owasp-amass / amass

In-depth attack surface mapping and asset discovery
https://owasp.org/www-project-amass/
Other
11.99k stars 1.88k forks source link

config.ini not taken into account #340

Closed Techbrunch closed 4 years ago

Techbrunch commented 4 years ago

Looks like I'm running into the same issue again #201.

My config explicitely enables bruteforcing but no bruteforcing is done:

[bruteforce]
enabled = true
recursive = true
# Number of discoveries made in a subdomain before performing recursive brute forcing
# Default is 0
minimum_for_recursive = 0
wordlist_file = /Users/***/Documents/github/SecLists/Discovery/DNS/subdomains-top1mil-110000.txt
#wordlist_file = /usr/share/wordlists/all.txt # multiple lists can be used
caffix commented 4 years ago

What output indicated that brute forcing did not execute? Thank you for your feedback!

Techbrunch commented 4 years ago

I think the problem was probably because of a wildcard DNS. I'm closing it for now and will reopen if I can reproduce it.