I launched a new platform recently that you can use to discover all you Internet-connected assets of your organization. It has been in the research & development for a while, and I have focused into re-building it to be a public platform to discover your external attack surface.
I looked trough the site and tried a few searches (which returned nothing I guess the scanning is maybe in in it's infancy?)
From what I gathered, it seems to be a similar to services like Shodan and Censys, is that right? Is that a correct impression or if not, what do you do differently?
The scanning and the database is rapidly growing. We currently cover a large range of domains.
FullHunt is similar to Shodan and Censys, but focuses on solving the Attack Surface Management challenges for companies and organizations.
For example, Shodan focuses on running Internet scans on the IPv4 space, while FullHunt focuses on mapping the external attack surface of organizations. FullHunt can show you the external assets of your organizations a single search about your domain should reveal everything related to the attack surface, starting from CDNs, Cloud Providers, DNS records, Externally-exposed network services, and more soon in the future.
Okay, makes sense, neither Shodan nor Cencys are very easy to work with. Both have a learning curve to figure out all the ssl: asn: filters to find everything from an org.
Making things more easily discoverable will be a benefit to everyone.
Good luck. I'll check back later and see what you have discovered.
I launched a new platform recently that you can use to discover all you Internet-connected assets of your organization. It has been in the research & development for a while, and I have focused into re-building it to be a public platform to discover your external attack surface.
It's as easy as searching for your domain like: https://fullhunt.io/search?query=ycombinator.com
I'm looking for your feedback and thoughts, if you like the idea of the project, please feel free to upvote!
Thank you,
Mazin Ahmed
I looked trough the site and tried a few searches (which returned nothing I guess the scanning is maybe in in it's infancy?)
From what I gathered, it seems to be a similar to services like Shodan and Censys, is that right? Is that a correct impression or if not, what do you do differently?
The scanning and the database is rapidly growing. We currently cover a large range of domains.
FullHunt is similar to Shodan and Censys, but focuses on solving the Attack Surface Management challenges for companies and organizations.
For example, Shodan focuses on running Internet scans on the IPv4 space, while FullHunt focuses on mapping the external attack surface of organizations. FullHunt can show you the external assets of your organizations a single search about your domain should reveal everything related to the attack surface, starting from CDNs, Cloud Providers, DNS records, Externally-exposed network services, and more soon in the future.
There is a discussion between the Shodan founder and I on Reddit: https://www.reddit.com/r/netsec/comments/qfpu1z/comment/hi15...
In general, it's two products solving different security problems.
Good luck. I'll check back later and see what you have discovered.