Article Per Year (5 Year)
p-Index From 2021 - 2026
0.23
P-Index
This Author published in this journals
All Journal Jurnal Teknologi dan Manajemen Industri Terapan
Q Fadlan
Unknown Affiliation
Computer Science & IT Control & Systems Engineering Decision Sciences, Operations Research & Management Engineering Industrial & Manufacturing Engineering

Published : 1 Documents Claim Missing Document
Claim Missing Document
Check
Articles

Found 1 Documents
Search

 1 
An Evaluation of Osint Tools for External Attack Surface Mapping Q Fadlan
Jurnal Teknologi dan Manajemen Industri Terapan Vol. 4 No. 3 (2025): Jurnal Teknologi dan Manajemen Industri Terapan
Publisher : Yayasan Inovasi Kemajuan Intelektual

Show Abstract | Download Original | Original Source | Check in Google Scholar | DOI: 10.55826/jtmit.v4i4.1415

Abstract

Modern cybersecurity relies heavily on proactively understanding the external attack surface (EAS), defined as the totality of digital assets accessible to attackers from the internet, including domains, subdomains, IP addresses, SSL certificates, cloud services, and exposed employee information. Failure to map these assets can create blind spots that are exploited in zero-day and misconfiguration-based attacks. This research aims to evaluate the effectiveness, efficiency, and scope of publicly available Open-Source Intelligence (OSINT) tools, such as Subfinder, Amass, Maltego, theHarvester, and Shodan , in identifying and mapping an organization's EAS components. The research approach involved benchmarking these tools against predetermined targets, comparing metrics such as execution time, number of unique assets discovered, and accuracy of collected information. Initial findings indicate that no single tool can provide comprehensive EAS mapping, highlighting the need for a tool-chaining strategy or combination of tools for optimal results. This evaluation provides practical recommendations for security professionals and Red Teams on the most appropriate OSINT tools for the various phases of EAS mapping, contributing significantly to a data-driven cybersecurity risk management strategy.
Co-Authors