Reconnaissance with OWASP Amass

The first step on a red team exercise is the Reconnaissance phase. In this course we cover the OWASP Amass tool, which allows you to enumerate domains and find potential attack vectors on your target.
Course info
Rating
(10)
Level
Intermediate
Updated
May 7, 2021
Duration
19m
Table of contents
Description
Course info
Rating
(10)
Level
Intermediate
Updated
May 7, 2021
Duration
19m
Description

One of the most important phases on a red team engagement is the reconnaissance phase. It is at this stage that we try to enumerate as much information as possible from our target so we can plan a proper attack. In this course, Reconnaissance with OWASP Amass, we cover one of the most reliable tools for finding sub domains and IP addresses related to our target. We start by using this tool to perform traditional domain enumeration using passive and active techniques. Next, we use Amass to perform DNS brute forcing and reverse WHOIS lookups. Then, we translate all the data we gathered into useful charts to show the dependencies between the enumerated data. This course covers several important tactics from the Mitre Att&ck framework, including: Search Open Technical Databases (T1596), Gather Victim Network Information (T1590), Active Scanning (T1595) and Search Open Website/Domains (T1593)

About the author
About the author

Ricardo is a Cybersecurity Consultant based in Toronto (Canada). He has 10+ years of IT experience, 6 of them in the IT Security field. His main interests are: SIEM solutions (IBM QRadar), Enterprise Security Risk, Penetration Testing, Security processes/procedures and Network Security.

More from the author
Persistence with Impacket
Intermediate
20m
Sep 15, 2021
Planning and Scoping for CompTIA Pentest+
Intermediate
1h 46m
Jul 7, 2021
More courses by Ricardo Reimao
Section Introduction Transcripts
Section Introduction Transcripts

Course Overview (Tool Introduction)
Hey there. Welcome to our course, Reconnaissance with OWASP Amass. In this cybersecurity tools course, you'll learn how to enumerate domains using the Amass tool. In a red team engagement, one of the most important phases is the reconnaissance phase. It is at this stage that we try to enumerate as much information as possible from our target so then we can plan a proper attack. In this course, we'll cover the OWASP Amass tool, which is one of the most reliable tools to find domains and IP addresses related to a company. We start this course by using this tool to perform a traditional domain enumeration using passive and active techniques. Next, we use Amass to perform DNS brute forcing and reverse WHOIS lookups. Then we translate all the data that we gather into useful charts to show the dependencies between the enumerated data. So whether you're trying to gather information about a target in a red team engagement, or you're just looking to audit the cybersecurity exposure of your own company, join me in learning how to perform reconnaissance with the OWASP Amass tool, here at Pluralsight.