OWASP Amass

The OWASP Amass Project: Network Mapping and Asset Discovery

The OWASP Amass Project conducts network mapping of attack surfaces and identifies external assets through the use of open-source information gathering and active reconnaissance techniques. Information Gathering Techniques Used: Technique | Data Sources --- | --- APIs | 360PassiveDNS, Ahrefs, AnubisDB, BeVigil, BinaryEdge, BufferOver, BuiltWith, C99, Chaos, CIRCL, DNSDB, DNSRepo, Deepinfo, Detectify, FOFA, FullHunt, GitHub, GitLab, GrepApp, Greynoise, HackerTarget, Hunter, IntelX, LeakIX, Maltiverse, Mnemonic, Netlas, Pastebin, PassiveTotal, PentestTools, Pulsedive, Quake, SOCRadar, Searchcode, Shodan, Spamhaus, Sublist3rAPI, SubdomainCenter, ThreatBook, ThreatMiner, URLScan, VirusTotal, Yandex, ZETAlytics, ZoomEye Certificates | Active pulls (optional), Censys, CertCentral, CertSpotter, Crtsh, Digitorus, FacebookCT DNS | Brute forcing, Reverse DNS sweeping, NSEC zone walking, Zone transfers, FQDN alterations/permutations, FQDN Similarity-based Guessing Routing | ASNLookup, BGPTools, BGPView, BigDataCloud, IPdata, IPinfo, RADb, Robtex, ShadowServer, TeamCymru Scraping | AbuseIPDB, Ask, Baidu, Bing, CSP Header, DNSDumpster, DNSHistory, DNSSpy, DuckDuckGo, Gists, Google, HackerOne, HyperStat, PKey, RapidDNS

The OWASP Amass Project: Network Mapping and Asset Discovery

Other AI Tools

RTFSig

Reversing With Lena (Tutorials)

Rootkit Hunter

ROPgadget Tool

Ropper

Sabotage: Code added to popular NPM package wiped files in Russia and Belarus

readpe

Red Team Planning Document

Red Teaming for Pacific Rim CCDC 2016

Recursebuster

Recon-ng Framework

racepwn