OWASP Amass Logo

OWASP Amass

0
Free
Visit Website

The OWASP Amass Project performs network mapping of attack surfaces and external asset discovery using open source information gathering and active reconnaissance techniques. Information Gathering Techniques Used: Technique Data Sources APIs 360PassiveDNS, Ahrefs, AnubisDB, BeVigil, BinaryEdge, BufferOver, BuiltWith, C99, Chaos, CIRCL, DNSDB, DNSRepo, Deepinfo, Detectify, FOFA, FullHunt, GitHub, GitLab, GrepApp, Greynoise, HackerTarget, Hunter, IntelX, LeakIX, Maltiverse, Mnemonic, Netlas, Pastebin, PassiveTotal, PentestTools, Pulsedive, Quake, SOCRadar, Searchcode, Shodan, Spamhaus, Sublist3rAPI, SubdomainCenter, ThreatBook, ThreatMiner, URLScan, VirusTotal, Yandex, ZETAlytics, ZoomEye Certificates Active pulls (optional), Censys, CertCentral, CertSpotter, Crtsh, Digitorus, FacebookCT DNS Brute forcing, Reverse DNS sweeping, NSEC zone walking, Zone transfers, FQDN alterations/permutations, FQDN Similarity-based Guessing Routing ASNLookup, BGPTools, BGPView, BigDataCloud, IPdata, IPinfo, RADb, Robtex, ShadowServer, TeamCymru Scraping AbuseIPDB, Ask, Baidu, Bing, CSP Header, DNSDumpster, DNSHistory, DNSSpy, DuckDuckGo, Gists, Google, HackerOne, HyperStat, PKey, RapidDNS

FEATURES

ALTERNATIVES

TikiTorch offers advanced process injection capabilities to execute code stealthily in another process's space.

Cyber security platform for automating adversary emulation, red-team assistance, and incident response, built on the MITRE ATT&CK™ framework.

Self-hosted Fuzzing-As-A-Service platform for continuous developer-driven fuzzing.

Ebowla is a tool for generating payloads in Python, GO, and PowerShell with support for Reflective DLLs.

A CVE compliant archive of public exploits and corresponding vulnerable software, and a categorized index of Internet search engine queries designed to uncover sensitive information.

A web application security testing platform that combines manual and automated testing tools for conducting comprehensive security assessments and penetration testing.

A customized Kali Linux distribution for ICS/SCADA pentesting professionals

GNU/Linux Wireless distribution for security testing with XFCE desktop environment.