Discover every entry point of your IS

Our Cogiceo Explorer solution is a semi-automatic tool allowing to take advantage of the parallelization of tasks by a robot and the power of human analysis.

  • Parallelism accelerates the aggregation of data from many sources with crossovers that could be long and tedious for a human.
  • Human analysis is used to process the final results as a whole in order to determine the most vulnerable entry points that would allow an attacker to break into your organization.

The creation of the list of resources and entry points of the company exposed on the internet allows to:

  1. Define the attack surface visible to an attacker
  2. Spot counterfeits and phishing sites imitating your brand
  3. Take a snapshot of your e-reputation
  4. Identify sites you own that have been hacked
  5. List your web applications using obsolete/vulnerable technologies
  6. Find the administrative interfaces exposed by your services and accessible to all

Exploration

  • Data source
    • Shodan API
    • Robtex API
    • Bing API
    • WHOIS records
    • Certificate Transparency
    • DNS record (MX, NS, CNAME, A, PRT)
    • Shared DNS
    • Domain name database
    • Google Dork
  • Validation
    • IP range extension
    • WHOIS records
    • Manual validation

Vulnerability research

  • SSL / TLS protocol
    • List of vulnerable protocols supported
    • Robustness of cryptographic suites
    • Vulnerability test (tls_fallback_scsv, heartbleed)
  • Automatic scanner
    • Nmap / Zmap port scan
    • Vulnerability research using Nessus
  • Web applications
    • Detection of technologies used
    • Search for sensitive folders/files
    • Search for compromised URLs
    • Manual search for sensitive sites (VPN, Citrix)
  • Other
    • Anonymous FTP connection
    • List of SNMP communities
    • Monitoring against typosquatting
    • Detection of DNS servers vulnerable to zone transfer