Upgrade to Pro — share decks privately, control downloads, hide ads and more …

LT - OWASP AMASS

Akitsugu Ito
February 09, 2020
Technology
0
230

LT - OWASP AMASS

I presented about OWASP AMASS at OWASP Sendai Day 2020 as Lightning Talks.

Akitsugu Ito

February 09, 2020
Tweet

More Decks by Akitsugu Ito

See All by Akitsugu Ito
OWASP SAMM Ver.2 Introduction JP
springmoon6
0
2.5k
OWASP SAMM Ver.2 Introduction EN
springmoon6
0
530
What’s Security Engineering Manager?
springmoon6
1
950
PSIRT Service Framework のご紹介
springmoon6
0
970
セキュリティキャンプ 2018 企業プレゼン
springmoon6
0
480

Other Decks in Technology

See All in Technology
『Firebase Dynamic Links終了に備える』 FlutterアプリでのAdjust導入とDeeplink最適化
techiro
0
130
【Startup CTO of the Year 2024 / Audience Award】アセンド取締役CTO 丹羽健
niwatakeru
0
1.3k
Lambda10周年!Lambdaは何をもたらしたか
smt7174
2
110
マルチプロダクトな開発組織で 「開発生産性」に向き合うために試みたこと / Improving Multi-Product Dev Productivity
sugamasao
1
310
エンジニア人生の拡張性を高める 「探索型キャリア設計」の提案
tenshoku_draft
1
130
AWS Lambdaと歩んだ“サーバーレス”と今後 #lambda_10years
yoshidashingo
1
180
100 名超が参加した日経グループ横断の競技型 AWS 学習イベント「Nikkei Group AWS GameDay」の紹介/mediajaws202411
nikkei_engineer_recruiting
1
170
[CV勉強会@関東 ECCV2024 読み会] オンラインマッピング x トラッキング MapTracker: Tracking with Strided Memory Fusion for Consistent Vector HD Mapping (Chen+, ECCV24)
abemii
0
230
Why App Signing Matters for Your Android Apps - Android Bangkok Conference 2024
akexorcist
0
130
テストコード品質を高めるためにMutation Testingライブラリ・Strykerを実戦導入してみた話
ysknsid25
7
2.7k
EventHub Startup CTO of the year 2024 ピッチ資料
eventhub
0
120
Incident Response Practices: Waroom's Features and Future Challenges
rrreeeyyy
0
160

Featured

See All Featured
Navigating Team Friction
lara
183
14k
Designing for humans not robots
tammielis
250
25k
The Language of Interfaces
destraynor
154
24k
We Have a Design System, Now What?
morganepeng
50
7.2k
Sharpening the Axe: The Primacy of Toolmaking
bcantrill
38
1.8k
[RailsConf 2023 Opening Keynote] The Magic of Rails
eileencodes
28
9.1k
How To Stay Up To Date on Web Technology
chriscoyier
788
250k
Responsive Adventures: Dirty Tricks From The Dark Corners of Front-End
smashingmag
250
21k
Git: the NoSQL Database
bkeepers
PRO
427
64k
Optimising Largest Contentful Paint
csswizardry
33
2.9k
Product Roadmaps are Hard
iamctodd
PRO
49
11k
Designing Dashboards & Data Visualisations in Web Apps
destraynor
229
52k

Transcript

  1. OWASP AMASS Akitsugu Ito(@springmoon6)

  2. None

  3. Requirement Design Develop Testing Implement Operation ① Requirement OWASP Top

    10 Project ② Design Development OWASP Cheat Sheet Series OWASP Application Security Verification Standard (ASVS) OWASP Security Shepherd OWASP Security Knowledge Framework ③ Testing OWASP Zed Attack Proxy OWASP Juice Shop OWASP Web Security Testing Guide OWASP Mobile Security Testing Guide ④ Implement Operation OWASP ModSecurity Core Rule Set OWASP APPSensor OWASP CSRFGuard OWASP Dependency Check OWASP Dependency Track

  4. Requirement Design Develop Testing Implement Operation ① Requirement OWASP Top

    10 Project ② Design Development OWASP Cheat Sheet Series OWASP Application Security Verification Standard (ASVS) OWASP Security Shepherd OWASP Security Knowledge Framework ③ Testing OWASP Zed Attack Proxy OWASP Juice Shop OWASP Web Security Testing Guide OWASP Mobile Security Testing Guide ④ Implement Operation OWASP ModSecurity Core Rule Set OWASP APPSensor OWASP CSRFGuard OWASP Dependency Check OWASP Amass OWASP Dependency Track

  5. What is Amass? • In-depth DNS Enumeration, Attack Surface Mapping

    and External Asset Discovery. • DNS enumeration and network mapping to aid in understanding an organization’s attack surface on the Internet https://owasp.org/www-project-amass/

  6. How to install • Docker • Security OS

  7. Results

  8. Visualization https://github.com/OWASP/Amass/blob/master/doc/user_guide.md