Perimeterator
Perimeterator is a distributed security auditing tool designed for continuous monitoring of internet-facing AWS services. The tool automatically enumerates public IP addresses associated with various AWS resources including EC2 instances, Elastic Load Balancers (ELB and ELBv2), RDS databases, and Elasticsearch clusters. The system operates through a distributed architecture using AWS SQS queues for asynchronous communication between components. It consists of scanner workers that can be deployed across different networks to simulate external access patterns and provide visibility into services as they appear from the general internet. The enumeration process identifies potentially misconfigured AWS resources that are exposed to the internet, then queues these targets for network service scanning. Scanner workers process items from the work queue to detect open network services on the identified IP addresses. Deployment is facilitated through provided Terraform configurations, allowing for quick setup within AWS environments. The tool supports continuous auditing workflows by periodically reassessing the attack surface of AWS infrastructure.
FEATURES
EXPLORE BY TAGS
SIMILAR TOOLS
Pentera Surface is an external attack surface management platform that continuously maps, monitors, and validates web-facing assets through automated reconnaissance and safe exploitation testing.
ImmuniWeb Discovery is an attack surface management platform that continuously monitors an organization's external digital assets for security vulnerabilities, misconfigurations, and threats across domains, applications, cloud resources, and the dark web.
A Go-based tool for discovering and inventorying internet-facing AWS assets across single or multiple accounts to help maintain comprehensive cloud attack surface visibility.
A digital risk monitoring platform that provides automated security posture assessment, threat intelligence, and continuous monitoring of enterprise digital assets across multiple risk vectors.
A threat intelligence platform that provides comprehensive visibility into an organization's attack surface by collecting, analyzing, and structuring threat data to enable proactive security measures against emerging threats.
Panorays is a third-party cyber risk management platform that combines external attack surface monitoring with automated security questionnaires to assess, remediate, and continuously monitor vendor security postures.
Amass is an open-source OWASP tool for comprehensive attack surface mapping and asset discovery through domain reconnaissance and subdomain enumeration.
An attack surface management platform that discovers, maps, and monitors an organization's external digital assets to identify vulnerabilities and security weaknesses before they can be exploited.
StrikeOne is a vulnerability management platform with AI capabilities that helps organizations identify, prioritize, and remediate security vulnerabilities through attack surface management, vulnerability management, and cybersecurity posture assessment.
PINNED
Proton Pass is a cross-platform password manager that provides encrypted storage, password generation, and security monitoring features with integrated 2FA and dark web monitoring capabilities.
NordVPN is a commercial VPN service that encrypts internet connections and hides IP addresses through a global network of servers, featuring integrated threat protection and multi-device support.
Fractional CISO service that helps B2B companies implement security leadership to win enterprise deals, achieve compliance, and develop strategic security programs.
Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.