IMPORTANT: Use this application exclusively from Burp Suite's Browser.
Configure Match and Replace rules in Burpsuite to evade some protections:
Type
Match
Replace
Type
Response header
X-Frame-Options
X-Frame-Options-Disabled
Literal
Response header
Content-Security-Policy
Content-Security-Policy-Disabled
Literal
Response header
Permissions-Policy:
Permissions-Policy-Disabled:
Literal
Response header
^Access\-Control\-Allow\-Origin.*$
Regex
Response header
Access-Control-Allow-Origin: *
Literal
Alternatively, download and import the BurpSuite Project file:
Recommendation: Run with the console inspector enabled.
Configuration
About Surface Explorer
Surface Explorer is a cutting-edge tool developed to enhance the capabilities of cybersecurity professionals in discovering exposed IT assets. The project, spearheaded by a team of dedicated developers, aims to provide an intuitive, comprehensive solution for surface analysis in penetration testing.
This project is proudly funded and supported by OpenBash, a platform committed to advancing cybersecurity research and tool development. OpenBash's support has been instrumental in bringing Surface Explorer to life, providing resources and guidance throughout the development process.
We are always looking for passionate individuals to join our cause. If you're interested in contributing to Surface Explorer, visit our project page on GitHub or contact us through OpenBash's website.
Help & Instructions
Surface Explorer is a tool designed for automating the discovery and analysis of web surfaces in penetration testing. It allows users to specify URLs or domains, choose scanning modes, and customize other options for efficient exploration.
Available Options
Scan Mode: Choose between 'Normal' and 'Path Explorer' scanning modes. 'Normal' performs a standard scan, while 'Path Explorer' delves into specific paths.
URLs or Domains: Enter the URLs or domains to be explored, separated by commas or new lines.
Max. Iframes: Set the maximum number of iframes to load simultaneously.
Loading Mode: Select 'Load on Complete' to load the next iframe after the previous one completes, or 'Load with Timeout' to load iframes at regular intervals.
Timeout (sec): Specify the timeout in seconds for loading iframes when 'Load with Timeout' is selected.
Dictionary: Choose a dictionary for path discovery. 'Discovery' for comprehensive scanning, 'Quick Visit' for a rapid overview, or 'Custom' to use a user-defined wordlist.
Custom Wordlist URL: Provide a URL for a custom wordlist to be used in scanning.
Config Button: Opens the configuration panel to set a custom wordlist URL.
Download Burp Project: Download the configuration file for use with Burp Suite.
Scan Targets Button: Initiates the scanning process based on the specified settings.
Stop Button: Stops the ongoing scanning process immediately.
Easiest Setup via Burp Suite Project Import
To ensure correct configuration and ease of use, importing the Surface Explorer project into Burp Suite is recommended. Follow these steps to import the project:
Download the Burp Suite Project File: Use the 'Download Burp Project' button in Surface Explorer to download the project file.
Open Burp Suite: Launch Burp Suite on your system.
Import the Project: In Burp Suite, go to the 'Project options' tab. Click on 'Import Project' and select the downloaded project file.
Review and Apply Settings: Once imported, review the project settings to ensure they align with your testing environment. Adjust as necessary.
Start Using Surface Explorer: With the project settings imported and adjusted, you can now start using Surface Explorer. All traffic generated will be routed through Burp Suite for analysis.
This approach guarantees that the necessary security configurations are in place for Surface Explorer to function correctly within the context of Burp Suite.
Please ensure the following requirements are met:
IMPORTANT: Use this application exclusively from Burp Suite's Browser.
Configure Match and Replace rules in Burpsuite to evade some protections:
Type
Match
Replace
Type
Response header
X-Frame-Options
X-Frame-Options-Disabled
Literal
Response header
Content-Security-Policy
Content-Security-Policy-Disabled
Literal
Response header
Permissions-Policy:
Permissions-Policy-Disabled:
Literal
Response header
^Access\-Control\-Allow\-Origin.*$
Regex
Response header
Access-Control-Allow-Origin: *
Literal
Data Storage
Preferences and configurations are stored locally in the browser using Local Storage. To maintain preferences across sessions, it's recommended to use a loaded user profile in the browser.
Use of HTTP
The application operates over HTTP to allow mixed traffic from HTTP to HTTPS. Since it is a tool for analyzing security within Burp Suite, the use of HTTPS is not considered beneficial in this context.