Back to Website
  1. Knowledge Base
  2. Assessment & Prioritisation
  3. Attack Surface Insights

Domains page

Alexander Matsson
Modified on: Wed, 31 Jul, 2024 at 5:28 PM

The domains page is the place to understand the exposure of all your monitored domains. The plan is for this page to replace the All Assets page ones it is at a more mature state.




The place for all your monitored domains


The "Domains" page is the primary place to learn about the domains on your attack surface that are monitored with Surface Monitoring. It's at the top under the "Insight" section in the menu, designed to collect all the output and insights our product has generated.


The main feature of the "Domains" page is a table displaying each row as a new domain, along with details about that domain. Filters and search options are available so that you can find the domains you're interested in or that match your specific query. You can also examine aspects such as the exposure degree of a domain, which explains the level of exposure that particular domain has.


Further information available on this page that describes the domain's exposure includes open ports, technologies, vulnerabilities, IPs, countries, and providers, as well as when the domain was first seen and when it disappeared (if applicable).


Selecting any domain will take you to the details page, which shows open ports, DNS records, technologies fingerprinted on that specific domain (e.g., blog.detectifydemo.com), the IP addresses this domain points to, and the list of vulnerabilities found. The details page summarizes all aspects of that domain, giving you a complete picture and highlighting any necessary actions.


DNS record information not currently available

For now, there's no information about a domain's DNS records available on the domains page. This means that some domains will be classified as "Not resolvable" even though there are DNS records for them. This affects only those domains that have DNS records but no resolving IP addresses.


Surface state

The surface state will tell you to what level a particular domain is open to the internet. Each domain can be in one of either five states:

  • Unresolvable domain: This means that there are no DNS records that have been resolved for the domain.
  • DNS record: For these domains, we have found DNS records but no resolving IP addresses from any A, AAAA, or CNAME records.
  • Resolving IP: These domains have resolving IP addresses from A, AAAA, or CNAME records, but no open ports.
  • Open port: This means that we have found open ports for the domain but no fingerprinted technologies or services.
  • Fingerprinted technologies: These domains have both open ports and fingerprinted technologies. This is what we consider the highest level of exposure.

The exposure degree is like a ladder that a domain can climb. Each level means they are more open to the internet and that all the previous levels are also true. If a domain has an open port, it also has to have an IP address and a DNS record, etc.




© 2024 detectify | Go hack yourself.