This is the Windows app named AttackSurfaceMapper whose latest release can be downloaded as AttackSurfaceMapperv1.1sourcecode.zip. It can be run online in the free hosting provider OnWorks for workstations.
Download and run online this app named AttackSurfaceMapper with OnWorks for free.
Follow these instructions in order to run this app:
- 1. Downloaded this application in your PC.
- 2. Enter in our file manager https://www.onworks.net/myfiles.php?username=XXXXX with the username that you want.
- 3. Upload this application in such filemanager.
- 4. Start any OS OnWorks online emulator from this website, but better Windows online emulator.
- 5. From the OnWorks Windows OS you have just started, goto our file manager https://www.onworks.net/myfiles.php?username=XXXXX with the username that you want.
- 6. Download the application and install it.
- 7. Download Wine from your Linux distributions software repositories. Once installed, you can then double-click the app to run them with Wine. You can also try PlayOnLinux, a fancy interface over Wine that will help you install popular Windows programs and games.
Wine is a way to run Windows software on Linux, but with no Windows required. Wine is an open-source Windows compatibility layer that can run Windows programs directly on any Linux desktop. Essentially, Wine is trying to re-implement enough of Windows from scratch so that it can run all those Windows applications without actually needing Windows.
SCREENSHOTS:
AttackSurfaceMapper
DESCRIPTION:
AttackSurfaceMapper (ASM) is a reconnaissance and attack surface discovery tool designed to automate the process of mapping potential targets within an organization's infrastructure. It combines open source intelligence (OSINT) with selective active reconnaissance techniques to expand and analyze a target’s external attack surface. Users can supply domains, subdomains, or IP addresses as input, and applies multiple discovery methods to identify additional related assets such as new subdomains, associated IP ranges, and hosts within the same network ownership. It performs both brute-force and passive enumeration techniques to uncover infrastructure components that may not be immediately visible. After building an expanded list of targets, AttackSurfaceMapper collects intelligence such as screenshots of web applications, information about exposed services, and possible vulnerabilities identified through integrated services. It can also search for publicly exposed credentials.
Features
- Automates reconnaissance by combining OSINT and active discovery techniques
- Expands target lists by discovering subdomains, related IPs, and network blocks
- Performs passive port scanning and vulnerability lookup using services like Shodan and Censys
- Captures screenshots of discovered web applications for visual inspection
- Collects intelligence such as employee information and potential leaked credentials
- Generates structured output files (CSV or TXT) containing reconnaissance results
Programming Language
Assembly, Python
Categories
This is an application that can also be fetched from https://sourceforge.net/projects/attacksurfacemapper.mirror/. It has been hosted in OnWorks in order to be run online in an easiest way from one of our free Operative Systems.