# Install amass with Homebrew, MacPorts, Nix, scoop, winget

In-depth attack surface mapping and asset discovery. Version 5.1.1 via Homebrew; verified from local package data.

## Install

```sh
sudo av install brew:amass
```

Additional install commands:

### macOS

- Homebrew (100%):

```sh
brew install amass
```

  Evidence: local Homebrew formula metadata

- MacPorts (94%):

```sh
sudo port install amass
```

  Evidence: MacPorts ports tree: security/amass/Portfile from https://api.github.com/repos/macports/macports-ports/git/trees/master?recursive=1

### Linux

- Nix (92%):

```sh
nix profile install nixpkgs#amass
```

  Evidence: nixpkgs package indexes: pkgs/by-name/am/amass/package.nix from https://api.github.com/repos/NixOS/nixpkgs/git/trees/master?recursive=1

### Windows

- Scoop (92%):

```sh
scoop install main/amass
```

  Evidence: Scoop official bucket manifest trees: bucket/amass.json from https://api.github.com/repos/ScoopInstaller/Main/git/trees/master?recursive=1

- winget (92%):

```sh
winget install --id OWASP.Amass -e
```

  Evidence: Windows Package Manager source index: OWASP.Amass from https://cdn.winget.microsoft.com/cache/source.msix

## Package facts

- **Package key:** brew:amass
- **Package manager:** Homebrew
- **Package manager page:** <https://formulae.brew.sh/formula/amass>
- **Version:** 5.1.1
- **Source summary:** In-depth attack surface mapping and asset discovery
- **Homepage:** <https://owasp.org/www-project-amass/>
- **Repository:** <https://github.com/owasp-amass/amass>
- **Upstream docs:** <https://owasp-amass.github.io/docs>
- **License:** Apache-2.0
- **Source archive:** <https://github.com/owasp-amass/amass/archive/refs/tags/v5.1.1.tar.gz>
- **Generated:** 2026-07-09T07:20:21+00:00

## Executables

- amass (cli)
- amass (alias)

## Build dependencies

- go

## Install behavior

- Post-install hook: not defined
- Bottle: available on arm64_linux, arm64_sequoia, arm64_sonoma, arm64_tahoe, sonoma, x86_64_linux

## Freshness

- Page generated: 2026-07-09
- Package-manager version: 5.1.1
- Local data: ok
- Upstream repository: https://github.com/owasp-amass/amass
- Upstream latest detected: v5.1.1 (current)
- info: No package-manager update timestamp was available.
## Project history and usage

OWASP Amass is an attack-surface mapping and external asset discovery tool for security teams, red teams, bug bounty hunters, and OSINT-heavy workflows. Its core appeal is that it aggregates many open-source intelligence, DNS, certificate, routing, scraping, archive, WHOIS, and API-backed data sources into one repeatable CLI workflow.

### Project history

The GitHub repository was created in July 2018 and the README identifies the project as an OWASP project maintained around network mapping of attack surfaces and external asset discovery. The program copyright in the README attributes OWASP Amass and contributions to Jeff Foley for 2017-2023, reflecting pre-OWASP or pre-current-repository origins before the current repository history.

Amass evolved from a subdomain-enumeration tool into a broader graph-oriented external attack-surface mapper. Its official documentation now describes YAML configuration for scan scope, data sources, transformations, engine APIs, graph databases, and programmatic use as a Go library.

### Adoption history

Amass became a standard package in security distributions and package managers because it automated a tedious recon workflow: combine passive sources, DNS techniques, certificate transparency, web archives, routing data, and optional active probing under one command. The official README lists Homebrew, prebuilt release packages, Docker images, and source installation paths.

The project's own README and REFERENCES file document adoption in talks, trainings, and practitioner workflows, including DEF CON and Red Team Village references, OWASP chapter material, bug bounty tutorials, and testimonials from Accenture and Visma red-team users.

### How it is used

Typical use is the amass CLI, especially enumeration against a domain, optionally with configured API keys for premium or authenticated data sources. Configuration is YAML-based: config.yaml controls scope and options, while datasources.yaml stores data-source credentials such as API keys, usernames, passwords, and secrets.

The README also documents Docker usage with a mounted /.config/amass directory so the graph database and output can persist across runs. That detail is important for package users because Amass is not merely a stateless scanner: its value grows when outputs, graph data, and source credentials are managed carefully.

### Why package nerds care

Amass is a good example of a security CLI whose packaging is not just about the binary. Useful installs need correct config paths, data-source credential handling, shell ergonomics, and sometimes a database or persistent output directory.

It also shows how modern security tooling lands in general-purpose package managers: it is a Go binary, but it has an unusually large operational surface because its value depends on many external OSINT providers and frequently changing integrations.

### Timeline

- 2017: README copyright range begins for Jeff Foley and OWASP Amass contributions.
- 2018-07-10: Current owasp-amass/amass GitHub repository is created.
- 2023-09-10: Amass v4.2.0 release is published.
- 2025-08-03: Amass v5.0.0 release is published.
- 2026-04-07: Amass v5.1.1 release is published.

### Related projects

- OWASP is the umbrella project home and provides the public project page.
- Shodan, Censys, SecurityTrails, VirusTotal, DNSDB, Wayback, Common Crawl, GitHub, GitLab, and many other data sources are integrations or data inputs rather than sibling code projects.
- The Amass Go module and scripting/documentation surface support more advanced integrations beyond simple CLI use.

### Sources

- <https://api.github.com/repos/owasp-amass/amass>
- <https://api.github.com/repos/owasp-amass/amass/releases?per_page=5>
- <https://owasp-amass.github.io/docs/configuration/>
- <https://owasp-amass.github.io/docs/configuration/data_sources/>
- <https://owasp.org/www-project-amass/>
- <https://raw.githubusercontent.com/owasp-amass/amass/master/README.md>
- <https://raw.githubusercontent.com/owasp-amass/amass/master/REFERENCES.md>


## Security Notes

narrow executable package without higher-risk signals.

- **Geiger risk:** green / low
- narrow executable package without higher-risk signals


## Configuration and credential file locations

These source-backed paths show where this package keeps local settings or durable credentials. Automic Vault can use them as review targets for secret scanning, migration, and command approval.


## Configuration files

- Unix: ~/.config/amass/config.yaml, /etc/amass/config.yaml

## Credential files

- Unix: ~/.config/amass/datasources.yaml, /etc/amass/datasources.yaml
## Source Database Details

- **Source Database:** Homebrew formula API
- **Tap:** homebrew/core
- **Full Name:** amass
- **Version Scheme:** 0
- **Revision:** 0
- **Head Version:** HEAD
- **Bottle Stable Root URL:** <https://ghcr.io/v2/homebrew/core>
- **Deprecated:** no
- **Disabled:** no
- **Keg Only:** no
- **URL Keys:** head, stable

## Other Package-Manager Records

- Nix - amass: normalized package name match | nixpkgs package indexes: pkgs/by-name/am/amass/package.nix from https://api.github.com/repos/NixOS/nixpkgs/git/trees/master?recursive=1
- MacPorts - amass: normalized package name match | MacPorts ports tree: security/amass/Portfile from https://api.github.com/repos/macports/macports-ports/git/trees/master?recursive=1
- Scoop - main/amass: normalized package name match | Scoop official bucket manifest trees: bucket/amass.json from https://api.github.com/repos/ScoopInstaller/Main/git/trees/master?recursive=1
- winget - OWASP.Amass: normalized package name match | Windows Package Manager source index: OWASP.Amass from https://cdn.winget.microsoft.com/cache/source.msix


## Related links

- [Terminal utility packages](https://www.automicvault.com/pkg/terminal-utilities/) - Matched terminal and command-line workflow metadata.
- [Networking and protocol packages](https://www.automicvault.com/pkg/networking-protocol-tools/) - Matched network, protocol, or remote-service metadata.
- [Security and crypto packages](https://www.automicvault.com/pkg/security-crypto-tools/) - Matched security, identity, cryptography, password, signing, or certificate metadata.
- [Homebrew utility packages](https://www.automicvault.com/pkg/brew-utility-packages/) - Matched Homebrew package provider.
- [go](https://www.automicvault.com/pkg/brew/go/) - Build dependency declared by Homebrew.
- [uncover](https://www.automicvault.com/pkg/brew/uncover/) - Shares av.db curated category or tags: asset-discovery, cli, osint, reconnaissance, security.
- [bbot](https://www.automicvault.com/pkg/brew/bbot/) - Shares av.db curated category or tags: cli, osint, reconnaissance, security.
- [favirecon](https://www.automicvault.com/pkg/brew/favirecon/) - Shares av.db curated category or tags: cli, osint, reconnaissance, security.
- [recon-ng](https://www.automicvault.com/pkg/brew/recon-ng/) - Shares av.db curated category or tags: cli, osint, reconnaissance, security.
- [subfinder](https://www.automicvault.com/pkg/brew/subfinder/) - Shares av.db curated category or tags: cli, osint, reconnaissance, security.
- [theharvester](https://www.automicvault.com/pkg/brew/theharvester/) - Shares av.db curated category or tags: cli, osint, reconnaissance, security.
- [csprecon](https://www.automicvault.com/pkg/brew/csprecon/) - Shares av.db curated category or tags: cli, reconnaissance, security.
- [findomain](https://www.automicvault.com/pkg/brew/findomain/) - Shares av.db curated category or tags: cli, osint, reconnaissance, security.
- [noir](https://www.automicvault.com/pkg/brew/noir/) - Security-sensitive metadata or terminology overlaps. Shared terms: attack, cli, security, surface.

## Combined YAML source

View the package source record on GitHub. [combined/amass.yml](https://github.com/automic-vault/db/blob/main/combined/amass.yml)


## Sources

- Nucleus package database
- Geiger risk classifier
- package-page enrichment
- curated configuration and credential file locations
- curated package history
- package version freshness
- av.db category and tag curation
- package relationship graph
- external package-manager database matches
- cross-ecosystem install command graph
