Home

Awesome

Awesome Asset Discovery

<img src="https://i1.wp.com/redhuntlabs.com/wp-content/uploads/2020/05/RedHunt-Logo-Without-Text-Dark.png?w=512&ssl=1" align="right" width="100">

Asset Discovery is the initial phase of any security assessment engagement, be it offensive or defensive. With the evolution of information technology, the scope and definition of assets has also evolved.

Earlier the servers, workstations and websites were primary IT assets of an organization, but today this definition is very limiting and should include anything and everything an organization and its entities has their data on (knowingly or unknowingly). The scope of ownership could differ, but it does not limit the attack surface, for example if an organization puts out open source code on Github, they are not the owner of Github but of the data they put under their repositories. In a scenario where some organization secret has been put on this Github account, it could pose a threat equal or more than running a vulnerable service.

We have explored this aspect of assets in our blog post here.

Through this repository, we want to put out a list of curated resources which help during asset discovery phase of a security assessment engagement. We welcome suggestions and contributions from the community in terms of resources as well as categories.

To know more about our Attack Surface Management platform, check out NVADR.

Contents

Content Discovery

IP Address Discovery

Domain / Subdomain Discovery

Email Discovery

Network / Port Scanning

Business Communication Infrastructure Discovery

Source Code Aggregators / Search - Information Discovery

Cloud Infrastructure Discovery

Company Information and Associations

Internet Survey Data

Social Media / Employee Profiling

Data Leaks

Internet Scan / Archived Information


Contributing

In case you would like to add information to this repository or suggest some ideas, please use one of the following options:

Connect

To connect with us:

License

This work is licensed under CC0 1.0 Universal