Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Easy EASM - The Zero-Dollar Attack Surface Management Tool

Recon Village via YouTube

Overview

Watch a DEF CON 31 conference talk exploring Easy EASM, a zero-cost attack surface management tool designed for organizations to monitor their external-facing assets. Learn how to implement this straightforward solution that originated from bug bounty hunting techniques, requiring minimal setup of just ten lines of code and one-button deployment. Discover how Easy EASM combines multiple open-source tools including Amass, Subfinder, Chaos, Notify, r7 Sonar, eyewitness, and Cloud Certs to perform comprehensive reconnaissance on specified targets. Understand the daily scanning capabilities that alert users through Slack or Discord about newly discovered assets, while also generating Excel-based risk registers and asset databases. Explore both "fast" and "comprehensive" deployment options, with the latter offering additional features like brute force scanning, permutation discovery, screenshots, and technology profiling. Perfect for security professionals seeking an efficient, automated approach to external asset management without the complexity of commercial solutions.

Syllabus

DEF CON 31 Recon Village - Jason Haddix - Easy EASM The Zero-Dollar Attack Surface Management Tool

Taught by

Recon Village

Reviews

Start your review of Easy EASM - The Zero-Dollar Attack Surface Management Tool

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.