README
¶
OWASP Amass
The OWASP Amass Project has developed a tool to help information security professionals perform network mapping of attack surfaces and perform external asset discovery using open source information gathering and active reconnaissance techniques.
Information Gathering Techniques Used:
- DNS: Basic enumeration, Brute forcing (optional), Reverse DNS sweeping, Subdomain name alterations/permutations, Zone transfers (optional)
- Scraping: Ask, Baidu, Bing, DNSDumpster, DNSTable, Dogpile, Exalead, Google, HackerOne, IPv4Info, Netcraft, PTRArchive, Riddler, SiteDossier, ViewDNS, Yahoo
- Certificates: Active pulls (optional), Censys, CertSpotter, Crtsh, Entrust, GoogleCT
- APIs: AlienVault, BinaryEdge, BufferOver, CIRCL, CommonCrawl, DNSDB, GitHub, HackerTarget, IPToASN, Mnemonic, NetworksDB, PassiveTotal, Pastebin, RADb, Robtex, SecurityTrails, ShadowServer, Shodan, Spyse (CertDB & FindSubdomains), Sublist3rAPI, TeamCymru, ThreatCrowd, Twitter, Umbrella, URLScan, VirusTotal, WhoisXML
- Web Archives: ArchiveIt, ArchiveToday, Arquivo, LoCArchive, OpenUKArchive, UKGovArchive, Wayback
Documentation
Use the Installation Guide to get started.
Go to the User's Guide for additional information.
See the Tutorial for example usage.
Community
Project Leader
Contributors
This project improves thanks to all the people who contribute:
Top Mentions
- TrustedSec | Upgrade Your Workflow, Part 1: Building OSINT Checklists
- SANS ISC | Offensive Tools Are For Blue Teams Too
- Daniel Miessler | amass — Automated Attack Surface Mapping
- Dionach | How to Use OWASP Amass: An Extensive Tutorial
- Jason Haddix | LevelUp 0x02 - The Bug Hunters Methodology v3(ish)
- FireEye | Commando VM 2.0: Customization, Containers, and Kali, Oh My!
- SecurityTrails | Top Linux Distros for Ethical Hacking and Penetration Testing
- Hacker Toolbelt | OWASP Amass OSINT Reconnaissance
- Ghost Lulz | YouTube - Bug Bounty Tips: Amass Recon Tool
- HackbotOne | 10 Recon Tools For Bug Bounty
- Capt. Meelo | Asset Enumeration: Expanding a Target's Attack Surface
- Noobhax | My Recon Process — DNS Enumeration
Directories
Click to show internal directories.
Click to hide internal directories.