owasp-amass/amass — reverse-engineered prompt

Build me a command line security tool like OWASP Amass that helps a security team map a company’s public attack surface. It should take a domain name, discover related subdomains and external assets using public information sources, and optionally do active recon checks so the user can understand what is exposed on the internet.

Keep it practical for real recon work. I want clear commands, useful output in the terminal, and saved results that can be reviewed later. Include a simple config file for things like API keys and scan settings, plus Docker support so it’s easy to run anywhere. Please make the code clean and organized in Go, with sensible error messages and enough docs so someone can install it, run a basic scan, and know where to look for help.

Don’t build anything noisy or destructive. This should be focused on asset discovery, DNS enumeration, network mapping, and responsible security testing.