An attack surface mapper is a tool or technique used to identify and analyze the potential vulnerabilities and entry points within a system, network, or application that could be exploited by attackers. It involves discovering assets, enumerating services, scanning for vulnerabilities, mapping dependencies and assessing risks. The goal is to gain a comprehensive understanding of the attack surface and generate actionable insights to prioritise and address potential weaknesses. By regularly assessing and updating the attack surface, security professionals can proactively mitigate risks and enhance the overall security posture.
Attack Surface Mapper checks for Domain Enumeration, Port scanning, Vulnerability scanning, Sub Domain monitoring, DNS Records Usernames, Emails.
Navigate to Company View and select the company of your choice.
Navigate to Attack Surface Mapper to set up the scan.
Add the Domain name and click on Scan.
Once clicked on scan, the scan starts.
Once the scan completes, results are shown for the same.
Results shows Target IP Addresses, S3 Buckets details.
Results shows DNS Records.
Results shows MX Records, Sender Policy Framework(SPF) Records, DMARC Records, RAW Headers.
Results shows Sub-Domains.
This completes the Attack Surface Mapper documentation.