Attack Surface Discovery User Guide
Last updated
Last updated
SecureMetrics' Attack Surface Discovery PowerBI Template allows security teams or consultants to report on their external-facing attack surface discovered using the
When you purchase the Attack Surface Discovery PowerBI Template, you will receive a download with the following items:
PowerBI template file (.pbit)
Sample database file (.sqlite)
The PowerBI template will connect to a local sqlite database to load data into the dashboards. This database is auto-generated by the discovery engine, Amass. Your purchase also includes a sample database for testing connectivity.
In order to use this template, you will need to install and run the open-source attack surface discovery tool Amass, by OWASP. Because the dashboards connect directly to the Amass database, there are few requirements on how you operate the tool.
You can install Amass in a variety of methods, as
In order to populate the database, you'll need to run a discovery using Amass. Because the PowerBI template is pulling directly from the Amass Sqlite database, you can run multiple discoveries over time for continuous reporting.
There are many options to get the most out of Amass. However, the easiest way to get started is to run the following command:
Locate the SQLite database file generated by Amass. It will be located in the output directory and defaults to the filename amass.sqlite.
Whenever you open the PowerBI template file (.pbit), you will be prompted for the location of the SQLite database file. Paste the path, removing the quotations (") if present.
That's it!
You can now either use the dashboard locally in PowerBI Desktop, or publish to the PowerBI Service to host in the cloud.
Unfortunately, you cannot connect to a SQLite database by default in PowerBI. In order to accomplish this, you will need to download and install a SQLite ODBC driver such as this open-source one: