Discover Internet-exposed Applications¶
Start with a Single Domain Name¶
The primary input required is your company's Domain name. This domain represents the minimal scope of discovery for the ASM process.
Escape employs advanced subdomain enumeration techniques combined with intelligent brute-force methods and crawling (including API Discovery from Frontend Code) to visit and inspect a comprehensive range of URLs. Each URL undergoes thorough fingerprinting analysis.
Escape utilizes AI-powered fingerprinting to identify and classify Assets by analyzing various characteristics, including structure, endpoints, and response patterns. This AI-based approach enables high-accuracy detection and categorization of various Asset Types, even for unique or non-standard configurations.
Add Additional Domains and Subdomains¶
While Escape requires only a single domain name as minimal input, you can use the Bulk Edit feature to add multiple Domains and Subdomains to your Exploration Scope.
Scanning Internal Networks¶
Escape supports Private Locations—lightweight connectors that create a secure reverse SOCKS5 tunnel from your on-prem or VPC environment to Escape’s cloud.\ Deploying a Private Location lets the ASM detect and fingerprint internal Assets that sit behind firewalls or VPNs, using the same mechanism available for Internal Application testing in Escape DAST.
For setup instructions, see the Private Location Documentation.\ ➡️ ../04-tooling/20-private-location/index.md