https://github.com/owasp-amass/amass
In-depth attack surface mapping and asset discovery
https://github.com/owasp-amass/amass
attack-surfaces dns enumeration go golang information-gathering maltego network-security osint osint-reconnaissance owasp recon subdomain
Last synced: 2 days ago
JSON representation
In-depth attack surface mapping and asset discovery
- Host: GitHub
- URL: https://github.com/owasp-amass/amass
- Owner: owasp-amass
- License: other
- Created: 2018-07-10T16:05:08.000Z (over 7 years ago)
- Default Branch: main
- Last Pushed: 2025-07-21T06:07:10.000Z (5 months ago)
- Last Synced: 2025-08-01T00:25:58.759Z (5 months ago)
- Topics: attack-surfaces, dns, enumeration, go, golang, information-gathering, maltego, network-security, osint, osint-reconnaissance, owasp, recon, subdomain
- Language: Go
- Homepage: https://owasp.org/www-project-amass/
- Size: 366 MB
- Stars: 13,309
- Watchers: 224
- Forks: 2,015
- Open Issues: 207
-
Metadata Files:
- Readme: README.md
- Contributing: CONTRIBUTING.md
- Funding: .github/FUNDING.yml
- License: LICENSE
Awesome Lists containing this project
- awesome-hacking-tools - Amass - A subdomain enumeration utility (Asset Discovery / Domain / Subdomain Discovery)
- cybersources - Amass
- awesome - owasp-amass/amass - In-depth attack surface mapping and asset discovery (Go)
- awesome-ctf-cheatsheet - **Amass**
- awesome-rainmana - owasp-amass/amass - In-depth attack surface mapping and asset discovery (Go)
- awesome-osint - Amass - The amass tool searches Internet data sources, performs brute force subdomain enumeration, searches web archives, and uses machine learning to generate additional subdomain name guesses. DNS name resolution is performed across many public servers so the authoritative server will see the traffic coming from different locations. Written in Go. ([β](#-table-of-contents) DNS / [β](#-table-of-contents) GitHub)
- awesomeness - owasp-amass/amass - In-depth attack surface mapping and asset discovery (π Security / βΈοΈ Kubernetes)
- awesome-cybersecurity - Amass - depth DNS enumeration and network mapping. (Security Tools)
README
# [ OWASP Amass Project](https://owasp.org/www-project-amass/)
[](https://owasp.org/projects/#sec-flagships)
[](https://github.com/owasp-amass/amass/releases/latest)
[](https://goreportcard.com/report/github.com/owasp-amass/amass)
[](https://www.codefactor.io/repository/github/owasp-amass/amass)
[](https://twitter.com/owaspamass)
[](https://discord.gg/ANTyEDUXt5)
The OWASP Amass Project performs network mapping of attack surfaces and external asset discovery using open source information gathering and active reconnaissance techniques.
## Installation [](https://golang.org/dl/) [](https://hub.docker.com/r/owaspamass/amass) [](https://github.com/owasp-amass/amass/releases/latest)
> You can find additional installation instructions and documentation in the [Amass Docs](https://owasp-amass.github.io/docs) repo.
## Corporate Supporters
[](https://www.whoisxmlapi.com/)
## Contributing [](./CONTRIBUTING.md) [](https://discord.gg/ANTyEDUXt5)
We are always happy to get new contributors on board! Please check [CONTRIBUTING.md](CONTRIBUTING.md) to learn how to
contribute to our codebase, and join our [Discord Server](https://discord.gg/ANTyEDUXt5) to discuss current project goals.
## Troubleshooting  [](https://codecov.io/gh/owasp-amass/amass) [](https://discord.gg/ANTyEDUXt5)
If you need help with installation and/or usage of the tool, please join our [Discord server](https://discord.gg/ANTyEDUXt5) where community members can best help you.
:stop_sign: **Please avoid opening GitHub issues for support requests or questions!**
## Licensing [](https://www.apache.org/licenses/LICENSE-2.0)
This program is free software: you can redistribute it and/or modify it under the terms of the [Apache license](LICENSE). OWASP Amass and any contributions are Copyright Β© by Jeff Foley 2017-2025. Some subcomponents have separate licenses.
