OWASP Amass

OWASP Flagship GitHub Release License Docker Images Follow on Twitter Chat on Discord

Our Goal

In-depth attack surface management for everyone!

The OWASP Amass Project has developed a framework to help information security professionals perform network mapping of attack surfaces and external asset discovery using open source intelligence gathering and reconnaissance techniques.

The framework includes a collection engine for asset discovery, an asset database for storage of findings, and the Open Asset Model, used by various tooling to help understand attack surfaces.

If you have any questions about the OWASP Amass Project, please email the project leader Jeff Foley, or contact us on the project’s Discord server (Discord is highly preferred).

Corporate Supporters

ZeroFox Logo IPinfo Logo WhoisXML API Logo

Participation

The Open Web Application Security Project (OWASP) is a nonprofit foundation that works to improve the security of software. All of our projects, tools, documents, forums, and chapters are free and open to anyone interested in improving application security.

How can I participate in the project?

All you have to do is make the Project Leader aware of your available time to contribute to the project. It is also important to let the leader know how you would like to contribute and pitch in to help the project meet its goals and milestones. There are many different ways you can contribute to an OWASP Project, but communication with the leader is key.

If I am not a programmer can I participate in the project?

Yes, you can certainly participate in the project if you are not a programmer. The project needs different skills and expertise at different times during its development. Currently, we are looking for researchers, programmers, testers, writers, and graphic designers.