# Recon - Attack surface overview Once the application mapping is done, the task of analyzing the application’s functionalities can begin.\ The end goal is to identify the key attack surface the web application exposes. *** ### Core functionalities Identify the core functionality of the application, what the application was created for and the actions that each function is designed to perform when used as intended.\ A deeper understanding of the web application is necessary in order to conduct a precise vulnerability assessment. ### Core security mechanisms Identify the core security mechanisms employed by the application and how they work.\ Key mechanisms to look for: * Authentication * Session management * Access control * Support functions such as user registration and account recovery * Peripheral functions such as administrative interface and logging functions ### Supplied input entry points Data can be supplied through GET & POST parameters as well as HTTP headers and URL file path in REST style URL.\ The Target Analyzer BurpSuite engagement tool can be used to list the URL of the web application that take parameters. ``` [Target] Site map -> right click -> [Engagement tools] Analyzer ``` --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://notes.qazeer.io/web-applications/recon-attack_surface.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.