OWASP Amass Tutorial – Information gathering tool

OWASP Amass is an open-source network mapping and external attack surface discovery tool provided by the OWASP Foundation. It is designed to help information security professionals perform network mapping of attack surfaces and external asset discovery using open-source information gathering and active reconnaissance techniques.

OWASP Amass Tutorial

Table of Contents

Key Features of Amass

The Amass tool offers a wide range of features to enhance the capabilities of cybersecurity practitioners:

  • DNS enumeration including reverse DNS and subdomain scraping.
  • Detection of non-standard ports through network scans.
  • Visualizations of enumeration results with graphs.
  • Sophisticated tracking of data sources and validation of findings.
  • Integration with popular data sources and data API services for comprehensive analysis.

OWASP Amass Installation Steps

To install Amass, follow these steps tailored to different operating systems:


sudo apt-get install amass

Arch Linux

sudo pacman -S amass


docker pull caffix/amass

From Source

go get -v github.com/OWASP/Amass/v3/...

Note: Ensure you have GoLang installed on your system for installation from source.

Usage of Commands

Amass has multiple commands for different operational modes, including:

  • amass enum: This command is the primary enumeration tool.
  • amass intel: Used for pre-attack intelligence gathering and reconnaissance work.
  • amass viz: Visualize enumeration results with a graphical representation.
  • amass track: Keeps track of changes on the configured domains over a period of time.
  • amass db: Interacts with the Amass database files to access gathered information.

Command Examples

Enumerating Subdomains

amass enum -d example.com

Collecting Network Addresses

amass intel -d example.com -whois

Visualizing Results

amass viz -d3 -o output.html -d example.com

Each command can be combined with multiple flags for tailored results specific to your needs. For a full list of commands and options, refer to the official Amass documentation.


Conclusive Summary

In this amass tutorial, we have covered key features, installation steps, and detailed usage of commands with examples. Amass is a powerful tool for security professionals aiming to map out and understand an organization’s external attack surface. Knowing how to effectively use Amass can greatly enhance your network reconnaissance capabilities.