output difference

[vanssec]

./amass enum -d test.com -o jdjkds.txt example.com (FQDN) --> ns_record --> a.iana-servers.net (FQDN) example.com (FQDN) --> ns_record --> b.iana-servers.net (FQDN) test.com (FQDN) --> a_record --> 67.225.146.248 (IPAddress) www.test.com (FQDN) --> cname_record --> test.com (FQDN)

why is output like this, earlier it was just subdomains , how can I turn it off or fix it

[archang3l-student]

I faced this with the latest version, used an older release like 3.21.*

[prasgop]

I am facing the same issue

[prasgop]

| grep FQDN .config/amass/amass.txt | cut -d' ' -f1 | sort -u

I am able to see subdomains only with the above piping.
It's taken from: https://github.com/owasp-amass/amass/issues/1010

[caffix]

There are tools that can do this for you:

https://github.com/owasp-amass/oam-tools

[prasgop]

Thank you. I have couple of questions.

1. Do I have to run amass enum (Ex: amass enum -d example.com) before running oam_subs (Ex: oam_subs -show -d example.com) for subdomain enumeration or can I run oam_subs directly without running amass?
2. If I used oam_i2y -ini config.ini and have config.yaml and datasources.yaml placed under ~/.config/amass/, do I have to specify the location with '-config' option like "oam_subs -show -d example.com -config ~/.config/amass/datasources.yaml" or will it pickup the datasources file on its own?
3. And, if amass query results are stored in a kind of local database to be retrieved for subsequent queries, how long would that be available? I have tried going through respective conf/user guide info and tried running few scenarios, but some clarification will help me understand it better.