Linux command
amass 命令
文本
复制后可按需替换文件名、目录或参数。
常用示例
Enumerate
amass enum -passive -d [example.com]
Active
amass enum -active -d [example.com]
Example
amass enum -d [example.com] -o [output.txt]
Example
amass enum -d [example.com] -src -ip
说明
amass is an OWASP project for in-depth attack surface mapping and asset discovery. It performs DNS enumeration, subdomain brute-forcing, and leverages numerous data sources including search engines, certificate transparency logs, and APIs. The tool builds a comprehensive map of an organization's external network footprint, identifying subdomains, related domains, and network blocks.
参数
- enum
- Perform enumeration and network mapping
- intel
- Collect intelligence on target organization
- track
- Track changes to discovered infrastructure
- db
- Manage the graph database
- viz
- Visualize collected data
- -d _domain_
- Target domain
- -passive
- Only use passive data sources (no DNS queries)
- -active
- Use active methods including DNS brute-forcing
- -ip
- Show IP addresses of discovered names
- -src
- Show source of each discovered name
- -brute
- Enable subdomain brute-forcing
- -o _file_
- Output file path
- -dir _path_
- Directory for output files
- -config _file_
- Configuration file
FAQ
What is the amass command used for?
amass is an OWASP project for in-depth attack surface mapping and asset discovery. It performs DNS enumeration, subdomain brute-forcing, and leverages numerous data sources including search engines, certificate transparency logs, and APIs. The tool builds a comprehensive map of an organization's external network footprint, identifying subdomains, related domains, and network blocks.
How do I run a basic amass example?
Run `amass enum -passive -d [example.com]` in a terminal, then adjust file names, paths, flags, or remote targets for your system.
What does enum do in amass?
Perform enumeration and network mapping