ワンクリックで
amass
Use OWASP Amass for authorized asset discovery, domain enumeration, and DNS intelligence on in-scope targets.
Codex または Claude でインストール この Prompt をコピーして Codex、Claude、または他のアシスタントに貼り付けると、Skill ページを確認してインストールできます。
メニュー
Use OWASP Amass for authorized asset discovery, domain enumeration, and DNS intelligence on in-scope targets.
Codex または Claude でインストール この Prompt をコピーして Codex、Claude、または他のアシスタントに貼り付けると、Skill ページを確認してインストールできます。
Use agent-browser-cli to perceive and control the supervised Chrome browser inside the sandbox, interact with pages, capture screenshots/PDFs, inspect cookies/CDP/network/console state, and troubleshoot only when needed.
Use apktool for authorized Android APK resource decoding, manifest review, smali inspection, rebuild checks, and static mobile artifact triage.
Use file, 7z, unzip, tar-compatible tools, hashes, and bounded shell inspection for safe triage of provided archives and unknown files.
Use binwalk for authorized firmware, binary blob, archive, filesystem, and embedded-content triage with bounded extraction and evidence handling.
Use the pwntools-provided checksec CLI for authorized ELF hardening review, mitigation checks, and binary triage evidence.
Use dig, nslookup, whois, and related local CLIs for authorized DNS, WHOIS, ASN, mail, nameserver, and ownership triage.
| name | amass |
| description | Use OWASP Amass for authorized asset discovery, domain enumeration, and DNS intelligence on in-scope targets. |
Use OWASP amass for authorized asset discovery and domain intelligence when subfinder alone is not enough.
Before constructing commands, run the installed help and use it as the source of truth:
amass -h
amass enum -h
dnsx and HTTP-facing assets with httpx before reporting them as live.subfinder pass by default; run Amass when its broader data model, state directory, or active options add value.Run a passive first pass and keep Amass state in the task directory:
amass enum -passive -d example.com -dir amass-data -o amass.txt
Run against a bounded domain list:
amass enum -passive -df domains.txt -dir amass-data -o amass.txt
Validate Amass output before reporting live assets:
dnsx -l amass.txt -silent -o amass-resolved.txt
httpx -l amass-resolved.txt -silent -status-code -title -o amass-http.txt
Report the authorized scope, command used, output directory, result counts, validated assets, and any unresolved assumptions.