Check it out at RedisPwned and Have I Been Redised
We scan the internet for exposed Redis databases broadcasting to the world on port 6379 - the default Redis port. This data is then corelated to a country of origin, redis version, etc and made searchable.
Each dataset has its own key (shodan:, censys:, etc) that is then aggregated via a unified search index: idx:redis-version-by-country-city-geo. This generic search index allows us to easily aggregate data from different sources.
The api.redispwned.app fulfills all aggregation and scan requests from www.redispwned.app (www.haveibeenredised.com as well). The graphs are powered by querying the redispwned Redis database.
Top 25 By Country
FT.AGGREGATE idx: "*" GROUPBY 1 @country REDUCE COUNT 0 AS num SORTBY 2 @num DESC MAX 25
Top 5 By Redis Version
FT.AGGREGATE idx: "*" GROUPBY 1 @version REDUCE COUNT 0 AS num SORTBY 2 @num DESC
To frustrate the script lords and kiddies I've omitted the actual ipv4 data used - although readily obtainable with a research petition to the below sources.
- Censys Data: Censys Data
- Rapid7 Data: Rapid7 Open Data
- Shodan Data: Shodan Data