19 repository-uri
Platforms for discovering, inventorying, and monitoring internet-facing assets to maintain visibility into external security posture.
Distinguishing note: Specifically targets the discovery and monitoring of external-facing assets rather than internal network security.
Explore 19 awesome GitHub repositories matching security & cryptography · Attack Surface Management. Refine with filters or upvote what's useful.
Nuclei is a modular security scanning framework designed for automated vulnerability detection and infrastructure reconnaissance. It functions as a template-driven engine that executes security checks across diverse network protocols, allowing users to define custom detection logic to identify vulnerabilities, misconfigurations, and exposed assets. The platform distinguishes itself through its highly extensible architecture, which supports distributed scanning, headless browser automation for dynamic web content, and out-of-band interaction monitoring to detect blind vulnerabilities. It integ
Maps and monitors internet-facing assets, subdomains, and cloud infrastructure to maintain a comprehensive view of organizational exposure.
Strix is an automated security research and vulnerability scanning platform that leverages language models to orchestrate complex security analysis tasks. It functions as a comprehensive framework for penetration testing and continuous security integration, allowing users to embed automated vulnerability research directly into development pipelines or execute it within isolated, containerized environments. The platform distinguishes itself through a multi-agent orchestration engine that coordinates specialized autonomous agents to perform parallel security assessments. By integrating LLM-agno
Generates a sitemap of discovered endpoints and paths to provide a clear overview of application structure and entry points.
SpiderFoot is an open-source reconnaissance and intelligence automation framework designed to streamline the collection and correlation of data for security investigations. It functions as a comprehensive platform that automates the querying of hundreds of public data sources to map digital footprints, identify exposed assets, and uncover potential security threats across an organization's external perimeter. The platform distinguishes itself through a modular, plugin-based architecture that executes data gathering tasks in parallel, supported by a directed graph data model that tracks relati
Identifies and monitors internet-exposed digital assets to reduce organizational risk and uncover shadow IT.
Anubis is a command-line security reconnaissance framework designed for subdomain enumeration and attack surface mapping. It functions as a utility for security professionals to identify, catalog, and visualize the external digital footprint of an organization by discovering all subdomains associated with a target domain. The tool distinguishes itself through a modular resolver pipeline that integrates passive reconnaissance from third-party security APIs and public certificate transparency logs. It combines this data with active discovery methods, including recursive DNS brute-forcing and al
Maps the external digital footprint by discovering and inventorying all subdomains linked to a target domain.
theHarvester is a command-line utility designed for gathering open-source intelligence and mapping an organization's external attack surface. It functions as a security information gathering framework that automates the collection of publicly available data to assist in reconnaissance and threat analysis. The tool utilizes a plugin-based architecture to execute isolated queries against various search engines and public databases. It employs asynchronous task execution to run multiple discovery operations in parallel, while a centralized pipeline aggregates and deduplicates findings from these
Identifies public-facing digital assets to map an organization's external attack surface.
Hacker Roadmap is a community-driven repository that functions as a structured learning path and resource directory for cybersecurity and ethical hacking. It organizes complex security concepts into sequential modules, guiding users from fundamental knowledge to advanced technical exploitation skills through a curated collection of educational materials and professional development resources. The project distinguishes itself by acting as a centralized index that maps specialized third-party security software and isolated training environments to specific operational use cases. By aggregating
Maps domains and IP addresses to identify exposed entry points and potential security vulnerabilities.
Amass is an attack surface management tool designed to identify, map, and inventory an organization's internet-facing digital assets. It functions as a security asset discovery engine that systematically expands an organization's known infrastructure footprint through recursive domain name resolution and the collection of intelligence from diverse public data sources. The platform distinguishes itself by utilizing a graph-based modeling approach to organize discovered resources. By maintaining a persistent graph database, it tracks the relationships between infrastructure components and norma
Provides a platform for mapping organizational digital assets to identify security vulnerabilities across the network.
Subfinder is a security reconnaissance framework designed for subdomain enumeration and attack surface management. It functions as a discovery engine that identifies and maps internet-exposed infrastructure, cloud-hosted assets, and network ranges to maintain a comprehensive inventory of an organization's digital footprint. The project distinguishes itself through a modular, template-driven scanning engine that executes security checks against discovered assets. It leverages cloud-native asset discovery to query provider APIs and infrastructure metadata, while supporting distributed agent orc
Maps internet-exposed infrastructure and cloud assets to maintain visibility into an organization's total attack surface.
Azure Docs is the official technical documentation repository for Microsoft Azure, the cloud computing platform. It provides comprehensive guidance on the full spectrum of Azure services, covering everything from core infrastructure components like virtual machines, Kubernetes clusters, and serverless computing to platform services for AI, machine learning, data analytics, and storage. The documentation details how to provision, manage, and govern cloud resources at scale, including policy enforcement, identity management, and cost optimization. The documentation distinguishes Azure through i
Documents Microsoft Defender for Cloud for discovering internet-exposed resources and managing attack surface.
httpx is a suite of tools and libraries for HTTP reconnaissance, infrastructure discovery, and DNS resolution. It functions as a command line toolkit for extracting metadata and status codes from HTTP targets and CIDR ranges, as well as a Go library for integrating these probing capabilities into custom programs. The project distinguishes itself through specialized infrastructure profiling, using TLS fingerprinting to extract JARM hashes and certificate details. It identifies underlying components such as CDN usage, Autonomous System Numbers, and CNAMEs to map web server software and infrastr
Analyzes TLS certificates, JARM hashes, and security headers to evaluate the external security posture of a network.
Sn1per is a vulnerability management platform and penetration testing orchestrator designed to automate reconnaissance, vulnerability scanning, and exploit verification. It functions as a dockerized security toolkit that coordinates multiple tools into a unified automated pipeline to identify security flaws across network and web assets. The platform features an attack surface manager for discovering internet-facing assets through OSINT, DNS enumeration, and certificate transparency. It distinguishes itself with an AI-powered security analyzer that uses large language models to summarize scan
Discovers and monitors internet-facing assets using OSINT and DNS enumeration to identify organizational exposures.
This project is an open-source intelligence reconnaissance framework and recursive attack surface mapper. It functions as a containerized security scanner designed to map public-facing infrastructure, perform subdomain enumeration, and automate the gathering of open-source intelligence. The system employs a recursive discovery engine to iteratively explore target infrastructure, utilizing a plugin-based module architecture to extend scanning capabilities. It integrates third-party APIs for data enrichment and applies YARA rules across discovered assets to identify specific vulnerability patte
Provides a platform for discovering, inventorying, and monitoring internet-facing assets to maintain visibility into the external security posture.
Rengine is an automated reconnaissance framework and vulnerability management platform designed for attack surface monitoring. It functions as a centralized hub for discovering subdomains and open ports, gathering open-source intelligence, and tracking security flaws across target networks. The system integrates large language models to analyze reconnaissance data and generate vulnerability descriptions and insights. It distinguishes itself through a plugin-based tool integration that wraps external security scanning binaries and a target mapping system that tracks changes to assets over time
Maps subdomains and open ports to identify and monitor all internet-facing assets for an organization.
reconftw is an attack surface management framework and reconnaissance workflow orchestrator designed to automate the discovery, mapping, and monitoring of external digital assets. It operates as a modular tool-chain pipeline that coordinates a sequence of security tools to perform intelligence gathering and vulnerability scanning. The project distinguishes itself through a cloud-native deployment model that parallelizes scanning workloads across a fleet of remote VPS instances to bypass local resource constraints. It utilizes container-based environment isolation to ensure consistent executio
Provides a comprehensive platform for discovering, inventorying, and monitoring internet-facing assets.
Knock este un instrument de gestionare a suprafeței de atac și un framework de recunoaștere DNS utilizat pentru descoperirea și maparea infrastructurii externe a unei organizații. Funcționează ca un instrument de enumerare a subdomeniilor și scaner de securitate HTTP pentru a identifica host-urile accesibile și activele organizaționale. Proiectul se distinge prin utilizarea unei strategii de enumerare hibridă pasiv-activă, combinând căutările API externe cu atacuri active de tip brute-force pe wordlist și transferuri de zonă DNS. Include un pipeline de validare în mai multe etape care detectează înregistrările DNS wildcard și verifică conectivitatea host-ului pentru a filtra rezultatele fals pozitive. Framework-ul acoperă maparea suprafeței de atac, auditarea securității DNS și recunoașterea vulnerabilităților, inclusiv detectarea protocoalelor TLS moștenite. Rezultatele sunt gestionate printr-o bază de date căutabilă și pot fi exportate ca rapoarte HTML sau JSON. Opțiunile de reglare a performanței permit ajustarea nivelurilor de concurență și a timeout-urilor de rețea.
Provides a complete platform for discovering, inventorying, and monitoring internet-facing assets.
ShuiZe_0x727 este un framework de colectare de informații open-source (OSINT) și un instrument de gestionare a suprafeței de atac. Acesta funcționează ca un motor de descoperire a activelor și un agregator de informații cibernetice, conceput pentru a identifica activele expuse la internet, a mapa infrastructura de rețea și a vizualiza expunerea totală a rețelei. Proiectul integrează scanarea vulnerabilităților și detectarea scurgerilor de date sensibile pentru a identifica slăbiciunile de securitate și punctele de acces neautorizate. Utilizează o combinație de interogări API pentru spațiul de rețea, analiza log-urilor de certificate și scanarea depozitelor publice pentru a extrage credențiale scurse, chei API și căi administrative interne. Framework-ul oferă capabilități pentru colectarea automatizată de informații și cercetarea în domeniul securității cibernetice, utilizând un motor de scanare bazat pe plugin-uri pentru a detecta vulnerabilități în servicii web și porturi deschise. Datele despre active și constatările de securitate sunt exportate în foi de calcul formatate pentru analiză și audit offline.
Provides a comprehensive platform for discovering and monitoring internet-facing assets to manage total network exposure.
This project is a network reconnaissance framework and internet metadata database used for collecting, storing, and analyzing data from active scanners and passive traffic captures. It functions as a threat intelligence aggregator and passive traffic analysis tool, merging scan results from multiple tools into a unified dataset for security investigation. The system distinguishes itself through its ability to visualize network assets using heatmaps and geographic charts to correlate autonomous systems and domain names. It provides external attack surface management by aggregating metadata to
Aggregates scan results and metadata to visualize and monitor the security posture of public internet assets.
Findomain is a subdomain discovery tool and DNS resolver used for mapping an organization's external attack surface. It functions as a DNS infrastructure analyzer that searches for registered subdomains associated with a root domain to uncover undocumented infrastructure and services. The project includes an attack surface monitor that tracks changes to subdomains over time, using differential state monitoring to identify newly created or deleted assets. It provides real-time alerting via webhooks when changes in the monitored domain surface are detected. The system performs high-speed DNS r
Monitors the external attack surface by tracking subdomain changes and sending real-time alerts.
ScopeSentry este o platformă distribuită de gestionare a suprafeței de atac, concepută pentru a cataloga activele digitale și a automatiza evaluările de securitate în medii de rețea mari. Funcționează ca un instrument de descoperire a activelor de rețea și scaner de vulnerabilități, oferind un framework pentru menținerea vizibilității asupra infrastructurii organizaționale. Platforma se distinge printr-o arhitectură distribuită care orchestrează noduri worker pentru a executa sarcini de securitate în paralel. Utilizează un proces de descoperire bazat pe evenimente pentru a identifica active noi și subdomenii, menținând o înregistrare cu stare a configurațiilor și slăbiciunilor pentru a facilita detectarea schimbărilor pe termen lung. Sistemul suportă un pipeline de execuție modular care permite integrarea de plugin-uri personalizate și utilitare de securitate terțe. Această extensibilitate permite monitorizarea cuprinzătoare a activelor web, enumerarea automatizată a subdomeniilor și identificarea configurațiilor greșite sau a scurgerilor de informații sensibile în medii distribuite.
Provides a security framework for mapping network assets, enumerating subdomains, and automating vulnerability scanning across distributed infrastructure.