Amass
Amass is an open-source tool by OWASP for in-depth attack surface mapping and asset discovery, helping to identify exposed assets and vulnerabilities across web domains.
FEATURES
EXPLORE BY TAGS
SIMILAR TOOLS
A tool that showcases the attack surface of a given Android device, highlighting potential vulnerabilities and security risks.
Nmap is an essential network scanning tool used for network security auditing and status monitoring.
LeakIX is a red-team search engine that indexes mis-configurations and vulnerabilities online.
An AI-powered Google Dorking tool that helps create effective search queries to uncover sensitive information on the internet.
Automate your reconnaissance process with AttackSurfaceMapper, a tool for mapping and analyzing network attack surfaces.
Dnscan is a DNS reconnaissance tool that performs DNS scans, DNS cache snooping, and DNS amplification attack detection.
A search engine for the Internet of Things (IoT) that provides real-time information about connected devices.
Crt.sh is a website that allows users to search for SSL/TLS certificates of a targeted domain, providing transparency into certificate logs.
An OSINT tool that generates username lists for companies on LinkedIn for social engineering attacks or security testing purposes.
PINNED
Proton Pass is a cross-platform password manager that provides encrypted storage, password generation, and security monitoring features with integrated 2FA and dark web monitoring capabilities.
NordVPN is a commercial VPN service that encrypts internet connections and hides IP addresses through a global network of servers, featuring integrated threat protection and multi-device support.
Fractional CISO service that helps B2B companies implement security leadership to win enterprise deals, achieve compliance, and develop strategic security programs.
Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.