Closed ghost closed 5 years ago
Amass is not designed to simply resolve a list of names like MassDNS. You can provide a list of already discovered subdomain names using the '-nf' flag and provide the root domain names as the scope, and Amass will be sure to resolve the provided subdomain names while enumerating the root domain names
I found the following subdomains that are perfectly resolvable:
count.invault.io
security.invault.io
smtp.invault.io
mail.invault.io
test.invault.io
www.invault.io
download.invault.io
ticket.invault.io
But when I got "No names were discovered" error when I did amass enum -d invault.io -w wordlists/all.txt -brute
. Amass still failed to get any subdomain even I passed the known subdomains with '-nf' flag.
Definitely sounds like DNS problems. Start by using the '-passive' flag in order to see what Amass is beginning the enumeration with. Then, try removing the '-passive' flag and using the '-r' flag to set the resolver to a nameserver that you know can be used successfully.
How to make
amass
resolve a list of potential subdomains? For example, I have a list of:How to just do dns resolving on the list and get output in json format?