IDORSSRFAUTH BYPASSJWT FORGERYRACE CONDITIONXXEBROKEN OBJECT-LEVEL AUTHPRIVILEGE ESCALATIONMASS ASSIGNMENTGRAPHQL INTROSPECTION ABUSEIDORSSRFAUTH BYPASSJWT FORGERYRACE CONDITIONXXEBROKEN OBJECT-LEVEL AUTHPRIVILEGE ESCALATIONMASS ASSIGNMENTGRAPHQL INTROSPECTION ABUSE
Impactr Logoimpactr
FeaturesHow it worksEvidencePricingLearnCompare
  1. Home
  2. Glossary
  3. Attack Surface

Frameworks & standards

Attack Surface

An attack surface is the total set of entry points - endpoints, parameters, services, hosts, and interfaces - through which an attacker could attempt to compromise a system or exfiltrate data. Understanding and continuously mapping the attack surface is the foundation of both offensive testing and attack-surface management (ASM).

Key points

  • Includes every reachable endpoint, parameter, and service.
  • Grows and shifts with every deploy.
  • Mapping it is the first step of testing and ASM.

Related

ASMAttack ChainAutonomous Penetration Testing

Impactr is an autonomous AI penetration testing platform - it investigates, chains, and proves web and API vulnerabilities with reproducible evidence.

Join the waitlist
← All terms
Impactr Logoimpactr

Built by hackers, for the code you ship. Autonomous AI penetration testing for modern web apps and APIs.

© 2026 Impactr

Product

FeaturesCoverageUse casesEvidencePricingWaitlist

Resources

VulnerabilitiesGuidesComparisonsGlossaryCWE databaseBy industryBy languageHTTP status codesSecurity headers

Company

ContactTwitterLinkedInGitHub