WebSurface web attack surface discovery tool launched

WebSurface is a script that automates discovery and triage of origin exposure for web infrastructure. It integrates subfinder for subdomain discovery, dnsx for DNS resolution, httpx for probing, naabu and nmap for scanning and fingerprinting, and gowitness for screenshots. The script enables visibility into external exposure using these components rather than million-dollar enterprise tooling. The pipeline first identifies subdomains and resolves their addresses. It then applies filters to exclude CDN and WAF infrastructure based on range checks, flags, CNAME patterns and other fingerprints. Only qualifying web-alive addresses that lack CDN characteristics advance to detailed port scanning and visual capture. Results from each execution are organized into a dedicated directory containing raw data, a summary report and an SQLite database. The tool provides signals about possible direct paths to backend services, open ports and certificate details that may indicate connections to public services. All indications are subject to manual verification because the classification methods rely on heuristics.