amass
Network scanner
An information gathering and reconnaissance tool used to map attack surfaces and discover external assets on networks.
In-depth attack surface mapping and asset discovery
12k stars
218 watching
2k forks
Language: Go
last commit: about 1 month ago
Linked from 6 awesome lists
attack-surfacesdnsenumerationgogolanginformation-gatheringmaltegonetwork-securityosintosint-reconnaissanceowaspreconsubdomain
enaqx/awesome-pentest
carpedm20/awesome-hacking
infoslack/awesome-web-hacking
vavkamil/awesome-bugbounty-tools
coreb1t/awesome-pentest-cheat-sheets
bytesnipers/awesome-pentest-cheat-sheetsRelated projects:
| Repository | Description | Stars |
|---|---|---|
 owasp/nettacker | Automated tool for identifying vulnerabilities and gathering information about network services and systems. | 3,700 |
 evyatarmeged/raccoon | A high-performance tool for reconnaissance and vulnerability scanning of web applications and networks | 3,105 |
| owasp/cheatsheetseries | Provides concise security guidance for web application developers | 28,396 |
 opennhp/opennhp | A Zero Trust protocol that leverages resource-hiding and encryption to safeguard servers and data from attackers | 13,520 |
 1n3/blackwidow | A Python-based web application scanner that gathers OSINT and fuzz data to identify OWASP vulnerabilities on target websites. | 1,545 |
 coreruleset/coreruleset | A comprehensive set of rules to detect and prevent web application attacks | 2,330 |
 odedshimon/bruteshark | An open-source tool that performs in-depth analysis of network traffic to identify vulnerabilities and weaknesses | 3,042 |
| owasp/joomscan | Automated vulnerability scanner for Joomla CMS deployments to identify potential security issues. | 1,088 |
| owasp/wrongsecrets | An interactive platform to educate developers on secure secrets management through real-world examples and challenges. | 1,246 |
 baidu/openrasp | An inline protection solution for web applications that monitors and blocks malicious requests at the application level. | 2,807 |
 webpwnized/mutillidae | An intentionally vulnerable web application designed to aid in learning and practicing web security skills | 1,282 |
| 1n3/sn1per | An attack surface management platform that automates the discovery of hidden assets and vulnerabilities in computer environments. | 8,190 |
 superhedgy/attacksurfacemapper | Automates reconnaissance to identify potential attack surfaces of a target network | 1,324 |
 anirudhbiyani/findmytakeover | Detects DNS record misconfigurations that could be exploited by attackers | 135 |
| owasp/owasp-mastg | A comprehensive guide to mobile app security testing and reverse engineering | 11,816 |