Advanced Recon with OWASP Amass

Today, organizations deal with the challenge of running their infrastructure across many networks and namespaces due to the use of cloud and hosting services, legacy environments and acquisitions. This can make it difficult for an organization to maintain visibility of its Internet-facing assets and an ability to track down systems that pose a risk to its security posture. The OWASP Amass Project gives its users visibility into their target infrastructure through in-depth subdomain enumeration, using techniques such as scraping data sources, recursive brute forcing, crawling web archives, permuting/altering names, and reverse DNS sweeping. Everything is stored in a graph database that can be queried to perform analytics during or after each enumeration. 

 The OWASP Amass tool is simple to start using, yet has many options and ways to leverage the graph database. This talk will dive deeper into those more advanced features to help users take full advantage of Amass and paint the clearest picture possible of target organizations on the Internet.