amass
Network scanner
An information gathering and reconnaissance tool used to map attack surfaces and discover external assets on networks.
In-depth attack surface mapping and asset discovery
12k stars
217 watching
2k forks
Language: Go
last commit: 3 days ago
Linked from 6 awesome lists
attack-surfacesdnsenumerationgogolanginformation-gatheringmaltegonetwork-securityosintosint-reconnaissanceowaspreconsubdomain
enaqx/awesome-pentest
carpedm20/awesome-hacking
infoslack/awesome-web-hacking
vavkamil/awesome-bugbounty-tools
coreb1t/awesome-pentest-cheat-sheets
bytesnipers/awesome-pentest-cheat-sheetsRelated projects:
| Repository | Description | Stars |
|---|---|---|
 owasp/nettacker | Automated tool for identifying vulnerabilities and gathering information about network services and systems. | 3,643 |
 evyatarmeged/raccoon | A high-performance tool for reconnaissance and vulnerability scanning of web applications and networks | 3,094 |
| owasp/cheatsheetseries | Provides concise security guidance for web application developers | 28,233 |
 opennhp/opennhp | A Zero Trust networking protocol to hide servers and data from attackers by utilizing cryptography at the OSI 5th layer. | 13,519 |
 1n3/blackwidow | A Python-based web application scanner that gathers OSINT and fuzz data to identify OWASP vulnerabilities on target websites. | 1,536 |
 coreruleset/coreruleset | A set of generic attack detection rules for web application firewalls to protect against common attacks. | 2,313 |
 odedshimon/bruteshark | A Network Forensic Analysis Tool designed to analyze and extract information from network traffic. | 3,032 |
| owasp/joomscan | Automated vulnerability scanner for Joomla CMS deployments to identify potential security issues. | 1,079 |
| owasp/wrongsecrets | An educational platform demonstrating common mistakes in secrets management and providing tools to help developers identify and mitigate these issues. | 1,236 |
 baidu/openrasp | An inline protection solution for web applications that monitors and blocks malicious requests at the application level. | 2,803 |
 webpwnized/mutillidae | An intentionally vulnerable web application designed to aid in learning and practicing web security skills | 1,270 |
| 1n3/sn1per | Automates vulnerability scanning and discovery across an organization's entire attack surface | 8,155 |
 superhedgy/attacksurfacemapper | Automates reconnaissance to identify potential attack surfaces of a target network | 1,317 |
 anirudhbiyani/findmytakeover | Detects DNS record misconfigurations that could be exploited by attackers | 135 |
| owasp/owasp-mastg | A comprehensive guide to mobile app security testing and reverse engineering | 11,795 |