OWASP Amass: Discovering Your Exposure on the Internet


Presented: April 15, 2019 11:00 am
Presented by:

The Open Web Application Security Project (OWASP) Amass project was originally created when the project lead was showing organizations what they look like on the Internet. During this process, he noticed that the tools available were returning incomplete results relative to what could be discovered manually. With the identification of this gap in capabilities for security experts, the Amass project was born. The OWASP Amass project is focused on DNS enumeration and automated network infrastructure mapping techniques. This presentation will discuss a variety of the techniques utilized by Amass. The information collected during an enumeration is stored into a graph database and can be used to build a network map of an organization’s presence on the Internet. When the enumeration is complete, an Amass tool is capable of converting the results into several different formats accepted by popular network graph visualization engines. This aids analysts and infosec experts attempting to quickly identify network layout and external networks being utilized by the target organization. The presentation will discuss why it is important to know this information and how it can be utilized to proactively improve the defensive cybersecurity posture of your organization.

Computer Icon

Host a Webinar with CSIAC

Are you interested in delivering a webinar presentation on your DoD research and engineering efforts?

Want to find out more about this topic?

Request a FREE Technical Inquiry!