Scribd
Upload
99 views16 pages

Easm Comprehensive Report

The report provides an overview of security risks and vulnerabilities identified in the systems of synoriq.com as of February 28, 2025. It highlights low-level risks across various categories including vulnerabilities, network security, incident history, cloud security, and common vulnerabilities and exposures (CVE), with specific details on 30 identified digital risks. The report emphasizes the need for remediation of these issues to enhance overall security posture.

Uploaded by

amardeep.kumar
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
99 views16 pages

Easm Comprehensive Report

The report provides an overview of security risks and vulnerabilities identified in the systems of synoriq.com as of February 28, 2025. It highlights low-level risks across various categories including vulnerabilities, network security, incident history, cloud security, and common vulnerabilities and exposures (CVE), with specific details on 30 identified digital risks. The report emphasizes the need for remediation of these issues to enhance overall security posture.

Uploaded by

amardeep.kumar
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 16

ATTACK SURFACE EXECUTIVE

REPORT
PREPARED FOR

synoriq.com

28 Feb 2025
Risk
Overview

Vulnerabilities Network Security


Weaknesses in systems, Risks arising from
applications, or insecure or
configurations that misconfigured network
attackers can exploit. components.

Incident History Cloud Security


History of past incidents Risks from
indicating areas of misconfigured or
potential recurrence or insecure cloud
weakness. CVE environments.
Common Vulnerabilities
and Exposures (CVE)
findings identified in the
assets

Category Count

Lookalike Domains 9

Technologies Detected 17

Exposed Ports 13

Exposed Panels 0

Default Logins 0

Exposed Cloud Assets 0

Docker Images 0

Github Patches 0
Top 5
Risk Categories

CVE

Cloud Security

Incident History

Network Security

Vulnerabilities

0 0.2 0.4 0.6 0.8 1

Low High

R is k
C a teg ory S c ore Deta ils
Level

Weaknesses in systems, applications, or configurations that attackers can


Vulnerabilities 0 Low
exploit.

Network
0 Low Risks arising from insecure or misconfigured network components.
Security

History of past incidents indicating areas of potential recurrence or


Incident History 0 Low
weakness.

Cloud Security 0 Low Risks from misconfigured or insecure cloud environments.

Common Vulnerabilities and Exposures (CVE) findings identified in the


CVE 0 Low
assets
Digital
Risks Details

Sr
Na m e S everity Affec ted /Tota l
No

1 HTTP Missing Security Headers Low 10 / 107

This template searches for missing HTTP security headers. The impact of these missing headers can vary.

Sr
Na m e S everity Affec ted /Tota l
No

2 TLS Version - Detect Low 9 / 107

N/A

Sr
Na m e S everity Affec ted /Tota l
No

3 Detect SSL Certificate Issuer Low 9 / 107

Extract the issuer's organization from the target's certificate. Issuers are entities which sign and distribute
certificates.
Digital
Risks Details

Sr
Na m e S everity Affec ted /Tota l
No

4 SSL DNS Names Low 9 / 107

Extract the Subject Alternative Name (SAN) from the target's certificate. SAN facilitates the usage of additional
hostnames with the same certificate.

Sr
Na m e S everity Affec ted /Tota l
No

Wildcard TLS
5 Low 7 / 107
Certificate

Checks a sites certificate to see if there are wildcard CN or SAN entries.

https://cheatsheetseries.owasp.org/cheatsheets/Transport_Layer_Security_Cheat_Sheet.ht
Remediations
ml#carefully-consider-the-use-of-wildcard-certificates

Sr
Na m e S everity Affec ted /Tota l
No

6 RDAP WHOIS Low 1 / 107

RDAP (Registration Data Access Protocol) is a standard defined by the IETF to replace the whois protocol in queries
for information about Internet resource records such as domain names, IP addresses, and ASNs.

Remediations https://about.rdap.org/
Digital
Risks Details

Sr
Na m e S everity Affec ted /Tota l
No

DOM EventListener - Cross-Site


7 Low 5 / 107
Scripting

EventListener contains a cross-site scripting vulnerability via the document object model (DOM). An attacker can
execute arbitrary script which can then allow theft of cookie-based authentication credentials and launch of other
attacks.

https://portswigger.net/web-security/dom-based/controlling-the-web-me
Remediations
ssage-source

Sr
Na m e S everity Affec ted /Tota l
No

8 robots.txt endpoint prober Low 4 / 107

N/A

Sr
Na m e S everity Affec ted /Tota l
No

Missing Subresource
9 Low 3 / 107
Integrity

Checks if external script and stylesheet tags in the HTML response are missing the Subresource Integrity (SRI)
attribute.

https://cheatsheetseries.owasp.org/cheatsheets/Third_Party_Javascript_Management
Remediations
_Cheat_Sheet.html#subresource-integrity
Digital
Risks Details

Sr
Na m e S everity Affec ted /Tota l
No

10 Allowed Options Method Low 2 / 107

N/A

Sr
Na m e S everity Affec ted /Tota l
No

11 Cookies without HttpOnly attribute - Detect Low 2 / 107

Checks whether cookies in the HTTP response contain the HttpOnly attribute. If the HttpOnly flag is set, it means that
the cookie is HTTP-only

Remediations https://owasp.org/www-community/HttpOnly

Sr
Na m e S everity Affec ted /Tota l
No

12 Form Detection Low 2 / 107

A template to detect HTML Forms in page response.

Remediations https://github.com/dirtycoder0124/formcrawler
Digital
Risks Details

Sr
Na m e S everity Affec ted /Tota l
No

XSS-Protection Header - Cross-Site


13 Low 2 / 107
Scripting

Setting the XSS-Protection header is deprecated. Setting the header to anything other than `0` can actually
introduce an XSS vulnerability.

https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-XSS-Pr
Remediations
otection

Sr
Na m e S everity Affec ted /Tota l
No

14 robots.txt file Low 2 / 107

N/A

Sr
Na m e S everity Affec ted /Tota l
No

15 Apple app site association for harvesting end points Low 1 / 107

N/A
Digital
Risks Details

Sr
Na m e S everity Affec ted /Tota l
No

Cookies without Secure attribute -


16 Low 1 / 107
Detect

Checks whether cookies in the HTTP response contain the Secure attribute. If the Secure flag is set, it means that the
cookie can only be transmitted over HTTPS

Remediations https://owasp.org/www-community/controls/SecureCookieAttribute

Sr
Na m e S everity Affec ted /Tota l
No

17 DNS SaaS Service Detection Low 1 / 107

A CNAME DNS record was discovered

Remediations https://ns1.com/resources/cname

Sr
Na m e S everity Affec ted /Tota l
No

18 Metatag CMS Detection Low 1 / 107

Generic CMS Detection using html meta generator tag

Remediations https://www.w3schools.com/tags/att_meta_name.asp
Digital
Risks Details

Sr
Na m e S everity Affec ted /Tota l
No

19 README.md file disclosure Low 1 / 107

Internal documentation file often used in projects which can contain sensitive information.

Sr
Na m e S everity Affec ted /Tota l
No

20 phpMyAdmin Panel - Detect Low 1 / 107

phpMyAdmin panel was detected.

Sr
Na m e S everity Affec ted /Tota l
No

21 WAF Detection Low 10 / 107

A web application firewall was detected.

Remediations https://github.com/Ekultek/WhatWaf
Digital
Risks Details

Sr
Na m e S everity Affec ted /Tota l
No

22 CAA Record Low 8 / 107

A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to
issue certificates for a domain.

Remediations https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record

Sr
Na m e S everity Affec ted /Tota l
No

23 DNS DMARC - Detect Low 1 / 107

DNS DMARC information was detected.

Remediations https://dmarc.org/

Sr
Na m e S everity Affec ted /Tota l
No

DNS TXT Record


24 Low 1 / 107
Detected

A DNS TXT record was detected. The TXT record lets a domain admin leave notes on a DNS server.

https://www.netspi.com/blog/technical/network-penetration-testing/analyzing-dns-txt-re
Remediations
cords-to-fingerprint-service-providers/
Digital
Risks Details

Sr
Na m e S everity Affec ted /Tota l
No

25 DNS WAF Detection Low 1 / 107

A DNS WAF was detected.

Sr
Na m e S everity Affec ted /Tota l
No

26 MX Record Detection Low 1 / 107

An MX record was detected. MX records direct emails to a mail exchange server.

Remediations https://mxtoolbox.com/

Sr
Na m e S everity Affec ted /Tota l
No

27 NS Record Detection Low 1 / 107

An NS record was detected. An NS record delegates a subdomain to a set of name servers.


Digital
Risks Details

Sr
Na m e S everity Affec ted /Tota l
No

28 Wappalyzer Technology Detection Low 9 / 107

N/A

Sr
Na m e S everity Affec ted /Tota l
No

29 FingerprintHub Technology Fingerprint Low 1 / 107

FingerprintHub Technology Fingerprint tests run in tool.

Remediations https://github.com/0x727/FingerprintHub

Sr
Na m e S everity Affec ted /Tota l
No

30 Microsoft Azure Domain Tenant ID - Detect Low 1 / 107

Microsoft Azure Domain Tenant ID was detected.

Remediations https://azure.microsoft.com

You might also like