OpenSecAtlas
OPENSECATLAS
10/12 free views
Tool
CLI
Network Security

amass

by owasp-amass

13.7Kstars
2.1Kforks
225watchers
Updated 5 months ago
About

OWASP Amass is a powerful tool for in-depth attack surface mapping and external asset discovery using open source intelligence and active reconnaissance.

In-depth attack surface mapping and asset discovery

Primary Use Case

Security professionals and network defenders use Amass to identify and map an organization's external network assets and attack surfaces. It helps uncover vulnerabilities and potential entry points by aggregating data from multiple sources and performing active network reconnaissance.

Key Features
  • Comprehensive network mapping of attack surfaces
  • External asset discovery using open source intelligence
  • Active reconnaissance techniques integration
  • Supports installation via Go and Docker
  • Extensive documentation and community support
  • Open source with Apache 2.0 license
  • Continuous integration with testing and code coverage
  • Community engagement through Discord and contribution guidelines

Installation

  • Install Go from https://golang.org/dl/ if not already installed
  • Use 'go install' to install Amass (specific command not provided but implied)
  • Alternatively, pull the Docker image using 'docker pull owaspamass/amass'
  • Refer to the Amass Docs repository for additional installation instructions

Usage

>_ amass enum -d example.com

Performs enumeration to discover subdomains and external assets related to example.com

>_ amass -h

Displays help information and available commands for Amass

Security Frameworks
Reconnaissance
Discovery
Collection
Initial Access
Execution
Usage Insights
  • Integrate Amass with vulnerability scanners to automate attack surface discovery and vulnerability correlation.
  • Use Amass in purple team exercises to simulate attacker reconnaissance and improve defender detection capabilities.
  • Leverage Amass for continuous external asset monitoring to detect unauthorized exposure or shadow IT.
  • Chain Amass outputs with automated exploitation frameworks like Metasploit for streamlined red team operations.
  • Incorporate Amass into CI/CD pipelines for early detection of exposed assets during development and deployment.

Docs Take 2 Hours. AI Takes 10 Seconds.

Ask anything about amass. Installation? Config? Troubleshooting? Get answers trained on real docs and GitHub issues—not generic ChatGPT fluff.

3 free chats per tool • Instant responses • No credit card

Security Profile
Red Team80%
Blue Team60%
Purple Team70%
Details
LicenseOther
LanguageGo
Open Issues690
Topics
go
dns
subdomain
enumeration
recon
osint
osint-reconnaissance
network-security
owasp
maltego

Related Tools

v2ray-core icon

v2ray-core

v2fly/v2ray-core

Tool

A platform for building proxies to bypass network restrictions.

31.2K
10 months ago
sniffnet icon

sniffnet

GyulyVGC/sniffnet

Tool

Comfortably monitor your Internet traffic 🕵️‍♂️

30.7K
6 months ago
algo icon

algo

trailofbits/algo

Script

Set up a personal VPN in the cloud

30.2K
3 months ago
setup-ipsec-vpn icon

setup-ipsec-vpn

hwdsl2/setup-ipsec-vpn

Script

Scripts to build your own IPsec VPN server, with IPsec/L2TP, Cisco IPsec and IKEv2

26.6K
8 months ago
cilium icon

cilium

cilium/cilium

Tool

eBPF-based Networking, Security, and Observability

23.3K
3 months ago
netbird icon

netbird

netbirdio/netbird

Tool

Connect your devices into a secure WireGuard®-based overlay network with SSO, MFA and granular access controls.

21.0K
3 months ago