LOGIN REGISTER
open_in_full
  • home
    • Dashboard
    API Docs User Guide
    Overview
    Introduction
    Dashboard
    Core Search
    Additional Functionality
    Lookalikes
    Bulk Analyze
    Threat Actor Profiles
    Live Scanning
    Miscellaneous
    Frequently Asked Questions
    Support and Contact

    Starting a Search


    To start a query, type a domain, IP address, string, or hash into the search bar at the top of the search page and hit "Enter". This will populate the tabs with search results. Validin automatically fangs domains and IP addresses that are entered into the search bar, and autodetects the type of the query.

    Start Search

    Start a search for validin.com

    If you find yourself result limited, or want to narrow a search, you can use the search filters. The search filters allow you to override default behavior in a number of different ways.

    1. Filter the results by type
      • You can select the categories to be included, for example, you only want DNS A records to come back in the Resolutions Tab.
    2. Add specific filters
      • You can filter the results that are of type domain by zone, for example, only find .com domains. You can do the same thing with IP addresses, only finding IP addresses in a certain CIDR. You can also put an AS instead of a CIDR range, and validin will automatically filter for IP addresses in that AS.
      • The title, jarm, and header hash filters only apply to responses from web crawling, only showing host responses that satisfy the search conditions.
    3. Override default search behavior
      • If you select override type, you can choose your own type instead of what Validin autodetects.
      • You can also parse the domains out of URLs and trim whitespace from search queries or stop refanging indicators.

    Once you perform a search, Validin will display the currently active search filters at the top of the page. If you want to remove these filters without opening the entire popup, you can simply remove the move and hit the search button again (the text will change to "Apply Filters") to indicate that the filters have changed.

    Search Filters

    The Search Filters includes options to restrict time ranges, and filter results by specific CIDRs or zones as necessary.

    You can also start searches in other dimensions using the tabs at the top of the page. Depending on the search key and your permissions, different search patterns will be available for you

    Search Tabs

    The Search Tabs at the top of the page allow you to interact with different search patterns depending on your permissions.

    1. Lookalike Search (only available to paid and enterprise users)
    2. Live Scan (only available to enterprise users)
    3. Bulk Search (only available to paid and enterprise users)
      • Bulk Searching allows you to add indicators directly to a "bulk search set" as you search
      • You can add indicators by selecting them in the table
      • The red icon in the top right of the bulk search button indicates the number of indicators currently in your bulk search set

    Add Bulk Indicators using tTable

    Add Indicators to a Bulk Search by selecting them in the tables

    Bulk Indicators Count

    See how many indicators are in your bulk search set

    Dashboard  |  Reputation