Skip to content

Instantly share code, notes, and snippets.

@six2dez
Created June 6, 2024 08:16
Show Gist options
  • Save six2dez/b376488a1317242bfa3851e95875cb3b to your computer and use it in GitHub Desktop.
Save six2dez/b376488a1317242bfa3851e95875cb3b to your computer and use it in GitHub Desktop.
amass v3 config.ini
# Copyright © by Jeff Foley 2017-2023. All rights reserved.
# Use of this source code is governed by Apache 2 LICENSE that can be found in the LICENSE file.
# SPDX-License-Identifier: Apache-2.0
# Should results only be collected passively and without DNS resolution? Not recommended.
#mode = passive
# Would you like to use active techniques that communicate directly with the discovered assets,
# such as pulling TLS certificates from discovered IP addresses and attempting DNS zone transfers?
#mode = active
# The directory that stores the Cayley graph database and other output files
# The default for Linux systems is: $HOME/.config/amass
#output_directory = amass
# Another location (directory) where the user can provide ADS scripts to the engine.
#scripts_directory =
# The maximum number of DNS queries that can be performed concurrently during the enumeration.
#maximum_dns_queries = 20000
# DNS resolvers used globally by the amass package.
#[resolvers]
#resolver = 1.1.1.1 ; Cloudflare
#resolver = 8.8.8.8 ; Google
#resolver = 64.6.64.6 ; Verisign
#resolver = 74.82.42.42 ; Hurricane Electric
#resolver = 1.0.0.1 ; Cloudflare Secondary
#resolver = 8.8.4.4 ; Google Secondary
#resolver = 64.6.65.6 ; Verisign Secondary
#resolver = 77.88.8.8 ; Yandex.DNS Secondary
[scope]
# The network infrastructure settings expand scope, not restrict the scope.
# Single IP address or range (e.g. a.b.c.10-245)
#address = 192.168.1.1
#cidr = 192.168.1.0/24
#asn = 26808
port = 80
port = 443
#port = 8080
#port = 8443
# Root domain names used in the enumeration. The findings are limited by the root domain names provided.
#[scope.domains]
#domain = owasp.org
#domain = appsecusa.org
#domain = appsec.eu
#domain = appsec-labs.com
# Are there any subdomains that are out of scope?
#[scope.blacklisted]
#subdomain = education.appsec-labs.com
#subdomain = 2012.appsecusa.org
# The graph database discovered DNS names, associated network infrastructure, results from data sources, etc.
# This information is then used in future enumerations and analysis of the discoveries.
#[graphdbs]
# postgres://[username:password@]host[:port]/database-name?sslmode=disable of the PostgreSQL
# database and credentials. Sslmode is optional, and can be disable, require, verify-ca, or verify-full.
#[graphdbs.postgres]
#primary = false ; Specify which graph database is the primary db, or the local database will be selected.
#url = "postgres://[username:password@]host[:port]/database-name?sslmode=disable"
#options="connect_timeout=10"
# MySQL database and credentials URL format:
# [username:password@]tcp(host[:3306])/database-name?timeout=10s
#[graphdbs.mysql]
#url = [username:password@]tcp(host[:3306])/database-name?timeout=10s
# Settings related to DNS name brute forcing.
#[bruteforce]
#enabled = true
#recursive = true
# Number of discoveries made in a subdomain before performing recursive brute forcing: Default is 1.
#minimum_for_recursive = 1
#wordlist_file = /usr/share/wordlists/all.txt
#wordlist_file = /usr/share/wordlists/all.txt # multiple lists can be used
# Would you like to permute resolved names?
#[alterations]
#enabled = true
# edit_distance specifies the number of times a primitive edit operation will be
# performed on a name sample during fuzzy label searching.
#edit_distance = 1 ; Setting this to zero will disable this expensive feature.
#flip_words = true # test-dev.owasp.org -> test-prod.owasp.org
#flip_numbers = true # test1.owasp.org -> test2.owasp.org
#add_words = true # test.owasp.org -> test-dev.owasp.org
#add_numbers = true # test.owasp.org -> test1.owasp.org
# Multiple lists can be used.
#wordlist_file = /usr/share/wordlists/all.txt
#wordlist_file = /usr/share/wordlists/all.txt
[data_sources]
# When set, this time-to-live is the minimum value applied to all data source caching.
minimum_ttl = 1440 ; One day
# Are there any data sources that should be disabled?
#[data_sources.disabled]
#data_source = Ask
#data_source = Bing
# Provide data source configuration information.
# See the following format:
#[data_sources.SOURCENAME] ; The SOURCENAME must match the name in the data source implementation.
#ttl = 4320 ; Time-to-live value sets the number of minutes that the responses are cached.
# Unique identifier for this set of SOURCENAME credentials.
# Multiple sets of credentials can be provided and will be randomly selected.
#[data_sources.SOURCENAME.CredentialSetID]
#apikey = ; Each data source uses potentially different keys for authentication.
#secret = ; See the examples below for each data source.
#username =
#password =
# https://passivedns.cn (Contact)
#[data_sources.360PassiveDNS]
#[data_sources.360PassiveDNS.Credentials]
#apikey =
# https://asnlookup.com (Free)
#[data_sources.ASNLookup]
#[data_sources.ASNLookup.Credentials]
#apikey =
# https://ahrefs.com (Paid)
#[data_sources.Ahrefs]
#ttl = 4320
#[data_sources.Ahrefs.Credentials]
#apikey =
# https://otx.alienvault.com (Free)
#[data_sources.AlienVault]
#[data_sources.AlienVault.Credentials]
#apikey =
# https://bevigil.com/osint-api
# [data_sources.BeVigil]
# [data_sources.BeVigil.Credentials]
# apikey =
# https://bigdatacloud.com (Free)
#[data_sources.BigDataCloud]
#[data_sources.BigDataCloud.Credentials]
#apikey =
# https://app.binaryedge.com (Paid/Free-trial)
#[data_sources.BinaryEdge]
#ttl = 10080
#[data_sources.BinaryEdge.Credentials]
#apikey =
# https://tls.bufferover.run (Freemium)
#[data_sources.BufferOver]
#[data_sources.BufferOver.Credentials]
#apikey =
# https://builtwith.com (Paid/Free-trial)
#[data_sources.BuiltWith]
#ttl = 10080
#[data_sources.BuiltWith.Credentials]
#apikey =
# https://c99.nl (Paid)
#[data_sources.C99]
#ttl = 4320
#[data_sources.C99.account1]
#apikey =
#[data_sources.C99.account2]
#apikey =
# https://censys.io (Paid/Free-trial)
#[data_sources.Censys]
#ttl = 10080
#[data_sources.Censys.Credentials]
#apikey =
#secret =
# https://chaos.projectdiscovery.io (Invite-Only)
#[data_sources.Chaos]
#ttl = 4320
#[data_sources.Chaos.Credentials]
#apikey =
# https://circl.lu (Contact)
# Access to CIRCL Passive DNS is only allowed to trusted partners in Luxembourg and abroad.
# Contact http://services.circl.lu/contact/ if you would like access.
# Include your affiliation and the foreseen use of the Passive DNS data.
#[data_sources.CIRCL]
#[data_sources.CIRCL.Credentials]
#username =
#password =
# https://www.digicert.com/tls-ssl/certcentral-tls-ssl-manager (Free)
# CertCentral username is the account ID (account number)
#[data_sources.CertCentral]
#[data_sources.CertCentral.Credentials]
#username =
#apikey =
# https://dnsdb.info (Paid)
#[data_sources.DNSDB]
#ttl = 4320
#[data_sources.DNSDB.Credentials]
#apikey =
# https://dnslytics.com (Paid)
#[data_sources.DNSlytics]
#[data_sources.DNSlytics.Credentials]
#apikey =
# https://dnsrepo.noc.org (Paid)
#[data_sources.DNSRepo]
#[data_sources.DNSRepo.Credentials]
#apikey =
# https://deepinfo.com (Paid/Free-Trial)
#[data_sources.Deepinfo]
#[data_sources.Deepinfo.Credentials]
#apikey =
# https://detectify.com (Paid)
#[data_sources.Detectify]
#[data_sources.Detectify.Credentials]
#apikey =
# https://developer.facebook.com (Free)
# Look here for how to obtain the Facebook credentials:
# https://goldplugins.com/documentation/wp-social-pro-documentation/how-to-get-an-app-id-and-secret-key-from-facebook/
#[data_sources.FacebookCT]
#ttl = 4320
#[data_sources.FacebookCT.app1]
#apikey =
#secret =
#[data_sources.FacebookCT.app2]
#apikey =
#secret =
# https://fofa.info (Paid)
#[data_sources.FOFA]
#ttl = 10080
#[data_sources.FOFA.Credentials]
#username =
#apikey =
# https://fullhunt.io (Free)
#[data_sources.FullHunt]
#[data_sources.FullHunt.Credentials]
#apikey =
# https://github.com (Free)
#[data_sources.GitHub]
#ttl = 4320
#[data_sources.GitHub.accountname]
#apikey =
# https://gitlab.com (Free)
# GitLab apikey is the personal access token with at least read_repository or api scope
#[data_sources.GitLab]
#ttl = 4320
#[data_sources.GitLab.accountname]
#apikey =
# https://hackertarget.com (Paid/Free)
#[data_sources.HackerTarget]
#ttl = 1440
#[data_sources.HackerTarget.Credentials]
#apikey =
# https://hunter.io (Paid/Free-trial)
#[data_sources.Hunter]
#[data_sources.Hunter.Credentials]
#apikey =
# https://intelx.io (Freemium)
#[data_sources.IntelX]
#[data_sources.IntelX.Credentials]
#apikey =
# https://ipdata.co (Free)
#[data_sources.IPdata]
#[data_sources.IPdata.Credentials]
#apikey =
# https://ipinfo.io (Paid/Free-trial)
#[data_sources.IPinfo]
#[data_sources.IPinfo.Credentials]
#apikey =
# https://leakix.net (Free)
#[data_sources.LeakIX]
#[data_sources.LeakIX.Credentials]
#apikey =
# https://netlas.io (Free)
#[data_sources.Netlas]
#[data_sources.Netlas.Credentials]
#apikey =
# https://onyphe.io (Free)
#[data_sources.ONYPHE]
#ttl = 4320
#[data_sources.ONYPHE.Credentials]
#apikey =
# https://psbdmp.ws (Free)
#[data_sources.Pastebin]
#ttl = 10080
#[data_sources.Pastebin.Credentials]
#apikey =
# https://www.riskiq.com/products/passivetotal (Paid/Free-trial)
#[data_sources.PassiveTotal]
#ttl = 10080
#[data_sources.PassiveTotal.Credentials]
#username =
#apikey =
# https://pentest-tools.com (Paid)
#[data_sources.PentestTools]
#ttl = 10080
#[data_sources.PentestTools.Credentials]
#apikey =
# https://publicwww.com (Free)
#[data_sources.PublicWWW]
#ttl = 10080
#[data_sources.PublicWWW.Credentials]
#apikey =
# https://quake.360.cn (Paid)
#[data_sources.Quake]
#ttl = 4320
#[data_sources.Quake.Credentials]
#apikey =
# https://socradar.io (Paid)
# This requires a SOCRadar ThreatFusion API key, which is different from a general SOCRadar API key.
# To obtain it, contact the SOCRadar operation team via [email protected]
#[data_sources.SOCRadar]
#[data_sources.SOCRadar.Credentials]
#apikey =
# https://securitytrails.com (Paid/Free-trial)
#[data_sources.SecurityTrails]
#ttl = 1440
#[data_sources.SecurityTrails.Credentials]
#apikey =
# https://shodan.io (Paid/Free-trial)
#[data_sources.Shodan]
#ttl = 10080
#[data_sources.Shodan.Credentials]
#apikey =
# https://spamhaus.com (Freemium)
#[data_sources.Spamhaus]
#ttl = 1440
#[data_sources.Spamhaus.Credentials]
#username =
#password =
# https://threatbook.cn (Paid)
#[data_sources.ThreatBook]
#[data_sources.ThreatBook.account1]
#apikey=
# https://urlscan.io (Paid/Free-trial)
# URLScan can be used without an API key, but the key allows new submissions to be made
#[data_sources.URLScan]
#[data_sources.URLScan.Credentials]
#apikey =
# https://virustotal.com (Paid/Free-trial)
#[data_sources.VirusTotal]
#ttl = 10080
#[data_sources.VirusTotal.Credentials]
#apikey =
# https://whoisxmlapi.com (Paid/Free-trial)
#[data_sources.WhoisXMLAPI]
#[data_sources.WhoisXMLAPI.Credentials]
#apikey =
# https://yandex.com/dev/xml/ (Free)
# Restrictions and requirements: https://yandex.com/dev/xml/doc/dg/concepts/restrictions-new.html
#[data_sources.Yandex]
#ttl = 1440
#[data_sources.Yandex.Credentials]
#username =
#apikey =
# https://zetalytics.com (Paid/Invite-Only)
#[data_sources.ZETAlytics]
#ttl = 1440
#[data_sources.ZETAlytics.Credentials]
#apikey =
# https://zoomeye.org (Free)
#[data_sources.ZoomEye]
#ttl = 1440
#[data_sources.ZoomEye.Credentials]
#username =
#password =
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment