Exploring Attack Surface Monitoring with Open Source Tools

Slide 1

Slide 1 text

Exploring Attack Surface Monitoring with Open Source Tools Rizwan Syed

Slide 2

Slide 2 text

Attack Surface Attack Surface Monitoring (ASM) refers to the proactive and continuous process of identifying and assessing an organization's external-facing assets, vulnerabilities, and potential points of entry for cyber threats. 2

Slide 3

Slide 3 text

You can’t secure what you don’t know. Exploring ASM 3

Slide 4

Slide 4 text

Attack Surface 4 Source: Palo Alto Networks Attack surface management enables organizations to enhance visibility and mitigate risks associated with their attack surface.

Slide 5

Slide 5 text

Attack Surface Reconnaissance & Enumeration • Subdomain Discovery • DNS Subdomain Bruteforcing • Resolve DNS Records • Extract IP Addresses • Quick Port Scanning • Service Enumeration • HTTP Probing • Detect Tech Stack • URL Extraction and Validation Vulnerability Scanning • Exploitable Vulnerabilities • Misconfigurations • Deep Recon - Shodan • Content Discovery Scans • Sensitive exposed files • Config files / PII Data / Secrets • Web path / Hidden directories • URLs Endpoints • JavaScript Recon • Hard coded credentials • API endpoints • Variables / Parameters 5

Slide 6

Slide 6 text

Tools Available ProjectDiscovery Tools Subfinder Naabu DnsX Alterx Nuclei Katana 6 •WebAnalyze •Dmut •FFUF •Dirsearch •Trufflehog •LinkFinder •SecretFinder •GAU •GF •qsinject •Waymore •xnLinkFinder Web •ASNMap •MapCIDR •Shodan-CLI •NMAP Network •TLSx •Anew •Nuclei Templates + Fuzzing Templates •KnockKnock •Subjack •Interlace MISC

Slide 7

Slide 7 text

CHOMTE.SH CHOMTE.SH is a versatile framework designed for automating reconnaissance tasks in penetration testing. It's useful for bug bounty hunters and penetration testers in both internal and external network engagements. Exploring Attack Surface

Slide 8

Slide 8 text

Installation 20XX 8 git clone https://github.com/mr-rizwan-syed/chomtesh cd chomtesh chmod +x *.sh ./install.sh ./chomte.sh docker run --rm -it -v "$(pwd)/Results:/app/chomtesh/Results" r12w4n/chomtesh ./chomte.sh -p vulnweb -d vulnweb.com docker pull r12w4n/chomtesh OR

Slide 9

Slide 9 text

Thank you Rizwan Syed github.com/mr-rizwan-syed twitter.com/_r12w4n linkedin.com/in/r12w4n/ BreachForce.net 20XX 9