory. All of the member data is stored in a members channel, which uses a variety of custom fields – some of which are part of the P&T Field Pack.
I use a Safecracker form to enter the data, and it renders the custom fields beautifully:
What I want is essentially the same form, but have it perform a search, instead of enter the field data.
I've scoured the Search Module documentation, but can't find information on how to search individual fields, let alone how to render them. I've also searched the Safecracker documentation for how to configure it to search (the ideal solution).
How do I do this?
Any help would be appreciated.
Thanks!
ty
EE's search module won't do what you want - it's more of a general search tool, and its "Advanced search" form is less about custom fields and more about things like channels and categories.
You want to look at Solspace's Super Search. It's much more powerful, and will allow you to do exactly what you want in terms of your query - though you will have to build the form manually (i.e., you won't get the SafeCracker-style simplicity of using {field:field_name} to have your form fields output for you).
I would also recommend checking out SuperSearch.