Forem: Alexandre Vandamme

Why Domain Monitoring Is Essential for a Company

Alexandre Vandamme — Thu, 07 Aug 2025 03:45:03 +0000

The security of corporate credentials has become a critical issue. Between data breaches, phishing attacks, and malware designed to harvest passwords, any undetected exposure can have disastrous consequences. To avoid data theft or account hijacking, establishing a domain-wide monitoring system is now indispensable.
What LeakRadar Delivers
Compromised-Credential Detection

LeakRadar collects and analyzes billions of logs from a variety of sources—forums, the dark web, and more. By continuously watching your domain, the platform quickly pinpoints any credentials linked to your corporate email addresses.
Real-Time Alerts

The moment a new breach mentioning your domain is detected, you’re notified. This lets you act before an attacker can exploit the stolen information.

API & Automation

With its API, organizations can plug monitoring directly into internal tools (SIEM, SOC solutions, and more). You can automate searches or generate regular security reports with ease.
Why This Approach Matters

Speed of Response: The sooner a leak is spotted, the faster you can take corrective measures—reset passwords, block compromised accounts, and so on.

Broader Visibility: Many breaches occur outside your own systems (third-party services, unsecured platforms). Domain monitoring dramatically expands your line of sight.

Risk Management: Knowing the nature and scope of exposures lets you prioritize actions and strengthen security policies (strong authentication, employee awareness).

Compliance: In certain industries, promptly detecting and reporting leaks is a regulatory requirement. Proactive monitoring helps you stay compliant.

Conclusion

Adopting a monitoring solution such as LeakRadar equips you to safeguard both your users and your business. By continuously watching over your domain, you stay a step ahead of cyber-criminals and dramatically reduce the potential impact of a data leak. It’s a strategic investment in the longevity and reputation of your company.

Prevent Account Fraud by Checking Leaked Credentials with LeakRadar.io

Alexandre Vandamme — Fri, 25 Jul 2025 05:48:01 +0000

Most fraud starts with reused credentials. Malware like RedLine or Raccoon harvests logins from infected devices. These stealer logs are leaked online and later used for account takeovers.

If your users or employees appear in those logs, your app is already vulnerable.
✅ Proactive Protection with LeakRadar.io

With over 4.7 billion leaked credentials indexed, LeakRadar helps you:

Search emails or domains instantly
Spot exposed accounts and force password resets
Get alerts via Slack, webhook, or Telegram (subscription required)
Automate everything with our REST API (API key required)

Try it: https://leakradar.io

Neutralize Stolen Passwords in 30 Minutes – LeakRadar.io

Alexandre Vandamme — Thu, 24 Jul 2025 07:18:18 +0000

52 million fresh logins hit dark‑web markets every week . If you can spot yours first, attackers lose their advantage. Here’s the lightning‑fast workflow:

Instant scan (5 min).
• Open LeakRadar → Domain Search → enter your‑company.com.
• Results appear in seconds—employees, customers, suppliers.

Rapid reset (10 min).
• Export the CSV.
• Feed usernames to Okta / Azure AD; force password change + session revocation.
• One PowerShell or API call does the job.

Always‑on defense (15 min).
• Add your domain to Monitoring; choose Slack / Webhook alerts.
• Enable Auto‑unlock so the clear‑text password lands right in the alert.
• LeakRadar ingests new stealer‑logs every 12 hours —you’ll know before attackers do.

Act now: run a free domain scan on LeakRadar.io and shut down opportunistic logins before they start.

Stop Employee Account Takeovers Before They Begin

Alexandre Vandamme — Tue, 22 Jul 2025 07:30:57 +0000

Why employee credential leaks are a ticking time-bomb ⚠️

Info-stealer malware drops millions of clear-text usernames and passwords on public forums and Telegram channels daily. The playbook for criminals is simple:

Buy a dump that contains one of your employees’ logins.
Reuse the exposed password.
Bypass MFA with stolen session cookies.
Move laterally through your network.

LeakRadar solves the issue at its root.

3 B+ credentials already indexed, with new records ingested around the clock.
Domain, email, or keyword watches with real-time alerts via Email, Slack, Telegram, or webhook.
Filters to zero in on employees, customers, or third parties.

Protect your domain in under 3 minutes 🚀

Add a notification channel

Monitoring → Notification methods → Create

Choose Email, Slack, Telegram, or Webhook. A test ping confirms delivery.
Select what to watch

Monitored assets → New asset

Type: Domain — Value: acme.com

Scope: All leaks, Employees, Customers, or Third parties.
(Optional) Enable Auto-unlock

Spend daily points so the clear-text credentials are included directly in every alert.

Example alert payloads 📬

Auto-unlock ON

{
  "leaks": {
    "message": "New leaks found for acme.com",
    "unlocked_leaks": [
      {
        "id": "123",
        "url": "https://acme.com/leak/123",
        "username": "j.doe",
        "password": "password123",
        "added_at": 1744824404789
      }
    ]
  }
}

Auto-unlock OFF

{
  "leaks": {
    "message": "New leaks found for acme.com"
  }
}

You decide whether your SIEM/SOAR receives the full password or just the heads-up.

First actions to automate 🤖

Employees — Hit the IdP API (Okta, Azure AD, …) to force-reset the password and revoke active sessions.
Customers — Bump the account’s risk score, mandate MFA, or trigger step-up verification.
Third parties — Alert the vendor and pause their access until they remediate.

Try it free in 30 seconds 🆓

Head to LeakRadar.io.
Enter your corporate domain — no credit card required.
In seconds, see how many employee, customer, or supplier logins are already exposed.

Every password you fix today is one less breach tomorrow. Run your free domain scan now.

Written by **Alexandre Vandamme**

Follow me for more practical security guides and tooling deep dives.

Introducing SubdomainRadar.io: Your Comprehensive Solution for Subdomain Enumeration and Vulnerability Scanning

Alexandre Vandamme — Tue, 05 Nov 2024 00:18:11 +0000

In the ever-evolving digital landscape, safeguarding your online assets is more important than ever. SubdomainRadar.io offers a comprehensive solution for subdomain enumeration, vulnerability scanning, and port scanning—all in one user-friendly platform.

Why SubdomainRadar.io?

Efficient Subdomain Enumeration: Uncover all subdomains associated with your domain using advanced techniques. Start your scan now at SubdomainRadar.io.
Vulnerability Scanning: Identify and address security flaws before they become threats. Learn more about our scanning tools at SubdomainRadar.io.
Port Scanning: Detect open ports and services to strengthen your network security. Try it today at SubdomainRadar.io.
User-Friendly Interface: Navigate through our intuitive dashboard designed for both beginners and experts. Experience it firsthand at SubdomainRadar.io.

Get Started Today

Don’t leave your digital assets unprotected. Visit SubdomainRadar.io to sign up for a free account and take control of your web security.

For inquiries, contact us at contact@subdomainradar.io.

SubdomainRadar.io - Your Subdomain Finder & Port Scanner

Alexandre Vandamme — Sat, 19 Oct 2024 13:47:20 +0000

Looking for those hidden subdomains and checking which ports are open? SubdomainRadar.io is your go-to tool for fast, efficient subdomain discovery and port scanning.

Sign up for free, grab 100 points, and start scanning in no time. Whether you’re after a quick overview or a deep dive into a domain’s substructure, SubdomainRadar.io has you covered. From Fast to Deep Scans, it finds all those forgotten subdomains others miss—and checks their ports to spot any open doors.

Need automation? Use our easy API to integrate subdomain searches into your workflow. It’s as simple as plug-and-play with our Python wrapper.

Why wait? Try SubdomainRadar.io today and uncover the hidden layers of the web! 🚀

How I Made $6,200 in a Single Bug Bounty

Alexandre Vandamme — Fri, 11 Oct 2024 07:30:41 +0000

Recently, I made $6,200 from a bug bounty thanks to SubdomainRadar.io. As a cybersecurity researcher, I often look for exposed subdomains that can reveal security vulnerabilities. Using SubdomainRadar.io, I performed a Deep Scan on a large platform and discovered several hidden subdomains that were publicly accessible and unprotected.

After reporting the issue to the company, they recognized the critical nature of the vulnerability and rewarded me with $6,200.
Why SubdomainRadar.io?

Deep Scans: It uncovers subdomains other tools miss.
API Integration: Easy to automate in my workflow.
Fast and Efficient: Gets results quickly, saving time.

If you’re into bug bounty hunting or penetration testing, SubdomainRadar.io is a must-have tool that can help you discover more vulnerabilities and increase your chances of earning bigger rewards.

Discover Hidden Subdomains Effortlessly with SubDomainRadar.io and Python

Alexandre Vandamme — Sat, 28 Sep 2024 06:40:04 +0000

As a cybersecurity professional, bug bounty hunter, or penetration tester, discovering hidden subdomains is critical for identifying potential vulnerabilities in a domain. Subdomains often host forgotten services or test environments that might be vulnerable to attacks.

In this post, I’ll introduce you to SubDomainRadar.io and its Python API wrapper — the ultimate tool for automating subdomain enumeration and reverse searches in your security workflows.

Why SubDomainRadar.io?

SubDomainRadar.io stands out because it uses over 40 private data sources to deliver a comprehensive subdomain discovery experience. Whether you need to run fast, deep, or reverse searches, this tool will help you find more subdomains than ever before.

Plus, with the SubDomainRadar Python library, you can easily integrate these powerful capabilities into your own projects and scripts.

Features of the Python Wrapper

With the SubDomainRadar Python API wrapper, you can:

Perform reverse searches on subdomains based on keywords
Enumerate domains with varying search depth (Fast, Medium, Deep)
Retrieve excluded domains and TLDs

Getting Started

To get started with the SubDomainRadar Python wrapper, you’ll need to install it via pip:

pip install subdomainradar

Once installed, you can start discovering subdomains with just a few lines of code!

Basic Usage Example

Here’s how to use the SubDomainRadar API to perform subdomain enumeration on a list of domains:

from subdomainradar import SubdomainRadarAPI

# Initialize the API client
api = SubdomainRadarAPI(base_url="https://api.subdomainradar.io", api_key="YOUR_API_KEY")

# Enumerate subdomains for a list of domains
domains = ["tesla.com", "google.com"]
results = api.enumerate_domains_with_results(domains=domains, group="Fast")

# Print the results
for domain, data in results.items():
    print(f"Domain: {domain}")
    print(f"Task ID: {data['task_id']}")
    print(f"Status: {data['status']}")
    print(f"Total Subdomains Found: {data['total_subdomains']}\n")

    print("Subdomains:")
    for subdomain_info in data.get('subdomains', []):
        print(f"  - Subdomain: {subdomain_info['subdomain']}")
        print(f"    IP: {subdomain_info.get('ip', '')}")
        print(f"    Country: {subdomain_info.get('country', 'No Country Info')}")
        print(f"    Reverse DNS: {subdomain_info.get('reverse_dns', [])}\n")

    print(f"WHOIS Information:")
    whois_info = data.get('whois', {})
    print(f"  Registrar: {whois_info.get('registrar', '')}")
    print(f"  Creation Date: {whois_info.get('creation_date', '')}")
    print(f"  Expiration Date: {whois_info.get('expiration_date', '')}")
    print(f"  Nameservers: {whois_info.get('nameservers', '')}\n")

In this example, we’re running a Fast enumeration search that quickly returns subdomains for the domains “tesla.com” and “google.com.” You can switch to Deep or Medium searches depending on how thorough you need to be.

Reverse Subdomain Search

One of the coolest features of SubDomainRadar.io is the ability to run reverse searches. If you’re looking for subdomains related to a specific keyword or part of a domain, this feature comes in handy.

Here’s how to run a reverse search using the Python wrapper:

# Perform a reverse search
results = api.reverse_search(subdomain_part="api", domain_part="car", tld_part="com")

for subdomain_info in results['subdomains']:
    subdomain = subdomain_info.get('subdomain', '')
    domain = subdomain_info.get('domain', '')
    tld = subdomain_info.get('tld', '')
    timestamp = subdomain_info.get('timestamp', '')

    if subdomain:
        complete_subdomain = f"{subdomain}.{domain}.{tld}"
    else:
        complete_subdomain = f"{domain}.{tld}"

    print(f"Complete Subdomain: {complete_subdomain}")
    print(f"Subdomain: {subdomain}")
    print(f"Domain: {domain}")
    print(f"TLD: {tld}")
    print(f"Timestamp: {timestamp}\n")

This allows you to find subdomains based on keywords or specific patterns, making it easier to locate targeted assets.

Try It Out Today!

If you’re looking for an effective, easy-to-use tool to discover all subdomains of a website, give SubDomainRadar.io a try. The SubDomainRadar Python wrapper makes it even easier to integrate subdomain discovery into your security workflow.

Ready to get started? Install the wrapper via pip and unlock the full power of SubDomainRadar.io today!