macOS
brew install amasslocal Homebrew formula metadata
sudo port install amassMacPorts ports tree · security/amass/Portfile · source: api.github.com
brew
In-depth attack surface mapping and asset discovery. Version 5.1.1 via Homebrew; verified from local package data.
install
brew install amasslocal Homebrew formula metadata
sudo port install amassMacPorts ports tree · security/amass/Portfile · source: api.github.com
nix profile install nixpkgs#amassnixpkgs package indexes · pkgs/by-name/am/amass/package.nix · source: api.github.com
scoop install main/amassScoop official bucket manifest trees · bucket/amass.json · source: api.github.com
winget install --id OWASP.Amass -eWindows Package Manager source index · OWASP.Amass · source: cdn.winget.microsoft.com
overview
In-depth attack surface mapping and asset discovery
history
OWASP Amass is an attack-surface mapping and external asset discovery tool for security teams, red teams, bug bounty hunters, and OSINT-heavy workflows. Its core appeal is that it aggregates many open-source intelligence, DNS, certificate, routing, scraping, archive, WHOIS, and API-backed data sources into one repeatable CLI workflow.
The GitHub repository was created in July 2018 and the README identifies the project as an OWASP project maintained around network mapping of attack surfaces and external asset discovery. The program copyright in the README attributes OWASP Amass and contributions to Jeff Foley for 2017-2023, reflecting pre-OWASP or pre-current-repository origins before the current repository history.
Amass evolved from a subdomain-enumeration tool into a broader graph-oriented external attack-surface mapper. Its official documentation now describes YAML configuration for scan scope, data sources, transformations, engine APIs, graph databases, and programmatic use as a Go library.
Amass became a standard package in security distributions and package managers because it automated a tedious recon workflow: combine passive sources, DNS techniques, certificate transparency, web archives, routing data, and optional active probing under one command. The official README lists Homebrew, prebuilt release packages, Docker images, and source installation paths.
The project's own README and REFERENCES file document adoption in talks, trainings, and practitioner workflows, including DEF CON and Red Team Village references, OWASP chapter material, bug bounty tutorials, and testimonials from Accenture and Visma red-team users.
Typical use is the amass CLI, especially enumeration against a domain, optionally with configured API keys for premium or authenticated data sources. Configuration is YAML-based: config.yaml controls scope and options, while datasources.yaml stores data-source credentials such as API keys, usernames, passwords, and secrets.
The README also documents Docker usage with a mounted /.config/amass directory so the graph database and output can persist across runs. That detail is important for package users because Amass is not merely a stateless scanner: its value grows when outputs, graph data, and source credentials are managed carefully.
Amass is a good example of a security CLI whose packaging is not just about the binary. Useful installs need correct config paths, data-source credential handling, shell ergonomics, and sometimes a database or persistent output directory.
It also shows how modern security tooling lands in general-purpose package managers: it is a Go binary, but it has an unusually large operational surface because its value depends on many external OSINT providers and frequently changing integrations.
security posture
narrow executable package without higher-risk signals.
green risk · low confidence · appliance
Before unattended agent use, check whether the tool reads plaintext credentials, writes remote state, publishes artifacts, or shells out to plugins.
local files
These source-backed paths show where this package keeps local settings or durable credentials. Automic Vault can use them as review targets for secret scanning, migration, and command approval.
Config paths the tool may read or write during local use.
~/.config/amass/config.yaml/etc/amass/config.yamlCredential-bearing paths to review before unattended agent runs.
~/.config/amass/datasources.yaml/etc/amass/datasources.yamlexecutables
| Command | Kind | Exposure | Note |
|---|---|---|---|
amass | cli | global executable |
freshness
These signals separate page generation age, package-manager activity, and upstream release comparison. Version lag is warned only when an evidence URL and comparable versions are present.
https://github.com/owasp-amass/amass
install metadata
| Package key | brew:amass |
|---|---|
| Version | 5.1.1 |
| Package manager | Homebrew |
| Package manager page | https://formulae.brew.sh/formula/amass |
| Homepage | https://owasp.org/www-project-amass/ |
| Repository | https://github.com/owasp-amass/amass |
| Upstream docs | https://owasp-amass.github.io/docs |
| License | Apache-2.0 |
| Source archive | https://github.com/owasp-amass/amass/archive/refs/tags/v5.1.1.tar.gz |
| Build dependencies | go |
| Bottle | available (on arm64_linux, arm64_sequoia, arm64_sonoma, arm64_tahoe, sonoma, x86_64_linux) |
| Homebrew post-install | not defined |
| Service | none declared |
registry facts
| Source Database | Homebrew formula API |
|---|---|
| Tap | homebrew/core |
| Full Name | amass |
| Version Scheme | 0 |
| Revision | 0 |
| Head Version | HEAD |
| Bottle Stable Root URL | https://ghcr.io/v2/homebrew/core |
| Deprecated | no |
| Disabled | no |
| Keg Only | no |
| URL Keys |
|
source database matches
Matches are pulled from external package-manager indexes and kept separate from local Automic Vault package links.
amass
nix profile install nixpkgs#amassamass
sudo port install amassmain/amass
scoop install main/amassOWASP.Amass
winget install --id OWASP.Amass -esource trail
This page is generated by av-web from the private package SQLite artifact built by scripts/generate-pkg-sqlite.py.
View the package source record on GitHub.