-
-
Notifications
You must be signed in to change notification settings - Fork 2.1k
The Configuration File
Jeff Foley edited this page May 5, 2020
·
1 revision
- Basics
- Default Section
- The network_settings Section
- The resolvers Section
- Domain Targets
- Domain Enumeration
- Data Sources
- The gremlin Section
You will need a config file to use your API keys with Amass. See the Example Configuration File for more details.
Amass automatically tries to discover the configuration file in the following locations:
| Operating System | Path |
|---|---|
| Linux / Unix |
$XDG_CONFIG_HOME/amass/config.ini or $HOME/.config/amass/config.ini
|
| Windows | %AppData%\amass\config.ini |
| OSX | $HOME/Library/Application Support/amass/config.ini |
These are good places for you to put your configuration file.
Note that these locations are based on the output directory. If you use the -dir flag, the location where Amass will try to discover the configuration file will change. For example, if you pass in -dir ./my-out-dir, Amass will try to discover a configuration file in ./my-out-dir/config.ini.
| Option | Description |
|---|---|
| mode | Determines which mode the enumeration is performed in: default, passive or active |
| output_directory | The directory that stores the graph database and other output files |
| maximum_dns_queries | The maximum number of concurrent DNS queries that can be performed |
| include_unresolvable | When set to true, causes DNS names that did not resolve to be printed |
| Option | Description |
|---|---|
| address | IP address or range (e.g. a.b.c.10-245) that is in scope |
| asn | ASN that is in scope |
| cidr | CIDR (e.g. 192.168.1.0/24) that is in scope |
| port | Specifies a port to be used when actively pulling TLS certificates |
| Option | Description |
|---|---|
| resolver | The IP address of a DNS resolver and used globally by the amass package |
| score_resolvers | Toggle resolver reliability scoring |
| monitor_resolver_rate | Toggle resolver rate monitoring |
| Option | Description |
|---|---|
| domain | A root DNS domain name to be added to the enumeration scope |
| Option | Description |
|---|---|
| subdomain | A DNS subdomain name to be considered out of scope during the enumeration |
| Option | Description |
|---|---|
| enabled | When set to true, brute forcing is performed during the enumeration |
| recursive | When set to true, brute forcing is performed on discovered subdomain names as well |
| minimum_for_recursive | Number of discoveries made in a subdomain before performing recursive brute forcing |
| wordlist_file | Path to a custom wordlist file to be used during the brute forcing |
| Option | Description |
|---|---|
| enabled | When set to true, permuting resolved DNS names is performed during the enumeration |
| minimum_for_word_flip | Number of times a word must be seen before using it for future word flips and word additions |
| edit_distance | Number of times an edit operation will be performed on a name sample during fuzzy label searching |
| flip_words | When set to true, causes words in DNS names to be exchanged for others in the alteration word list |
| flip_numbers | When set to true, causes numbers in DNS names to be exchanged for other numbers |
| add_words | When set to true, causes other words in the alteration word list to be added to resolved DNS names |
| add_numbers | When set to true, causes numbers to be added and removed from resolved DNS names |
| wordlist_file | Path to a custom wordlist file that provides additional words to the alteration word list |
Each Amass data source service can have a dedicated configuration file section. The section is named just as in the output from the 'amass enum -list' command.
This is how data sources can be configured that have authentication requirements.
| Option | Description |
|---|---|
| apikey | The API key to be used when accessing the data source |
| secret | An additional secret to be used with the API key |
| username | User for the data source account |
| password | Valid password for the user identified by the 'username' option |
| Option | Description |
|---|---|
| data_source | One of the Amass data sources that is not to be used during the enumeration |
| Option | Description |
|---|---|
| url | URL in the form of "ws://host:port" where Amass will connect to a TinkerPop database |
| username | User of the TinkerPop database server that can access the Amass graph database |
| password | Valid password for the user identified by the 'username' option |