OWASP Amass
The OWASP Amass Project has developed a tool to help information security professionals perform network mapping of attack surfaces and perform external asset discovery using open source information gathering and active reconnaissance techniques.
Cost / License
- Free
- Open Source
Platforms
- Linux
- Online
- Self-Hosted
Features
Tags
- owasp
- subdomain-finder
OWASP Amass News & Activities
Recent activities
- manduhcalderon liked OWASP Amass
- K0RR updated OWASP Amass
OWASP Amass information
Developed by
OWASP Licensing
Open Source and Free product.Written in
Alternatives
8 alternatives listedSupported Languages
- English
What is OWASP Amass?
The OWASP Amass Project has developed a tool to help information security professionals perform network mapping of attack surfaces and perform external asset discovery using open source information gathering and active reconnaissance techniques.
Information Gathering Techniques Used:
DNS: Basic enumeration, Brute forcing (optional), Reverse DNS sweeping, Subdomain name alterations/permutations, Zone transfers (optional) Scraping: Ask, Baidu, Bing, DNSDumpster, DNSTable, Dogpile, Exalead, Google, HackerOne, IPv4Info, Netcraft, PTRArchive, Riddler, SiteDossier, ViewDNS, Yahoo Certificates: Active pulls (optional), Censys, CertSpotter, Crtsh, Entrust, GoogleCT APIs: AlienVault, BinaryEdge, BufferOver, CIRCL, CommonCrawl, DNSDB, GitHub, HackerTarget, Mnemonic, NetworksDB, PassiveTotal, Pastebin, RADb, Robtex, SecurityTrails, ShadowServer, Shodan, Spyse (CertDB & FindSubdomains), Sublist3rAPI, TeamCymru, ThreatCrowd, Twitter, Umbrella, URLScan, VirusTotal, WhoisXML Web Archives: ArchiveIt, ArchiveToday, Arquivo, LoCArchive, OpenUKArchive, UKGovArchive, Wayback