Versions:
Amass, maintained by The OWASP Foundation, is an open-source penetration-testing tool designed for comprehensive network mapping and external asset discovery, enabling security professionals to visualize the full extent of an organization’s Internet-facing attack surface. By orchestrating dozens of passive data sources—such as certificate transparency logs, DNS archives, public APIs, and threat-intelligence feeds—the application first harvests historical and current references to domains, sub-domains, IP addresses, ASNs, and netblocks; it then transitions to controlled active reconnaissance, executing DNS brute-forcing, zone transfers, intelligent web crawling, and TLS certificate analysis to uncover additional assets that purely passive methods miss. The resulting knowledge base is stored in a local graph database that can be queried interactively or exported as JSON, CSV, or GraphML for ingestion into SIEM, SOAR, GRC, or red-team reporting pipelines. Typical use cases include quarterly attack-surface reviews, pre-merger infrastructure auditing, bug-bounty scoping, cloud-migration footprint validation, and continuous supply-chain monitoring, all of which help organizations close hidden ingress points before adversaries exploit them. The utility is command-line driven and written in Go, making it equally suited for single-operator laptops, headless CI workers, or Kubernetes reconnaissance jobs. Version 4.2.0, the third major release stream since the project’s inception, introduces improved performance for large-scale enumerations, refined API-rate-limit handling, additional data sources, and updated default wordlists, while maintaining compatibility with earlier 3.x configuration files. Amass is available for free on get.nero.com, with downloads provided via trusted Windows package sources (e.g. winget), always delivering the latest version, and supporting batch installation of multiple applications.
Tags: