We may earn an affiliate commission when you visit our partners.
Ricardo Reimao

The first step on a red team exercise is the Reconnaissance phase. In this course we cover the OWASP Amass tool, which allows you to enumerate domains and find potential attack vectors on your target.

Read more

The first step on a red team exercise is the Reconnaissance phase. In this course we cover the OWASP Amass tool, which allows you to enumerate domains and find potential attack vectors on your target.

One of the most important phases on a red team engagement is the reconnaissance phase. It is at this stage that we try to enumerate as much information as possible from our target so we can plan a proper attack. In this course, Reconnaissance with OWASP Amass, we cover one of the most reliable tools for finding sub domains and IP addresses related to our target. We start by using this tool to perform traditional domain enumeration using passive and active techniques. Next, we use Amass to perform DNS brute forcing and reverse WHOIS lookups. Then, we translate all the data we gathered into useful charts to show the dependencies between the enumerated data. This course covers several important tactics from the Mitre Att&ck framework, including: Search Open Technical Databases (T1596), Gather Victim Network Information (T1590), Active Scanning (T1595) and Search Open Website/Domains (T1593)

Enroll now

What's inside

Syllabus

Course Overview (Tool Introduction)
Enumerating Domains and IPs with OWASP Amass
Resources

Good to know

Know what's good
, what to watch for
, and possible dealbreakers
Develops knowledge and skills key to penetration testing
Taught by Ricardo Reimao, a seasoned red team professional
Covers reconnaissance tactics aligned with the Mitre Att&ck framework
Emphasizes practical application of tools and techniques
Introduces OWASP Amass, an industry-standard tool for domain enumeration

Save this course

Save Reconnaissance with OWASP Amass to your list so you can find it easily later:
Save

Activities

Be better prepared before your course. Deepen your understanding during and after it. Supplement your coursework and achieve mastery of the topics covered in Reconnaissance with OWASP Amass with these activities:
Review network scanning techniques
Review the basics of network scanning to refresh your understanding of the techniques covered in this course.
Browse courses on Network Scanning
Show steps
  • Read through your notes or study materials on network scanning.
  • Complete practice questions or exercises on network scanning.
Host a study group with other students to discuss reconnaissance techniques
Deepen your understanding of reconnaissance by discussing concepts and techniques with peers.
Browse courses on Reconnaissance
Show steps
  • Reach out to other students in the course and arrange a time to meet.
  • Prepare a list of topics or questions to discuss.
  • During the study group, share your knowledge and insights with others.
Practice using the OWASP Amass tool
Reinforce your understanding of the OWASP Amass tool by completing practice exercises.
Show steps
  • Set up a lab environment for the OWASP Amass tool.
  • Follow along with the tutorials or documentation for the OWASP Amass tool.
  • Complete the practice exercises provided with the OWASP Amass tool.
Five other activities
Expand to see all activities and additional details
Show all eight activities
Attend a workshop on red team reconnaissance techniques
Gain exposure to advanced reconnaissance techniques by attending a workshop led by industry professionals.
Browse courses on Red Team
Show steps
  • Research and identify workshops on red team reconnaissance techniques.
  • Register for the workshop that best aligns with your interests and schedule.
  • Attend the workshop and actively participate in the activities.
Follow video tutorials on advanced reconnaissance techniques
Expand your knowledge of reconnaissance beyond the scope of the course by following video tutorials.
Browse courses on Network Scanning
Show steps
  • Search for video tutorials on advanced reconnaissance techniques.
  • Select a few tutorials that cover topics you're interested in.
  • Follow along with the tutorials and take notes on key concepts.
Write a blog post or article on the importance of reconnaissance in red team engagements
Demonstrate your understanding of the role of reconnaissance in red team engagements by creating a written piece.
Browse courses on Reconnaissance
Show steps
  • Research the topic of reconnaissance in red team engagements.
  • Gather examples and case studies to illustrate the importance of reconnaissance.
  • Write a blog post or article that presents your findings and insights.
Participate in a capture the flag (CTF) competition that focuses on reconnaissance
Test your reconnaissance skills and knowledge in a competitive environment.
Show steps
  • Identify and register for a CTF competition that emphasizes reconnaissance challenges.
  • Prepare for the competition by reviewing reconnaissance techniques and practicing with tools.
  • Participate in the CTF competition and attempt to solve the reconnaissance challenges.
Contribute to the OWASP Amass project
Enhance your understanding of the OWASP Amass tool by contributing to its development.
Show steps
  • Review the documentation and codebase of the OWASP Amass project.
  • Identify areas where you can contribute your skills.
  • Submit a pull request with your proposed changes or additions.

Career center

Learners who complete Reconnaissance with OWASP Amass will develop knowledge and skills that may be useful to these careers:
Network Security Engineer
A Network Security Engineer designs, implements, and maintains security measures to protect an organization's computer networks from unauthorized access, use, disclosure, disruption, modification, or destruction. A Network Security Engineer may find Reconnaissance with OWASP Amass useful, as it provides hands-on experience with tools and techniques used to gather information about potential targets.
Security Architect
A Security Architect designs and implements security measures to protect an organization's computer systems and networks from unauthorized access, use, disclosure, disruption, modification, or destruction. A Security Architect may find Reconnaissance with OWASP Amass useful, as it provides hands-on experience with tools and techniques used to gather information about potential targets.
Security Operations Analyst
A Security Operations Analyst monitors and responds to security events on an organization's computer systems and networks. This individual must stay current on the latest security trends and threats through continuous research. The Reconnaissance with OWASP Amass course may be useful for someone in this role, as it provides knowledge about tools and techniques used to gather information about potential threats.
Security Engineer
A Security Engineer designs, implements, and maintains security measures to protect an organization's computer systems and networks from unauthorized access, use, disclosure, disruption, modification, or destruction. A Security Engineer may find Reconnaissance with OWASP Amass useful, as it provides hands-on experience with tools and techniques used to gather information about potential targets.
Security Researcher
A Security Researcher identifies and researches vulnerabilities in software and systems. This individual must stay current on the latest security trends and threats through continuous research. The Reconnaissance with OWASP Amass course may be useful for someone in this role, as it provides knowledge about tools and techniques used to gather information about potential threats.
Incident Responder
An Incident Responder responds to and investigates security incidents on an organization's computer systems and networks. This individual must stay current on the latest security trends and threats through continuous research. The Reconnaissance with OWASP Amass course may be useful for someone in this role, as it provides knowledge about tools and techniques used to gather information about potential threats.
Cyber Threat Analyst
A Cyber Threat Analyst identifies and assesses cyber threats to an organization's computer systems and networks. This individual must stay current on the latest security trends and threats through continuous research. The Reconnaissance with OWASP Amass course may be useful for someone in this role, as it provides knowledge about tools and techniques used to gather information about potential threats.
Information Security Manager
An Information Security Manager is responsible for developing and implementing an organization's information security program. This individual must stay current on the latest security trends and threats through continuous research. The Reconnaissance with OWASP Amass course may be useful for someone in this role, as it provides knowledge about tools and techniques used to gather information about potential targets.
Computer Forensics Analyst
A Computer Forensics Analyst investigates and analyzes computer systems and networks to identify evidence of criminal activity. This individual must stay current on the latest security trends and threats through continuous research. The Reconnaissance with OWASP Amass course may be useful for someone in this role, as it provides knowledge about tools and techniques used to gather information about potential threats.
Digital Forensic Analyst
A Digital Forensic Analyst investigates and analyzes digital evidence to identify evidence of criminal activity. This individual must stay current on the latest security trends and threats through continuous research. The Reconnaissance with OWASP Amass course may be useful for someone in this role, as it provides knowledge about tools and techniques used to gather information about potential threats.
Cybersecurity Analyst
A Cybersecurity Analyst protects an organization's computer systems and networks from unauthorized access, use, disclosure, disruption, modification, or destruction. This individual must stay current on the latest security trends and threats through continuous research. The Reconnaissance with OWASP Amass course may be useful for someone in this role, as it provides knowledge about tools and techniques used to gather information about potential targets.
Penetration Tester
A Penetration Tester, also known as a pentester, helps organizations identify vulnerabilities in their systems and networks by simulating cyberattacks. Courses like Reconnaissance with OWASP Amass may be useful for a Penetration Tester, as it provides knowledge about tools and techniques used to gather information about potential targets.
Security Consultant
A Security Consultant provides advice and guidance to organizations on how to improve their security posture. This individual must stay current on the latest security trends and threats through continuous research. The Reconnaissance with OWASP Amass course may be useful for someone in this role, as it provides knowledge about tools and techniques used to gather information about potential targets.
Vulnerability Analyst
A Vulnerability Analyst identifies and assesses vulnerabilities in software and systems. This individual must stay current on the latest security trends and threats through continuous research. The Reconnaissance with OWASP Amass course may be useful for someone in this role, as it provides knowledge about tools and techniques used to gather information about potential targets.
Information Security Analyst
An Information Security Analyst designs, implements, and manages the security of computer systems and networks. This individual must stay current on the latest security trends and threats through continuous research. The Reconnaissance with OWASP Amass course may be useful for someone in this role, as it provides an introduction to using OSINT techniques to gather information about potential targets.

Reading list

We've selected nine books that we think will supplement your learning. Use these to develop background knowledge, enrich your coursework, and gain a deeper understanding of the topics covered in Reconnaissance with OWASP Amass.
Comprehensive guide to cryptography engineering, covering topics such as symmetric and asymmetric encryption, hashing, and digital signatures. Provides a deep understanding of the underlying principles of cryptography.
Introduces the fundamental principles of security engineering and provides practical guidance on how to design and implement secure systems.
In-depth guide to exploitation techniques, covering topics such as buffer overflows, heap overflows, and format string vulnerabilities. Provides a deep understanding of how vulnerabilities can be exploited to compromise systems.
Comprehensive guide to Metasploit, a powerful tool for penetration testing and exploit development. Provides step-by-step instructions on how to use Metasploit to perform a variety of attacks.
Textbook that provides a comprehensive overview of computer security, covering topics such as access control, cryptography, and network security.
Provides guidance on the different phases of penetration testing and offers practical advice on performing vulnerability assessments and exploiting vulnerabilities.
Provides practical recipes for testing web applications for vulnerabilities. Covers a wide range of topics, including input validation, authentication, and authorization.
Simple introduction to Python Programming for hackers and penetration testers. Teaches the basics of the Python programming language by introducing practical examples of hacking and penetration testing techniques.
Explores the human element of security and provides insights into how attackers use social engineering techniques to compromise systems.

Share

Help others find this course page by sharing it with your friends and followers:

Similar courses

Here are nine courses similar to Reconnaissance with OWASP Amass.
Our mission

OpenCourser helps millions of learners each year. People visit us to learn workspace skills, ace their exams, and nurture their curiosity.

Our extensive catalog contains over 50,000 courses and twice as many books. Browse by search, by topic, or even by career interests. We'll match you to the right resources quickly.

Find this site helpful? Tell a friend about us.

Affiliate disclosure

We're supported by our community of learners. When you purchase or subscribe to courses and programs or purchase books, we may earn a commission from our partners.

Your purchases help us maintain our catalog and keep our servers humming without ads.

Thank you for supporting OpenCourser.

© 2016 - 2024 OpenCourser