Recent Searches

No recent searches

    Popular Articles

      Articles
      View all
        Topics
        View all
          Tickets
          View all
            no results

            Sorry! nothing found for

            What are the available scan modes ?

            Modified on Fri, 8 Aug at 10:52 AM

            There are two available modes of scanning in ThingsRecon Platform.


            Static: 

            Performs attack surface enumeration strictly limited to the set of domains already defined in the work queue. 

            This mode operates within a fixed scope and does not attempt to discover additional domains.


            Deep Discovery: 

            Performs attack surface expansion by leveraging discovery techniques aimed at identifying domains associated with the target organization. 

            Each newly identified domain may recursively enable further domain discovery.


            New with version 5.5 (general availability around mid August), we can now set the scan type and the scan mode directly from the workqueue shortcut (checkmark in the circle) :


            In the "Settings" view, we can now see the "Deep Discovered status.



            Expected behaviors for each type of updates:

            The following matrix explains what is expected to see on the "Settings" view, depending on the selected scan mode


             
            static
            deep discovery
            Update current test
            If some items have been manually added to the workqueue, only these will be scanned and the deep discovered status will be "false" for them.
            If items have been manually added to the workqueue, only these will be scanned and the deep discovered status will be "true" for all the new workqueue items where the scanner did some deep discovery from.
            New test
            Not any new workqueue items expected during this scan.
            New test result produced all deep discovered status set to "false".
            New workqueue items expected during this scan.
            New test result produced will have the deep discovered status set to "true". 
            It means the scanner used those items to pivot and find more domains.
            New test based on user entries only
            All workqueue items that were not set by users will be deleted at scan startup.
            No additional domains expected to be discovered.
            Deep discovered status will be "false" for all of them.
            All workqueue items that were not set by users will be deleted at scan startup.
            Additional domains expected to be discovered.
            Deep discovered status will be "true" for some of them.
            It means the scanner used those items to pivot and find more domains.

            Was this article helpful?

            That’s Great!

            Thank you for your feedback

            Sorry! We couldn't be helpful

            Thank you for your feedback

            Let us know how can we improve this article!

            Select at least one of the reasons
            CAPTCHA verification is required.

            Feedback sent

            We appreciate your effort and will try to fix the article

            Preview
            0 of 0