REFERENCES.md

References

Did you write a blog post, magazine article or do a podcast about or mentioning OWASP Amass? Add it to this file and open a PR! The same goes for conference or meetup talks, workshops or trainings you did where this project was mentioned or used!

Web Links

Pod- & Webcasts

• Paul's Security Weekly:
  • Enterprise Security Weekly #219: Attack Surface Management, Monitoring, & Mapping - Jeff Foley
  • Episode 564: Technical Segment - Bug Bounty Hunting
• Hacking Simplified:
  • Amass Setup and Tutorial
• Josh Amishav-Zlatin's Channel:
  • Advanced Passive Recon with the Amass Scripting Engine
  • Domain and Network Recon using Amass - Mapping the Attack Surface
• Musab Khan's Channel:
  • OWASP Amass - In-depth Asset Discovery tool
• Nahamsec's Streams:
  • 04/26/2020 - Mayonaise Talks About His Recon Workflow, How to Learn Different Topics, and How to Bug Bounty!
  • 09/08/2019 - Live Bug Bounty Recon Session on Yahoo (censys, altdns, amass) w/ @infosec_au
  • 09/01/2019 - Live Bug Bounty Recon Session on Yahoo (Amass, crts.sh, dirsearch) w/ @TheDawgyg
• The Hackers Arsenal:
  • 04/24/2020 - AMASS: Automated SubDomain Enumeration and Reconnaissance (Full walk-though)
• Jason Haddix's Recon Streams:
  • Stream #2: ASNs, Xmind, Amass Intel, SSLscrape, ASNLookup ++
  • Stream #4: ASNLookup, Github Dorks, Amass, ffuf, Dirsearch, Turbo Intruder
• Ghostlulz's YouTube Channel:
  • Bug Bounty Tips: Amass Recon Tool
• ToolWar's YouTube Channel:
  • Extreme Subdomain Enumeration/Scanning on Windows : OWASP Amass
• Cyber Security & Information Systems - Information Analysis Center:
  • OWASP Amass: Discovering Your Exposure on the Internet
• Hackdoor India's YouTube Channel:
  • Amass Installation and Usage - Bug Bounty

Blogs & Articles

• Blog post on SecurityTrail's Blog:
  • What is DNS Intelligence?
  • What is OWASP? Top 10 Web Application Security Risks
  • OWASP Amass: A Solid Information Gathering Tool
  • Top Linux Distros for Ethical Hacking and Penetration Testing
  • 5 Subdomain Takeover #ProTips
  • Where You’ll Find Us: An Overview of SecurityTrails Integrations
  • Top 7 Subdomain Scanner Tools: Find Subdomains in Seconds
• Blog post on WhoisXML API's Blog:
  • OWASP Amass and WhoisXML API Are Now Integration Partners
• Blog post on Intigriti's Blog:
  • Hacker tools: Amass – Hunting for Subdomains
• Article on ThreadFix:
  • Applied ThreadFix: Seeding Your Application Portfolio with OWASP Amass
• Blog post on Luke Stephens' (@hakluke):
  • Hakluke’s Guide to Amass — How to Use Amass More Effectively for Bug Bounties
• Blog post on WW Tech Blog:
  • Reducing Our Attack Surface with AppSec Platform
• Blog post on HackerOne's Blog:
  • 100 Hacking Tools and Resources
• Blog post on Synk's Blog:
  • Mitigating clickJacking—the DevSecOps way!
• Blog post on Syed Abuthahir's Blog:
  • How was I able to download customer data dump
• Blog post on ncpd's Blog:
  • Subdomain enumeration made easy
• Blog post on Gökhan Güzelkokar's Blog:
  • Bug bounty resources & advices
• Blog post on xploitprotocol's Blog:
  • How to approach a target|bug bounty tips
• Blog post on TrustedSec's Blog:
  • Upgrade Your Workflow, Part 1: Building OSINT Checklists by Hans Lakhan
• Forum post on SANS Internet Storm Center InfoSec Forums:
  • Offensive Tools Are For Blue Teams Too by Xavier Mertens
• Tutorial on Dionach's Blog:
  • How to Use OWASP Amass: An Extensive Tutorial by Nick Gkogkos
• Blog post on epi052's Blog:
  • How to Build an Automated Recon Pipeline with Python and Luigi - Part IV (Subdomain Enumeration)
• Blog post on Aditya Soni's Blog:
  • Bug Bounty with Bash
• Blog post on Anshuman Pattnaik's Blog:
  • 10 Recon Tools For Bug Bounty
• Blog post on Hahwul's Blog:
  • Find Subdomain Takeover with Amass + SubJack
• Blog post on Felipe Caon's Blog:
  • Recon done right
• Article on Hacker Toolbelt:
  • OWASP Amass OSINT Reconnaissance by Miguel Sampaio da Veiga
• Blog post on Capt. Meelo's Blog:
  • Asset Enumeration: Expanding a Target's Attack Surface
• Blog post on FireEye's Threat Research Blog:
  • Commando VM 2.0: Customization, Containers, and Kali, Oh My! by Jacob Barteaux, Blaine Stancill, Nhan Huynh
• Article on Dark Reading Application Security:
  • 8 Free Tools to Be Showcased at Black Hat and DEF CON by Ericka Checkowski
• Tutorial on Daniel Miessler's Tutorials:
  • amass — Automated Attack Surface Mapping
• Blog post on Agent_Maximus' Blog:
  • Passive intelligence gathering techniques: uncover domains, subdomains & IP addresses
• Blog posts on Patrik Hudak's Blog:
  • Subdomain Enumeration: 2019 Workflow
  • Subdomain Takeover: Finding Candidates
  • Asset Discovery: Doing Reconnaissance the Hard Way
  • Project Sonar: An Underrated Source of Internet-wide Data
• Blog post on vishnuraj's Blog:
  • REMOTE CODE EXECUTION ! 😜 Recon Wins
• Blog post on Tutorgeeks' Blog:
  • Security assessment on staging domains
• Blog post on Habr's Digital Security Blog:
  • Web tools, or where to start a pentester?
• Blog post on Digital Shadow's Blog:
  • Cyber Talent Gap: How to Do More With Less
• Blog post on Noobhax's Blog:
  • My Recon Process — DNS Enumeration
• Article on Week in OSINT:
  • Week in OSINT #2019–16: From OSINT for pentesting, to OCR and OWASP
  • Week in OSINT #2019–11: This time a collection of mostly tools and sites
• Blog post on Alex Flor's Blog:
  • Stop Using Python for Subdomain Enumeration
• Article on 0x00SEC:
  • My Personal OSINT Techniques, Part 1 of 2: Key & Layer, Contingency Seeding by maderas
• Article on Yeah Hub:
  • Subdomain Enumeration Tools – 2019 Update
• Blog post on Jonathan Bouman's Blog:
  • Leaked Salesforce API access token at IDEA.com
• Blog post on Drafting my Thoughts:
  • Initial Reconaissance for Bug-Bounty
• Blog post on Shankar R's Blog:
  • Bug Hunting Methodology (part-1)
• Blog post on bit3code's Blog:
  • 100 ways to discover (part 1)
• Blog post on Appsecco's Blog:
  • A penetration tester’s guide to subdomain enumeration
• Blog post on Frans Hendrik Botes' Blog:
  • Abusing access control on a large online e-commerce site to register as supplier
• Article on Pentester Land - Offensive InfoSec:
  • Subdomains Enumeration Cheat Sheet
• Article on miloserdov.org:
  • Search subdomains and build graphs of network structure with Amass
• Blog post on Sahil Ahamad's Blog:
  • Getting started in Bug Bounty
• Article on H1RD:
  • Amass, the best application to search for subdomains
• Blog post on Enciphers Blog:
  • Doing Recon the Correct Way
• Blog post on Sjoerd Langkemper's - Web application security:
  • Discovering subdomains
• Blog post on Adam Toscher's Blog: Top Five Ways the Red Team breached the External Perimeter

Lectures and Trainings

• OWASP Amass Boot Camp Training by Jeff Foley, DEF CON 28 Red Team Village, 07.08.2020
• OWASP Portland Training Day:
  • OWASP Amass: Discovering Your Exposure on the Internet
• Blackhat Trainings:
  • Black Hat Training, Making the Cloud Rain Shells!: Discovery and Recon

Summits & Open Source Events

• OWASP Amass Boot Camp by Jeff Foley, GrayHat 2020, 30.10.2020
• OWASP Amass Boot Camp by Jeff Foley, Cyber June'Gle Virtual Summit, 28.06.2020
• Lightning Talk at OWASP Sendai Day 2020 by Akitsugu Ito, on OWASP Amass, 08.02.2020

Conference and Meetup Appearances

2020

• Organizational Asset Discovery & Recon with OWASP Amass by Nick Gkogkos, BSides København 2020, 19.09.2020
• How to Use Amass Efficiently by Jeff Foley, NahamCom 2020, 14.06.2020
• The Bug Hunter's Methodology v4.0 - Recon Edition by Jason Haddix, NahamCom 2020, 14.06.2020 (Slides)

2019

• Red Team Methodology - A Naked Look, by Jason Lang, DerbyCon 2019, 07.09.2019 YouTube Slides
• OWASP Amass by Jeff Foley and Anthony Rhodes, DEF CON 27 Demo Labs 09.08.2019
• Advanced Recon with OWASP Amass by Jeff Foley and Anthony Rhodes, DEF CON 27 Recon Village, 09.08.2019
• Asset Discovery Making Sense of the Ocean of OSINT by Richard Gold, DEF CON 27 Recon Village, 09.08.2019
• Let's get technical and hunt harder! by Bugcrowd Discussion Panel, DEF CON 27 Recon Village, 09.08.2019
• OWASP Amass - Discovering Internet Exposure by Jeff Foley and Anthony Rhodes, Bugcrowd LevelUp 0x04, 11.06.2019
• OWASP Amass Beyond Subdomain Enumeration by Jeff Foley and Anthony Rhodes, BSidesROC 2019, 23.03.2019
• Pose a Threat: How Perceptual Analysis Helps Bug Hunters by Rob Ragan and Oscar Salazar, AppSec California 2019, 24.01.2019 YouTube Slides

2018

• Project Showcase: Amass by Jeff Foley, OWASP AppSec USA 2018, 12.10.2018
• The OWASP Amass Project: DNS Enumeration written in Go, by Jeff Foley, OWASP London Chapter, 29.09.2018
• The Bug Hunter's Methodology v3 by Jason Haddix, Bugcrowd LevelUp 0x02, 28.05.2018 (Slides)