Skip to content

Amass

Amass is a powerful OSINT tool designed for advanced network mapping and reconnaissance. It is widely used by penetration testers and security researchers for discovering attack surfaces and mapping the external network infrastructure of organizations.

Features

  • Enumerates subdomains using passive and active reconnaissance techniques.
  • Maps attack surfaces, visualizes relationships, and provides a detailed understanding of external assets.
  • Supports integrations with APIs like VirusTotal, Shodan, and Censys.
  • Outputs results in a variety of formats including JSON and Graphviz.

Installation

To install Amass in Kali Linux, use the following command:

apt update && apt -y install amass

Output

Below is an example of using Amass to enumerate subdomains for the domain example.com:

root@kali:~# amass enum -d example.com

             .:      OWASP Amass v3.17.2      :.
===============================================
OWASP Amass Enumeration Mode

[+] Enumerating subdomains for example.com
api.example.com
blog.example.com
dev.example.com
shop.example.com
mail.example.com
support.example.com

===============================================
Amass enumeration complete.
Discovered 6 subdomains.