boh · September 23, 2020 19:21 · Sep 23, 2020
diff --git a/Amass Config b/Amass Config
@@ -0,0 +1,233 @@
+# Copyright 2017-2020 Jeff Foley. All rights reserved.
+# Use of this source code is governed by Apache 2 LICENSE that can be found in the LICENSE file.
+
+# Should results only be collected passively and without DNS resolution? Not recommended.
+#mode = passive
+mode = active
+
+# The directory that stores the Cayley graph database and other output files
+# The default for Linux systems is: $HOME/.config/amass
+#output_directory = amass
+
+# Another location (directory) where the user can provide ADS scripts to the engine.
+scripts_directory =/root/tools/scripts/
+
+# The maximum number of DNS queries that can be performed concurrently during the enumeration.
+#maximum_dns_queries = 20000
+
+# DNS resolvers used globally by the amass package.
+#[resolvers]
+#monitor_resolver_rate = true
+#resolver = 1.1.1.1 ; Cloudflare
+#resolver = 8.8.8.8 ; Google
+#resolver = 64.6.64.6 ; Verisign
+#resolver = 74.82.42.42 ; Hurricane Electric
+#resolver = 1.0.0.1 ; Cloudflare Secondary
+#resolver = 8.8.4.4 ; Google Secondary
+#resolver = 64.6.65.6 ; Verisign Secondary
+#resolver = 77.88.8.1 ; Yandex.DNS Secondary
+
+#[scope]
+# The network infrastructure settings expand scope, not restrict the scope.
+# Single IP address or range (e.g. a.b.c.10-245)
+#address = 192.168.1.1
+#cidr = 192.168.1.0/24
+#asn = 26808
+port = 80
+port = 443
+port = 8080
+
+# Root domain names used in the enumeration. The findings are limited by the root domain names provided.
+#[scope.domains]
+#domain = owasp.org
+#domain = appsecusa.org
+#domain = appsec.eu
+#domain = appsec-labs.com
+
+# Are there any subdomains that are out of scope?
+#[scope.blacklisted]
+#subdomain = education.appsec-labs.com
+#subdomain = 2012.appsecusa.org
+
+# The graph database discovered DNS names, associated network infrastructure, results from data sources, etc.
+# This information is then used in future enumerations and analysis of the discoveries.
+#[graphdbs]
+#local_database = true ; Set this to false to disable use of the local database.
+
+# postgres://[username:password@]host[:port]/database-name?sslmode=disable of the PostgreSQL 
+# database and credentials. Sslmode is optional, and can be disable, require, verify-ca, or verify-full.
+#[graphdbs.postgres]
+#primary = false ; Specify which graph database is the primary db, or the local database will be selected.
+#url = "postgres://[username:password@]host[:port]/database-name?sslmode=disable"
+#options="connect_timeout=10"
+
+# MqSQL database and credentials URL format:
+# [username:password@]tcp(host[:3306])/database-name?timeout=10s
+#[graphdbs.mysql]
+#url = [username:password@]tcp(host[:3306])/database-name?timeout=10s
+
+# Settings related to DNS name brute forcing.
+#[bruteforce]
+#enabled = true
+#recursive = true
+# Number of discoveries made in a subdomain before performing recursive brute forcing: Default is 1.
+#iminimum_for_recursive = 1
+#wordlist_file =/root/50-wordlists/commonspeak2-wordlists/subdomains/subdomains.txt
+#wordlist_file = /usr/share/wordlists/all.txt # multiple lists can be used
+
+# Would you like to permute resolved names?
+[alterations]
+enabled = true
+# edit_distance specifies the number of times a primitive edit operation will be
+# performed on a name sample during fuzzy label searching.
+edit_distance = 1 ; Setting this to zero will disable this expensive feature.
+flip_words = true   # test-dev.owasp.org -> test-prod.owasp.org
+flip_numbers = true # test1.owasp.org -> test2.owasp.org
+add_words = true    # test.owasp.org -> test-dev.owasp.org
+add_numbers = true  # test.owasp.org -> test1.owasp.org
+# Multiple lists can be used.
+#wordlist_file = /usr/share/wordlists/all.txt
+#wordlist_file = /usr/share/wordlists/all.txt
+
+[data_sources]
+# When set, this time-to-live is the minimum value applied to all data source caching.
+minimum_ttl = 1440 ; One day
+
+# Are there any data sources that should be disabled?
+#[data_sources.disabled]
+#data_source = Ask
+#data_source = Exalead
+#data_source = IPv4Info
+
+# Provide data source configuration information.
+# See the following format:
+#[data_sources.SOURCENAME] ; The SOURCENAME must match the name in the data source implementation.
+#ttl = 4320 ; Time-to-live value sets the number of minutes that the responses are cached.
+# Unique identifier for this set of SOURCENAME credentials.
+# Multiple sets of credentials can be provided and will be randomly selected.
+#[data_sources.SOURCENAME.CredentialSetID]
+#apikey = ; Each data source uses potentially different keys for authentication.
+#secret = ; See the examples below for each data source.
+#username =
+#password =
+
+#[data_sources.AlienVault]
+#[data_sources.AlienVault.Credentials]
+#apikey =
+
+[data_sources.BinaryEdge]
+ttl = 10080
+[data_sources.BinaryEdge.Credentials]
+apikey = 
+
+#[data_sources.C99]
+#ttl = 4320
+#[data_sources.C99.account1]
+#apikey=
+#[data_sources.C99.account2]
+#apikey=
+
+[data_sources.Censys]
+ttl = 10080
+[data_sources.Censys.Credentials]
+apikey = 
+secret = 
+
+[data_sources.Chaos]
+ttl = 4320
+[data_sources.Chaos.Credentials]
+apikey= 
+
+#[data_sources.Cloudflare]
+#[data_sources.Cloudflare.Credentials]
+#apikey=
+
+#[data_sources.CIRCL]
+#[data_sources.CIRCL.Credentials]
+#username =
+#password =
+
+#[data_sources.DNSDB]
+#ttl = 4320
+#[data_sources.DNSDB.Credentials]
+#apikey =
+
+# Look here for how to obtain the Facebook credentials:
+# https://goldplugins.com/documentation/wp-social-pro-documentation/how-to-get-an-app-id-and-secret-key-from-facebook/
+#[data_sources.FacebookCT]
+#ttl = 4320
+#[data_sources.FacebookCT.app1]
+#apikey=
+#secret=
+#[data_sources.FacebookCT.app2]
+#apikey=
+#secret=
+
+[data_sources.GitHub]
+ttl = 4320
+[data_sources.GitHub.accountname]
+apikey = 
+
+#[data_sources.NetworksDB]
+#[data_sources.NetworksDB.Credentials]
+#apikey =
+
+#[data_sources.PassiveTotal]
+#ttl = 10080
+#[data_sources.PassiveTotal.Credentials]
+#username =
+#apikey =
+
+#[data_sources.ReconDev]
+[data_sources.ReconDev.free]
+apikey = 
+#[data_sources.ReconDev.paid]
+#apikey = 
+
+#[data_sources.SecurityTrails]
+#ttl = 1440
+#[data_sources.SecurityTrails.Credentials]
+#apikey =
+
+[data_sources.Shodan]
+ttl = 10080
+[data_sources.Shodan.Credentials]
+apikey = 
+
+[data_sources.Spyse]
+ttl = 4320
+[data_sources.Spyse.Credentials]
+apikey = 
+
+# Provide your Twitter App Consumer API key and Consumer API secrety key
+#[data_sources.Twitter]
+#[data_sources.Twitter.account1]
+#apikey =
+#secret =
+#[data_sources.Twitter.account2]
+#apikey =
+#secret =
+
+# The apikey must be an API access token created through the Investigate management UI
+#[data_sources.Umbrella]
+#[data_sources.Umbrella.Credentials]
+#apikey =
+
+# URLScan can be used without an API key, but the key allows new submissions to be made
+[data_sources.URLScan]
+[data_sources.URLScan.Credentials]
+apikey = 
+
+#[data_sources.VirusTotal]
+#ttl = 10080
+#[data_sources.VirusTotal.Credentials]
+#apikey =
+
+#[data_sources.WhoisXML]
+#[data_sources.WhoisXML.Credentials]
+#apikey= 
+
+#[data_sources.ZETAlytics]
+#ttl = 1440
+#[data_sources.ZETAlytics.Credentials]
+#apikey=