The attack surfaces function provides a set of query syntax for you to set query conditions, helping you query details of attack surfaces.

Check the overview of attack surfaces

  1. Log on to the Cloud Security Scanner console.
  2. In the left-side navigation pane, click Overview.
  3. On the Overview page, find the Attack Surfaces section to check the attack surface overview of your assets.
    Attack surfaces

Query details of attack surfaces

  1. Log on to the Cloud Security Scanner console.
  2. In the left-side navigation pane, choose Laboratory > Attack Surfaces.
  3. On the Attack Surfaces page, click the tab corresponding to the data that you want to query.

    The attack surfaces feature allows you to query the following information of attack surfaces:

    • Domain names
    • Subdomains
    • Hosts
    • DNS records
    • Ports
    • Web applications
    • Web paths
  4. On the tab that appears, check details of the attack surface, including Updated At and Actions detected by Cloud Security Scanner.
    You can query the details of attack surfaces by using one of the following methods:
    • Fuzzy query

      On the tab corresponding to a data source, enter a keyword in the search box. Then, Cloud Security Scanner performs a fuzzy search for the fields of the data source and displays query results.

      For example, on the Subdomains tab, if you enter aliyun or aliyun.com in the search box, subdomain and root domain of aliyun.com, as well as an overview of scanning performed for the subdomain, are displayed.Fuzzy query
    • Field-based query
      On the tab corresponding to a data source, enter a field in the format of <Filed>:<Query content> in the search box to search for required information.
      Note DO NOT TRANSLATE For information of other query statements and examples, see Field query operators and Query fields and examples.
      For example, on the Ports tab, if you enter ip:1.2.3.4 in the search box, the service port enabled on the server whose IP address is 1.2.3.4 is displayed.IP address-based query
      Click Save As Tags. In the Save As Tags dialog box that appears, enter a tag name and save it as an asset tag. Then, you can select this tag as Scan Target when you Create scan tasks.The Save As Tags dialog boxCreating a scan task by selecting a saved tag