Attack Surface Mapper
An attack surface mapper is a tool or technique used to identify and analyze the potential vulnerabilities and entry points within a system, network, or application that could be exploited by attackers. It involves discovering assets, enumerating services, scanning for vulnerabilities, mapping dependencies, and assessing risks. The goal is to gain a comprehensive understanding of the attack surface and generate actionable insights to prioritize and address potential weaknesses. By regularly assessing and updating the attack surface, security professionals can proactively mitigate risks and enhance the overall security posture.
Attack Surface Mapper checks for Domain Enumeration, Port scanning, Vulnerability scanning, Sub Domain monitoring, DNS Records Usernames, and Emails.
Navigate to Company View and select the company of your choice.
Navigate to Attack Surface Mapper on the left menu.
Under Configurations, click on +Add.
Specify a name for the Attack Surface Mapper configuration to be added.
Enter the domain name, and select the Scan later option if prefer to conduct the domain scan at a later time; otherwise, keep it unchecked to initiate it upon saving it. Then click Save button.
Once it is added, It will create a record and show under the Configurations.
The Configurations can be Edited, deleted, or Scanned using the Action Option.
Once the scan is initiated, Jobs will be created for that particular configuration under Jobs.
Job Details can be viewed and Jobs can be Terminated under the Action.
Results tab shows Domain Name scanned with details under the Results section.
Information summary of Vulnerabilities, Open Ports, Target IPs, Emails, Usernames, Subdomains is shown under details of the results.
Results also show DNS Records.
Results also shows MX Records, Sender Policy Framework(SPF) Records, DMARC Records, and RAW Headers.
Results show Sub-Domains.
This completes the Attack Surface Mapper documentation.