Side channel and fault injection attacks are a major threat to cryptographic applications of embedded systems. Best performances for these attacks are achieved by focusing sensors or injectors on the sensible parts of the application, by means of dedicated methods to localise them. Few methods have been proposed in the past, and all of them pinpoint the crypto processor. However, when the cryptographic application is protected, it could be interesting to exploit the activity of other parts of the application, to bypass the countermeasure. In this article, we propose a new localisation method based on cross-correlation, which issues a list of areas of interest within the attacked device. Not only the analysis is exhaustive, but it also does not require a preliminary knowledge about the implementation. Notably, unlike the previous art, this cartography method does not demand that the attacker has the power to request two (or more) acquisitions with anything identical but the crypto processor inputs (\emph{e.g.} the plaintext). The method is experimentally validated using observations of the electromagnetic near field distribution over a Xilinx Virtex 5 FPGA.