• Address
  • Strijp TQ
  • Achtseweg Zuid 151C
  • 5651 GW Eindhoven
  • MindLabs
  • Locomotiefboulevard 103
  • 5041 SE Tilburg

Mapping out the attack surface of the Netherlands

Semester programme:

Master of Applied IT

Client company:

Mark Madsen and Tom Broummels

Project group members:

Othman Kouhi
Lazar Dimitrovski

Previous project Hyperparameter Tuning Optimization for Time Series Financial Analysis Next projectModelling Energy Systems

Project description

This project developed a hybrid methodology for third-level domain enumeration in the .nl ccTLD, combining passive and active techniques with validation to enhance coverage, accuracy, and actionable results.

Context

The project is set within the domain of cybersecurity, specifically focusing on subdomain enumeration within the .nl ccTLD. It addresses the need for improved coverage and accuracy in identifying third-level domains, which are critical for understanding and mitigating cyber risks in Dutch organizations.

Results

The most important outcomes of the project include the development of the attack_surface.py tool and a validated hybrid methodology for subdomain enumeration in the .nl ccTLD. The tool combines passive and active techniques, achieving greater coverage by discovering 305 subdomains compared to Amass's 265. It also integrates validation processes, ensuring actionable datasets by filtering non-resolving subdomains.

The insights highlight the effectiveness of Certificate Transparency logs, contributing 667 subdomains, and the value of brute-forcing with optimized wordlists, identifying 182 subdomains. These results validate the hybrid model's superior performance, addressing coverage gaps while minimizing overlap. Positioned at Technology Readiness Level (TRL) 5, the tool demonstrates functionality in a relevant environment, bridging the gap between research and practical application. Its scalability and adaptability provide significant value for enhancing cybersecurity practices in the Dutch domain space.

About the project group

The project group comprises myself and Othman, with distinct focus areas. My work centers on enhancing subdomain enumeration coverage and accuracy, while Othman focuses on predicting subdomains using a word embeddings approach. Spanning 18 weeks (one semester), the project involved both individual and collaborative efforts. We shared resources and provided feedback on each other's work, ensuring no overlap between our contributions.

Back to
Master
Curious to learn more about the InnovationLab? Get in touch!

Let's talk!