anquanbiji
commented
2 years ago Is there any plan for this issue? I think it is very important function.
Open nscuro opened 2 years ago
anquanbiji
commented
2 years ago Is there any plan for this issue? I think it is very important function.
It'd be great if Amass could output CNAME records via its
dbandenumcommands. At the moment, CNAME records are not marked as such (e.g. in JSON output), and are resolved to an IP address.Having explicit CNAME declarations would make it easier for humans to spot potential subdomain takeover scenarios ("which of our domains is pointing to a vulnerable service?").
It'd also help in tracking which external services are referenced.
foobar.example.com➡️baz.example.com➡️1.2.3.4foobar.example.com➡️1.2.3.4baz.example.com➡️1.2.3.4foobar.example.com➡️baz.example.com