DEV Community: EdgeIQ Labs

I found 3 expired S3 buckets pointing to my subdomain before an attacker did

EdgeIQ Labs — Tue, 26 May 2026 17:05:24 +0000

Subdomain takeovers are one of the most overlooked attack vectors. A forgotten staging environment that expired can give an attacker control of your subdomain.

Automated dangling DNS detection for expired cloud resources.

What it does:

Dangling DNS detection (S3, GitHub Pages, Heroku, Azure, Netlify, Vercel)
Free tier: N/A
Price: $14/mo Pro
Checks: every configured interval

Why I built this:
Monitoring your stack shouldn't require a full-time DevOps engineer. Most of these tools started as internal scripts that solved real problems — now they're packaged as something any indie hacker or small team can actually use.

Who it's for:

Developers running their own infrastructure
Indie hackers who can't afford enterprise security tools
Small teams that need to know about problems before customers do

Try it: https://edgeiqlabs.com/product/subdomain-takeover/

This is an automated post from EdgeIQ Labs. Tools mentioned: Subdomain Takeover Scanner (https://edgeiqlabs.com/product/subdomain-takeover/)

security #devops #saas #indiehacker #buildinpublic

I moved my side projects off shared hosting to a real VPS for less than $5 a month

EdgeIQ Labs — Tue, 26 May 2026 17:04:44 +0000

Shared hosting is fine until you outgrow it. One bad neighbor and your sites crawl. A real VPS with full root access starts at $4/mo and gives you control, not just a cPanel.

Linux cloud VPS hosting starting a $4/mo — Ubuntu, Debian, Rocky, AlmaLinux with full root access.

What it does:

Full root Linux VPS, Ubuntu/Debian/Rocky/AlmaLinux, SSD storage, 99.9% uptime
Free tier: N/A
Price: $4/mo Starter
Checks: every always-on

Who it's for:

Developers running their own infrastructure
Indie hackers who can't afford enterprise security tools
Small teams that need to know about problems before customers do

Try it: https://edgeiqlabs.com/vps/

This is an automated post from EdgeIQ Labs. Tools mentioned: EdgeIQ VPS (https://edgeiqlabs.com/vps/)

security #devops #saas #indiehacker #buildinpublic

I'm hosting my game servers for less than a Netflix subscription

EdgeIQ Labs — Tue, 26 May 2026 17:04:41 +0000

Game server hosting companies have been overcharging for years. Spin up a Minecraft, Valheim, or CS2 server in under 60 seconds and pay about what you'd spend on a movie ticket.

Game server hosting starting at $5/mo — automated setup, 24/7 uptime, and real performance.

What it does:

24/7 game server hosting, automated setup, multiple games, full console access
Free tier: N/A
Price: $5/mo Starter
Checks: every always-on

Who it's for:

Developers running their own infrastructure
Indie hackers who can't afford enterprise security tools
Small teams that need to know about problems before customers do

Try it: https://play.edgeiqlabs.com

This is an automated post from EdgeIQ Labs. Tools mentioned: EdgeIQ Play (https://play.edgeiqlabs.com)

security #devops #saas #indiehacker #buildinpublic

I built a brand monitoring tool that catches phishing sites cloning my product

EdgeIQ Labs — Tue, 26 May 2026 17:01:50 +0000

Someone is always trying to clone your brand. Most companies find out about it from their customers, not from their own tooling.

Brand impersonation and phishing kit detection with live alerts.

What it does:

Brand impersonation detection, lookalike domains, phishing kit monitoring
Free tier: N/A
Price: $14/mo Pro
Checks: every configured interval

Who it's for:

Developers running their own infrastructure
Indie hackers who can't afford enterprise security tools
Small teams that need to know about problems before customers do

Try it: https://edgeiqlabs.com/product/brand-guard/

This is an automated post from EdgeIQ Labs. Tools mentioned: BrandGuard (https://edgeiqlabs.com/product/brand-guard/)

security #devops #saas #indiehacker #buildinpublic

I mapped my API attack surface so attackers couldn't do it first

EdgeIQ Labs — Tue, 19 May 2026 17:02:02 +0000

Your API attack surface changes constantly — new endpoints, forgotten staging environments, shadow APIs. If you don't know what's exposed, an attacker will find it for you.

Automated API attack surface mapping and continuous monitoring.

What it does:

API attack surface mapping, new exposure alerts, A-F security grade
Free tier: N/A
Price: $19/mo Pro
Checks: every configured interval

Who it's for:

Developers running their own infrastructure
Indie hackers who can't afford enterprise security tools
Small teams that need to know about problems before customers do

Try it: https://edgeiqlabs.com/product/surface-map/

This is an automated post from EdgeIQ Labs. Tools mentioned: SurfaceMap (https://edgeiqlabs.com/product/surface-map/)

security #devops #saas #indiehacker #buildinpublic

I built an auto-fix engine that actually remediated SSL issues instead of just alerting on them

EdgeIQ Labs — Sat, 16 May 2026 19:34:17 +0000

Getting an alert about an expiring SSL cert at 2am is useless. What you need is someone to just fix it.

Auto-remediation engine that fixes SSL, headers, and creates GitHub issues on its own.

What it does:

Auto SSL renew, header hardening, GitHub issue creation, verify/recheck loop
Free tier: N/A
Price: $9/mo Pro
Checks: every configured interval

Who it's for:

Developers running their own infrastructure
Indie hackers who can't afford enterprise security tools
Small teams that need to know about problems before customers do

Try it: https://edgeiqlabs.com/product/fix-it/

This is an automated post from EdgeIQ Labs. Tools mentioned: EdgeIQ Fix-it (https://edgeiqlabs.com/product/fix-it/)

security #devops #saas #indiehacker #buildinpublic

How to Monitor Your Domain Portfolio for Expiration and Breaches (Without Spending a Fortune)

EdgeIQ Labs — Sat, 16 May 2026 19:04:46 +0000

Most developers and indie hackers register domains and forget them. That's fine until it is not.

A domain that expires silently can cost you days of recovery time, lost SEO, and in extreme cases, someone else grabbing it. If your registration email showed up in a breach, an attacker can potentially take over your domain through your registrar.

This guide covers:

Domain expiration monitoring via WHOIS
Breach checking for your registration email
A simple combined monitoring script you can run on a schedule

Tools: domain-expiry from EdgeIQ Labs, leak-scan, Have I Been Pwned, whoIS CLI. Free tier available for all EdgeIQ tools mentioned.
https://edgeiqlabs.com/product/domain-expiry/
https://edgeiqlabs.com/product/leak-scan/

The Subdomain Vulnerabilities Most Developers Don't Know Exist

EdgeIQ Labs — Fri, 08 May 2026 16:54:44 +0000

The Subdomain That Brought Down an Enterprise
A misconfigured subdomain isn't just a recon finding — it's an open door.
In 2023, a security researcher found that a major company's marketing site had an abandoned subdomain pointing to an internal BambooHR instance. No firewall. No auth. Just sitting there with a valid SSL cert and a login page.

They documented it. The company patched it. It made headlines.

But here's the uncomfortable truth: this isn't rare. It's actually extremely common — and most organizations have no idea they're running dozens of ghost subdomains that aren't even being monitored.

Why Subdomains Become a Risk
Subdomains get orphaned all the time:
A campaign site that ran for a month and got forgotten
A staging environment that was never properly decommissioned
A vendor integration that got cut but left DNS dangling
A wildcard subdomain that resolved to a deleted cloud resource

The parent company forgot about them. Attackers didn't.

What an Attacker Does With a Forgotten Subdomain
Points it at a staging server with known creds or a vulnerable version of software
Uses it to bypass CSP and iframe restrictions on the main domain
Obtains a valid SSL certificate via Let's Encrypt (because the DNS is still pointed at their server) — now you have a "trusted" HTTPS endpoint for phishing
Scans it for exposed .git directories, backup files, config files
Escalates to the parent domain via shared cookies, storage, or JWT secrets

How to Find Your Own Ghost Subdomains
Here's a quick recon method anyone can run:

Install subfinder (or use your favorite enum tool)

go install github.com/projectdiscovery/subfinder/v2/cmd/subfinder@latest

Passive enumeration

subfinder -d targetcompany.com -silent

Resolve and filter for live hosts

cat domains.txt | httpx -silent -threads 50 | tee live-domains.txt

Look for anything that:
Returns a default nginx/apache page
Has a valid cert but no content (certificate doesn't match the target)
Points to cloud storage buckets you forgot about

Has debug/error endpoints exposed

The Free Tool I Built to Solve This
I got tired of running the same recon manually for every client, so I built Subdomain Hunter — part of the EdgeIQ Labs security suite. It runs passive DNS enumeration, zone transfer checks, and takeover detection automatically.

Free tier covers basic enumeration. No credit card required.

👉 edgeiqlabs.com

The Bottom Line
If you're a developer, CTO, or IT lead: go audit your subdomains right now. Not next week. Now.

If you're an MSP or security consultant: add subdomain enumeration to your standard external assessment. Your clients will thank you when you catch the one pointing at their old Jira instance.
EdgeIQ Labs
EdgeIQ Labs — Cybersecurity Monitoring for Small Business
Find security gaps in your website in 60 seconds — free. Subscription monitoring, SSL/domain alerts, and monthly action-focused reports.
EdgeIQ Labs — Cybersecurity for Small Business
Subdomain blindspots are low-hanging fruit for attackers — and an easy win for defenders who know to look.