title | path | category | usecase | release |
---|---|---|---|---|
Amass |
scanner/Amass |
scanner |
Subdomain Scanner |
The OWASP Amass Project has developed a tool to help information security professionals perform network mapping of attack surfaces and perform external asset discovery using open source information gathering and active reconnaissance techniques.
This repository contains a self contained µService utilizing the Amass Subdomain Scanner for the secureCodeBox project. To learn more about the Amass scanner itself visit OWASP_Amass_Project or Amass GitHub.
To hand over supported parameters through api usage, you can set following attributes:
[
{
"name": "amass",
"context": "some Context",
"target": {
"name": "targetName",
"location": "http://your-target.com/",
"attributes": {
"NO_DNS": "[true | false]"
}
}
}
]
Example configuration:
[
{
"name": "amass",
"context": "Example Test",
"target": {
"name": "example.com",
"location": "example.com",
"attributes": {}
}
}
]
Example Output:
{
"findings": [
{
"id":"c834c9cb-c3a6-4983-41bd-70df4dd4e5a8",
"name":"www.example.com",
"description":"Found subdomain www.example.com",
"category":"Subdomain",
"osi_layer":"NETWORK",
"severity":"INFORMATIONAL",
"reference":{},
"attributes":{
"ADDRESSES":[],
"DOMAIN":"https://www.example.com/",
"NAME":"www.example.com",
"SOURCE":"Google",
"Tag":"scrape"
},
"location":"www.example.com",
"false_positive":false
},
{
"id":"33e8da26-f8cb-4a09-a90c-44823320b868",
"name":"gitlab.example.com",
"description":"Found subdomain gitlab.example.com",
"category":"Subdomain",
"osi_layer":"NETWORK",
"severity":"INFORMATIONAL",
"reference":{},
"attributes":{
"ADDRESSES":[],
"DOMAIN":"https://gitlab.example.com/",
"NAME":"gitlab.example.com",
"SOURCE":"Google",
"Tag":"scrape"
},
"location":"gitlab.example.com",
"false_positive":false
}
]
}
To configure this service specify the following environment variables:
Environment Variable | Value Example |
---|---|
ENGINE_ADDRESS | http://engine |
ENGINE_BASIC_AUTH_USER | username |
ENGINE_BASIC_AUTH_PASSWORD | 123456 |
- Clone the repo into your $GOPATH
- Run
go build main.go
to compile - Execute the compiled
./main
file
To build the docker container run: docker build -t IMAGE_NAME:LABEL .