External Attack Surface Management
External attack Surface Management tools for discovering and securing internet-facing assets, domains, and exposed services.
Explore 68 curated cybersecurity tools, with 14,802+ visitors searching for solutions
FEATURED
Password manager with end-to-end encryption and identity protection features
VPN service providing encrypted internet connections and privacy protection
Fractional CISO services for B2B companies to accelerate sales and compliance
Get Featured
Feature your product and reach thousands of professionals.
RELATED TASKS
A domain reconnaissance tool that automates subdomain discovery, port scanning, and monitoring with support for multiple data sources and notification integrations.
A domain reconnaissance tool that automates subdomain discovery, port scanning, and monitoring with support for multiple data sources and notification integrations.
A tool for taking a list of resolved subdomains and outputting any corresponding CNAMES en masse.
A tool for taking a list of resolved subdomains and outputting any corresponding CNAMES en masse.
A tool to discover new target domains using Content Security Policy
A tool to discover new target domains using Content Security Policy
A tool that finds more information about a given URL or domain by querying multiple data sources.
A tool that finds more information about a given URL or domain by querying multiple data sources.
Scan the internet for publicly exposed network components
Scan the internet for publicly exposed network components
A Python-based tool for external attack surface discovery and reconnaissance across large-scale networks, focusing on IP address and subdomain enumeration.
A Python-based tool for external attack surface discovery and reconnaissance across large-scale networks, focusing on IP address and subdomain enumeration.
ONYPHE is a cyber defense search engine that discovers exposed assets and provides real-time monitoring to identify vulnerabilities and potential risks.
ONYPHE is a cyber defense search engine that discovers exposed assets and provides real-time monitoring to identify vulnerabilities and potential risks.
A search engine for the Internet of Things (IoT) that provides real-time information about connected devices.
A search engine for the Internet of Things (IoT) that provides real-time information about connected devices.
WiGLE.net is a platform that collects and provides data on WiFi networks and cell towers, with over 1.3 billion networks collected.
WiGLE.net is a platform that collects and provides data on WiFi networks and cell towers, with over 1.3 billion networks collected.
A command-line tool for discovering domains and subdomains related to a target domain during reconnaissance activities.
A command-line tool for discovering domains and subdomains related to a target domain during reconnaissance activities.
A black-box reconnaissance tool that discovers cloud infrastructure, files, and applications across major cloud providers for security testing purposes.
A black-box reconnaissance tool that discovers cloud infrastructure, files, and applications across major cloud providers for security testing purposes.
A search engine for open Amazon S3 buckets and their contents, allowing users to search for files using keywords, filename extensions, and full path.
A search engine for open Amazon S3 buckets and their contents, allowing users to search for files using keywords, filename extensions, and full path.
Cloud_enum is a multi-cloud OSINT tool that enumerates publicly accessible resources across AWS, Azure, and Google Cloud platforms for security assessment purposes.
Cloud_enum is a multi-cloud OSINT tool that enumerates publicly accessible resources across AWS, Azure, and Google Cloud platforms for security assessment purposes.
A Python-based tool for subdomain enumeration and analysis
A Python-based tool for subdomain enumeration and analysis
CloudJack identifies subdomain hijacking vulnerabilities in AWS accounts by detecting misconfigurations between Route53 DNS aliases and CloudFront distributions.
CloudJack identifies subdomain hijacking vulnerabilities in AWS accounts by detecting misconfigurations between Route53 DNS aliases and CloudFront distributions.
Automate your reconnaissance process with AttackSurfaceMapper, a tool for mapping and analyzing network attack surfaces.
Automate your reconnaissance process with AttackSurfaceMapper, a tool for mapping and analyzing network attack surfaces.
Performs network mapping of attack surfaces and external asset discovery using open source information gathering and active reconnaissance techniques.
Performs network mapping of attack surfaces and external asset discovery using open source information gathering and active reconnaissance techniques.
A source code search engine for searching alphanumeric snippets, signatures, or keywords in web page HTML, JS, and CSS code.
A source code search engine for searching alphanumeric snippets, signatures, or keywords in web page HTML, JS, and CSS code.
FullHunt is a next-generation attack surface security platform that enables companies to discover, monitor, and secure their external attack surfaces.
FullHunt is a next-generation attack surface security platform that enables companies to discover, monitor, and secure their external attack surfaces.
A high-performance DNS stub resolver for bulk lookups and reconnaissance (subdomain enumeration)
A high-performance DNS stub resolver for bulk lookups and reconnaissance (subdomain enumeration)
A tool for generating permutations, alterations and mutations of subdomains and resolving them
A tool for generating permutations, alterations and mutations of subdomains and resolving them
Automate OSINT for threat intelligence and attack surface mapping with SpiderFoot.
Automate OSINT for threat intelligence and attack surface mapping with SpiderFoot.
A tool that checks for hijackable packages in NPM and Python Pypi registries
A tool that checks for hijackable packages in NPM and Python Pypi registries
An information gathering tool for DNS, subdomains, ports, and directories enumeration.
An information gathering tool for DNS, subdomains, ports, and directories enumeration.
