A penetration tester is tasked with creating a comprehensive map of a target corporation's external attack surface. A primary objective is to discover all publicly accessible subdomains, including those not listed in standard DNS records. The tester requires a tool specifically designed to aggregate data from a wide array of passive OSINT sources, such as search engines, certificate transparency logs, and online archives. Which of the following tools is BEST suited for this specialized task?
The correct answer is Amass, an open-source tool from OWASP designed for in-depth attack surface mapping and external asset discovery. It excels at subdomain enumeration by integrating data from numerous passive and active sources, including search engines, archives, and certificate logs, which aligns perfectly with the scenario's requirements. Wireshark is a network protocol analyzer used for sniffing traffic, not discovering subdomains. Nmap is a network scanner primarily used for host discovery and port scanning. DirBuster is a tool for enumerating web server directories and files, not subdomains.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is Amass and how does it work?
Open an interactive chat with Bash
What’s the difference between Amass and Nmap?
Open an interactive chat with Bash
Why is subdomain enumeration important in pen testing?