Home / Security Testing / Offensive Security / OWASP Amass
OWASP Amass

OWASP Amass

Pricing: Free
Write a Review Visit Website
OWASP Amass

What is OWASP Amass

A collection of tips and tricks for container and container orchestration hacking

The OWASP Amass Project: Network Mapping and Asset Discovery

The OWASP Amass Project conducts network mapping of attack surfaces and identifies external assets through the use of open-source information gathering and active reconnaissance techniques. Information Gathering Techniques Used: Technique | Data Sources --- | --- APIs | 360PassiveDNS, Ahrefs, AnubisDB, BeVigil, BinaryEdge, BufferOver, BuiltWith, C99, Chaos, CIRCL, DNSDB, DNSRepo, Deepinfo, Detectify, FOFA, FullHunt, GitHub, GitLab, GrepApp, Greynoise, HackerTarget, Hunter, IntelX, LeakIX, Maltiverse, Mnemonic, Netlas, Pastebin, PassiveTotal, PentestTools, Pulsedive, Quake, SOCRadar, Searchcode, Shodan, Spamhaus, Sublist3rAPI, SubdomainCenter, ThreatBook, ThreatMiner, URLScan, VirusTotal, Yandex, ZETAlytics, ZoomEye Certificates | Active pulls (optional), Censys, CertCentral, CertSpotter, Crtsh, Digitorus, FacebookCT DNS | Brute forcing, Reverse DNS sweeping, NSEC zone walking, Zone transfers, FQDN alterations/permutations, FQDN Similarity-based Guessing Routing | ASNLookup, BGPTools, BGPView, BigDataCloud, IPdata, IPinfo, RADb, Robtex, ShadowServer, TeamCymru Scraping | AbuseIPDB, Ask, Baidu, Bing, CSP Header, DNSDumpster, DNSHistory, DNSSpy, DuckDuckGo, Gists, Google, HackerOne, HyperStat, PKey, RapidDNS
 

OWASP Amass Reviews

Write a Review

No reviews yet. Be the first to review this tool!

Write a Review

Share your experience with OWASP Amass tool and help others make informed decisions.

Featured Tools

Specops Software
Free
Password Management

Specops Software View Specops Software

Specops Software empowers organizations to fortify their IT security by addressing the critical vulnerability of password management and authentication. As a premier vendor, Specops Software provides advanced solutions designed to proactively block weak passwords, enforce robust authentication protocols, and ensure compliance with stringent industry standards like CJIS and HITRUST. With deep native integration into Active Directory and on-premises data storage, Specops Software offers unparalleled security and control for sensitive business data.

Active Directory password policy auditing against compliance standards
Breached password detection for over 900 million known compromised passwords
Zero-trust access evaluation and enhancement
Infisical
Free
Password Management

Infisical View Infisical

Infisical is the premier open-source platform designed for unified management of secrets, certificates, and configurations across your entire organization. It seamlessly integrates into your development workflows, CI/CD pipelines, and cloud infrastructure, ensuring secure storage and automated injection of sensitive information. Empower your team with robust features like versioning, point-in-time recovery, comprehensive audit logging, and automated secret rotation for enhanced security and operational efficiency.

Open-source secrets management platform
Unified management of secrets, certificates, and configs
Seamless integration with development workflows and CI/CD
Click Studios
Free
Password Management

Click Studios View Click Studios

Click Studios is an Australian-based Agile software development company dedicated to evolving Passwordstate, their robust Enterprise Password Management solution. Continuously refined through customer insights and cybersecurity advancements, Passwordstate offers advanced features for secure sensitive information management and stringent compliance. Click Studios provides scalable, secure, and user-friendly password management solutions, empowering businesses globally with affordable and reliable access control.

Secure Enterprise Password Management
Continuous Feature Enhancement
Customer Feedback Driven Development

Similar Tools

Metasploit
Free
Offensive Security

Metasploit View Metasploit

Metasploit is the industry-leading open-source penetration testing platform, empowering security professionals to discover, exploit, and validate vulnerabilities with precision and efficiency. Its comprehensive framework provides a robust environment for developing and executing exploit code, managing security assessments, and enhancing defensive strategies through IDS signature development and anti-forensic techniques. Trusted globally, Metasploit accelerates your security testing lifecycle and strengthens your organization's defenses against emerging threats.

Extensive exploit module library
Vulnerability scanning and validation
Payload generation and management
E
Free
Offensive Security

EasyHunting View EasyHunting

A professional platform that simplifies penetration testing by providing a unified dashboard for managing targets, automating scans, integrating diverse tools, and delivering AI-powered insights.

YARI
Free
Offensive Security

YARI

A cheat sheet providing examples of creating reverse shells for penetration testing.

Yara4Pentesters
Free
Offensive Security

Yara4Pentesters

A front-end JavaScript toolkit for creating DNS rebinding attacks

WS-Attacker
Free
Offensive Security

WS-Attacker

A cheat sheet providing examples of creating reverse shells for penetration testing.

XAHICO Platform
Free
Offensive Security

XAHICO Platform

A customized Kali Linux distribution for ICS/SCADA pentesting professionals