Attack Surface Mapper is a reconnaissance tool that uses a mixture of open source intellgence and active techniques to expand the attack surface of your target. You feed in a mixture of one or more domains, subdomains and IP addresses and it uses numerous techniques to find more targets. It enumerates subdomains with bruteforcing and passive lookups, Other IPs of the same network block owner, IPs that have multiple domain names pointing to them and so on. Once the target list is fully expanded it performs passive reconnaissance on them, taking screenshots of websites, generating visual maps, looking up credentials in public breaches, passive port scanning with Shodan and scraping employees from LinkedIn. Demo Setup As this is a Python based tool, it should theoretically run on Linux, ChromeOS ( Developer Mode ), macOS and Windows.  Download AttackSurfaceMapper $ git clone https://github.com/superhedgy/AttackSurfaceMapper  Install Python dependencies $ cd AttackSurfaceMapper $ python3 -m pip install –no-cache-dir -r requirements.txt  Add optional API keys to enable more data gathering Register and obtain an API key from: VirusTotal ShodanIO HunterIO WeLeakInfo LinkedIn GrayHatWarfare Edit and enter the keys in keylist file $ nano keylist.asm Example run command $ python3 asm.py -t your.site.com -ln -w resources/top100_sublist.txt -o demo_run Optional Parameters Additional optional parameters can also be…
https://govanguard.com/wp-content/uploads/2018/04/Header_Logo.png 0 0 govanguard https://govanguard.com/wp-content/uploads/2018/04/Header_Logo.png govanguard2019-12-24 06:30:002019-12-24 06:30:00AttackSurfaceMapper - A Tool That Aims To Automate The Reconnaissance Process
Our Standard Office Hours
Monday – Friday: 8:00AM – 5:00PM EDT
Saturday – Sunday: Closed
Where to Find Us
Data Privacy Notice
- – All product names, logos, and brands are property of their respective owners.
- – The use of these names, logos, and brands is for identification purposes only and does not imply endorsement.
- – Content syndication and aggregation of public information is solely for the purpose of identifying information security trends, all syndicated content contains source links to the content creator website. All content is owned by it’s respective content creators.
- – If you are an owner of some content and want it to be removed, please email email@example.com