Open Phoenix1112 opened 1 year ago
caffix
commented
1 year ago Correct.
The amass tool launches your intelligence collection / enumeration task and now prints out what's being discovered during this process.
During and after the execution of the task, SQL statements sent directly to the database, or other tools, can extract the data of interest to you.
sqlite3 amass.sqlite "select content->>'name' from assets where type = 'FQDN'"
Phoenix1112
commented
1 year ago So, can we point to the config.ini file with the -config parameter? I want to see the command that I can scan with our api keys.
caffix
commented
1 year ago Amass v3 will accept the ini file, but v4 only accepts the YAML files. Your credentials for data sources are entered into the datasources.yaml file
Phoenix1112
commented
1 year ago I run it using the datasources.yaml file as you said, but I got an output like the one below.
example.com (FQDN) --> mx_record --> aspmx3.googlemail.com (FQDN)
example.com (FQDN) --> mx_record --> alt2.aspmx.l.google.com (FQDN)
example.com (FQDN) --> mx_record --> alt1.aspmx.l.google.com (FQDN)
example.com (FQDN) --> mx_record --> aspmx.l.google.com (FQDN)
example.com (FQDN) --> mx_record --> aspmx2.googlemail.com (FQDN)`there must be a way to use this program in practice. because I use amass in my automation programs and thousands of people like me use amass for automation. I need a parameter that will output clean.
caffix
commented
1 year ago That output is only for human eyes. The db subcommand currently provides ways to extract the data from the database, and soon we will be releasing the oam_subs tool for this purpose. Check out the following blog post for more help:
I was using it like this before.
but now when i use this command with new version the output does not contain pure subdomains.