@caffix caffix released this Jun 15, 2018 · 144 commits to master since this release

Assets 10

Refactored the data source modules in order to simplify the code and make is easier for others to contribute to the project.

Decoupled the services within the enumeration engine by employing an event bus. This way, services respond to events of interest and publish events without knowledge of other services.

Added a purely passive mode of execution for the CLI and the package/library.

Added 2 new data sources to help bring an even larger number of results:

IPv4info
Entrust Certificate Transparency Search

This now brings Amass up to 32 data sources being accessed for subdomain names.

@caffix caffix released this Jun 3, 2018 · 154 commits to master since this release

Assets 10

Major version change: The output structure returned by the package has changed, which makes this version incompatible with previous versions.

Amass now stores the DNS and infrastructure enumeration data in graphs, which can include the Neo4j graph database! If you have permission to share the visualizations that are easily generated by Neo4j, then lets see how organizations look on the Internet!

Names returned by Amass can now have multiple IP addresses and additional related infrastructure information associated with them.

@caffix caffix released this May 3, 2018 · 155 commits to master since this release

Assets 2

Updated/fixed the Maltego local transform code

Improved the consistency between flag names

Otherwise, no major changes between v1.5.1 and v1.5.2.

@caffix caffix released this Apr 28, 2018 · 156 commits to master since this release

Assets 10

Update: The 'active' flag will now cause all active information gathering techniques to be used. This includes DNS zone transfer attempts and actively pulling TLS certificates from specified ports

Added a useful subdomain name word list: subdomains.lst

Added 2 new data sources to help bring an even larger number of results:

  • DNSDB
  • Threat Miner

This now brings Amass up to 23 data sources being scraped for subdomain names.

@caffix caffix released this Apr 26, 2018 · 157 commits to master since this release

Assets 10

Feature Add: All data collected during the enumeration can now be save in JSON format

Feature Add: An additional flag ('axfr') can now be used to indicate that DNS zone transfers should be attempted

Added 4 new data sources to help bring an even larger number of results:

  • Cert Spotter
  • EXALEAD
  • Riddler
  • Site Dossier

Improved the use of Robtex services by employing their free passive DNS API.

@caffix caffix released this Apr 10, 2018 · 167 commits to master since this release

Assets 10

Feature Add: sudomains can now be blacklisted from the enumeration

Feature Add: recursive brute forcing can be triggered on a subdomain after making a minimum number of discoveries

The output channel provided through the configuration is now closed by the StartEnumeration function to signal the caller of completion

Other fixes have been made in response to issues posted and tweets. I appreciate all the feedback being provided by users

@caffix caffix released this Apr 6, 2018 · 172 commits to master since this release

Assets 10

Updated the CLI for the tool (check the help information)

Added 4 new data sources to help bring you the greatest number of results:

  • Hacker Target
  • PTRarchive
  • FindSubDomains.com
  • CertDB.com

Each of these new data sources bring a large number of results to amass.

Your own DNS resolvers can now be specified on the command-line or by text file.

Also made some fixes discovered by users. Thank you for the excellent feedback!

@caffix caffix released this Apr 3, 2018 · 173 commits to master since this release

Assets 10

Important fixes and performance enhancements

Added the new Cloudflare DNS resolver to the list

Added color output for easier reading of the results

Removed IP address ranges from the configuration

  • The individual IPs are provided instead, which can be obtained by using the amass.RangeHosts function