Attack Surface Tools
Attack surface management tools for discovering, monitoring, and reducing external attack vectors to minimize cybersecurity risks.
Browse 375 attack surface tools
FEATURED
USE CASES
Domain registration and web hosting services with free features and 24/7 customer support
A Ruby-based tool that enumerates all public IPv4 and IPv6 addresses associated with an AWS account across multiple services including EC2, CloudFront, ELB, RDS, and others.
A black-box reconnaissance tool that discovers cloud infrastructure, files, and applications across major cloud providers for security testing purposes.
Clinv is a command line DevSecOps asset inventory tool for tracking and managing digital assets across organizational infrastructure.
A command-line tool that discovers and catalogs all AWS resources across an account using botocore, outputting results in JSON format.
A Python tool that uses AWS Cloud Control API to enumerate and catalog AWS resources across specified accounts and regions, outputting results in JSON format.
A multi-cloud DNS security tool that detects dangling DNS records and potential subdomain takeover vulnerabilities by scanning cloud infrastructure and DNS zones.
A distributed AWS security auditing tool that continuously enumerates and scans internet-facing AWS services to identify potentially misconfigured resources.
A command line tool that counts and inventories AWS resources across multiple regions, providing visibility into cloud infrastructure with efficient API querying.
A Python script that inventories and lists main AWS account resources to provide visibility into cloud infrastructure components that may impact billing or security.
Catch possible phishing domains in near real time by looking for suspicious TLS certificate issuances reported to the Certificate Transparency Log (CTL) via the CertStream API.
Scan the internet for publicly exposed network components
A multi-cloud asset enumeration tool that helps blue teams centralize and inventory assets across multiple cloud providers with minimal configuration.
Performs network mapping of attack surfaces and external asset discovery using open source information gathering and active reconnaissance techniques.
A tool that checks for hijackable packages in NPM and Python Pypi registries
Python utility for testing the existence of domain names under different TLDs to find malicious subdomains.
FestIn discovers open S3 buckets associated with a domain using crawling and DNS reconnaissance techniques.
An easy-to-use and lightweight API wrapper for Censys APIs with support for Python 3.8+.
Starbase is a graph-based security analysis platform that provides automated asset discovery and relationship mapping across external services and systems to enhance attack surface visibility.
A Go-based tool for discovering and inventorying internet-facing AWS assets across single or multiple accounts to help maintain comprehensive cloud attack surface visibility.
Web inventory tool that captures screenshots of webpages and includes additional features for enhanced usability.
Automate OSINT for threat intelligence and attack surface mapping with SpiderFoot.
Cloud_enum is a multi-cloud OSINT tool that enumerates publicly accessible resources across AWS, Azure, and Google Cloud platforms for security assessment purposes.
Attack Surface Specializations
375 tools across 5 specializations · 81 free, 294 commercial
Brand Protection
Brand protection services and tools that monitor for trademark infringement, domain abuse, and brand impersonation across digital channels.
Cyber Asset Attack Surface Management
Cyber Asset Attack Surface Management platforms for comprehensive cyber asset inventory, attack surface visibility, and security posture management across IT environments.
Digital Risk Protection
Digital Risk Protection (DRP) solutions that track external threats, data breaches, and security exposures across the internet and dark web.
Attack Surface Tools FAQ
Common questions about Attack Surface tools, selection guides, pricing, and comparisons.
Attack surface management (ASM) is the continuous discovery, inventory, classification, and monitoring of all internet-facing assets that could be exploited by attackers. This includes domains, subdomains, IP addresses, cloud resources, APIs, web applications, and third-party services. ASM tools automatically find assets you may not know about, including shadow IT and forgotten infrastructure.
External Attack Surface Management (EASM) focuses on discovering and monitoring internet-facing assets from an outside-in perspective, simulating what an attacker would see. Cyber Asset Attack Surface Management (CAASM) provides an inside-out view by aggregating data from internal security tools (EDR, vulnerability scanners, CMDB) to create a comprehensive asset inventory. Most organizations benefit from both approaches.
Vulnerability scanning tests known assets for specific CVEs and misconfigurations. Attack surface management first discovers all assets (including unknown ones), then continuously monitors for exposure changes like new subdomains, exposed services, expired certificates, and cloud misconfigurations. ASM answers "what do I have?" while vulnerability scanning answers "what is wrong with what I know about?"
