Upgrade to Pro — share decks privately, control downloads, hide ads and more …

LT - OWASP AMASS

Akitsugu Ito
February 09, 2020
Technology
0
230

LT - OWASP AMASS

I presented about OWASP AMASS at OWASP Sendai Day 2020 as Lightning Talks.

Akitsugu Ito

February 09, 2020
Tweet

More Decks by Akitsugu Ito

See All by Akitsugu Ito
OWASP SAMM Ver.2 Introduction JP
springmoon6
0
2.5k
OWASP SAMM Ver.2 Introduction EN
springmoon6
0
540
What’s Security Engineering Manager?
springmoon6
1
960
PSIRT Service Framework のご紹介
springmoon6
0
1k
セキュリティキャンプ 2018 企業プレゼン
springmoon6
0
480

Other Decks in Technology

See All in Technology
OPENLOGI Company Profile
hr01
0
57k
OPENLOGI Company Profile for engineer
hr01
1
17k
[JAWS-UG新潟#20] re:Invent2024 -CloudOperationsアップデートについて-
shintaro_fukatsu
0
140
PHP ユーザのための OpenTelemetry 入門 / phpcon2024-opentelemetry
shin1x1
3
1.6k
20241125 - AI 繪圖實戰魔法工作坊 @ 實踐大學
dpys
1
370
型情報を用いたLintでコード品質を向上させる
sansantech
PRO
2
180
【令和最新版】ロボットシミュレータ Genesis x ROS 2で始める快適AIロボット開発
hakuturu583
2
1.2k
ZOZOTOWN の推薦における KPI モニタリング/KPI monitoring for ZOZOTOWN recommendations
rayuron
1
230
サービスでLLMを採用したばっかりに振り回され続けたこの一年のあれやこれや
segavvy
2
680
TSKaigi 2024 の登壇から広がったコミュニティ活動について
tsukuha
0
170
20241218_マルチアカウント環境におけるIAM_Access_Analyzerによる権限管理.pdf
nrinetcom
PRO
3
130
なぜCodeceptJSを選んだか
goataka
0
200

Featured

See All Featured
CSS Pre-Processors: Stylus, Less & Sass
bermonpainter
356
29k
Design and Strategy: How to Deal with People Who Don’t "Get" Design
morganepeng
127
18k
Why You Should Never Use an ORM
jnunemaker
PRO
54
9.1k
Sharpening the Axe: The Primacy of Toolmaking
bcantrill
38
1.9k
The Cost Of JavaScript in 2023
addyosmani
46
7k
I Don’t Have Time: Getting Over the Fear to Launch Your Podcast
jcasabona
29
2k
Imperfection Machines: The Place of Print at Facebook
scottboms
266
13k
YesSQL, Process and Tooling at Scale
rocio
170
14k
The Success of Rails: Ensuring Growth for the Next 100 Years
eileencodes
44
6.9k
Learning to Love Humans: Emotional Interface Design
aarron
274
40k
The Invisible Side of Design
smashingmag
299
50k
How to Create Impact in a Changing Tech Landscape [PerfNow 2023]
tammyeverts
49
2.2k

Transcript

  1. OWASP AMASS Akitsugu Ito(@springmoon6)

  2. None

  3. Requirement Design Develop Testing Implement Operation ① Requirement OWASP Top

    10 Project ② Design Development OWASP Cheat Sheet Series OWASP Application Security Verification Standard (ASVS) OWASP Security Shepherd OWASP Security Knowledge Framework ③ Testing OWASP Zed Attack Proxy OWASP Juice Shop OWASP Web Security Testing Guide OWASP Mobile Security Testing Guide ④ Implement Operation OWASP ModSecurity Core Rule Set OWASP APPSensor OWASP CSRFGuard OWASP Dependency Check OWASP Dependency Track

  4. Requirement Design Develop Testing Implement Operation ① Requirement OWASP Top

    10 Project ② Design Development OWASP Cheat Sheet Series OWASP Application Security Verification Standard (ASVS) OWASP Security Shepherd OWASP Security Knowledge Framework ③ Testing OWASP Zed Attack Proxy OWASP Juice Shop OWASP Web Security Testing Guide OWASP Mobile Security Testing Guide ④ Implement Operation OWASP ModSecurity Core Rule Set OWASP APPSensor OWASP CSRFGuard OWASP Dependency Check OWASP Amass OWASP Dependency Track

  5. What is Amass? • In-depth DNS Enumeration, Attack Surface Mapping

    and External Asset Discovery. • DNS enumeration and network mapping to aid in understanding an organization’s attack surface on the Internet https://owasp.org/www-project-amass/

  6. How to install • Docker • Security OS

  7. Results

  8. Visualization https://github.com/OWASP/Amass/blob/master/doc/user_guide.md