External Attack Surface Management
External attack Surface Management tools for discovering and securing internet-facing assets, domains, and exposed services.
Explore 68 curated cybersecurity tools, with 14,802+ visitors searching for solutions
FEATURED
Password manager with end-to-end encryption and identity protection features
VPN service providing encrypted internet connections and privacy protection
Fractional CISO services for B2B companies to accelerate sales and compliance
Get Featured
Feature your product and reach thousands of professionals.
RELATED TASKS
A Ruby-based tool that enumerates all public IPv4 and IPv6 addresses associated with an AWS account across multiple services including EC2, CloudFront, ELB, RDS, and others.
A Ruby-based tool that enumerates all public IPv4 and IPv6 addresses associated with an AWS account across multiple services including EC2, CloudFront, ELB, RDS, and others.
A platform providing real-time threat intelligence streams and reports on internet-exposed assets to help organizations monitor and secure their attack surface.
A platform providing real-time threat intelligence streams and reports on internet-exposed assets to help organizations monitor and secure their attack surface.
A distributed AWS security auditing tool that continuously enumerates and scans internet-facing AWS services to identify potentially misconfigured resources.
A distributed AWS security auditing tool that continuously enumerates and scans internet-facing AWS services to identify potentially misconfigured resources.
A simple web-based interface for subdomain enumeration using the subfinder tool.
A simple web-based interface for subdomain enumeration using the subfinder tool.
FestIn discovers open S3 buckets associated with a domain using crawling and DNS reconnaissance techniques.
FestIn discovers open S3 buckets associated with a domain using crawling and DNS reconnaissance techniques.
A multi-cloud DNS security tool that detects dangling DNS records and potential subdomain takeover vulnerabilities by scanning cloud infrastructure and DNS zones.
A multi-cloud DNS security tool that detects dangling DNS records and potential subdomain takeover vulnerabilities by scanning cloud infrastructure and DNS zones.
A Go-based tool for discovering and inventorying internet-facing AWS assets across single or multiple accounts to help maintain comprehensive cloud attack surface visibility.
A Go-based tool for discovering and inventorying internet-facing AWS assets across single or multiple accounts to help maintain comprehensive cloud attack surface visibility.
A search engine for the Internet of Things (IoT) that discovers and monitors devices connected to the internet.
A search engine for the Internet of Things (IoT) that discovers and monitors devices connected to the internet.
Web inventory tool that captures screenshots of webpages and includes additional features for enhanced usability.
Web inventory tool that captures screenshots of webpages and includes additional features for enhanced usability.
Sublist3r is a python tool for enumerating subdomains using OSINT and various search engines.
Sublist3r is a python tool for enumerating subdomains using OSINT and various search engines.
An easy-to-use and lightweight API wrapper for Censys APIs with support for Python 3.8+.
An easy-to-use and lightweight API wrapper for Censys APIs with support for Python 3.8+.
ZoomEye is an advanced cyberspace search engine that provides detailed information on cyberspace assets, including server software and version information, for cybersecurity experts, researchers, and enterprises.
ZoomEye is an advanced cyberspace search engine that provides detailed information on cyberspace assets, including server software and version information, for cybersecurity experts, researchers, and enterprises.
Python utility for testing the existence of domain names under different TLDs to find malicious subdomains.
Python utility for testing the existence of domain names under different TLDs to find malicious subdomains.
An automation framework that runs multiple open-source subdomain bruteforcing tools in parallel using Docker Compose and custom wordlists.
An automation framework that runs multiple open-source subdomain bruteforcing tools in parallel using Docker Compose and custom wordlists.
Amass is an open-source OWASP tool for comprehensive attack surface mapping and asset discovery through domain reconnaissance and subdomain enumeration.
Amass is an open-source OWASP tool for comprehensive attack surface mapping and asset discovery through domain reconnaissance and subdomain enumeration.
SecurityTrails API provides access to a vast repository of historical DNS lookups, WHOIS records, hostnames, and domains for cyber forensics and investigations.
SecurityTrails API provides access to a vast repository of historical DNS lookups, WHOIS records, hostnames, and domains for cyber forensics and investigations.
A technology lookup and lead generation tool that identifies the technology stack of any website and provides features for market research, competitor analysis, and data enrichment.
A technology lookup and lead generation tool that identifies the technology stack of any website and provides features for market research, competitor analysis, and data enrichment.
A powerful enumeration tool for discovering assets and subdomains.
A powerful enumeration tool for discovering assets and subdomains.
DNSDumpster is a domain research tool for discovering and analyzing DNS records to map an organization's attack surface.
DNSDumpster is a domain research tool for discovering and analyzing DNS records to map an organization's attack surface.
Explore the top million websites, ranked by referring subnets, and gain insights into online influence and popularity.
Explore the top million websites, ranked by referring subnets, and gain insights into online influence and popularity.
