Saturday, April 25, 2020

HackersArsenal 0x01 - AMASS - Automated SubDomain Enumeration and Reconnaissance (Full walk-though)

Today on Hacker's Arsenal, We explore a tool that automates reconnaissance for us find interesting assets like servers, web applications, domains that belong to our target organisation -- to greatly increase the probability of finding vulnerabilities.....for us to add to our arsenal.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 "Hacker\'s Arsenal" Episode 0x01
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 

Each week we will discuss a new hacker tool; some well known, some underground. I will show you how to obtain them, and demonstrate when and how to use it. However, before we start stockpiling, we need a solid foundation. 

[Category] Reconnaissance 
[Difficulty] Easy 
[Requirements] Working Windows10 


### AMASS ###


[Steps]
  • Download Amass https://github.com/OWASP/Amass/releases
  • Extract to 'c:\tools\amass'
  • alias amass='"/mnt/c/tools/amass/amass.exe"'
  • echo !! << ~/.bashrc
  • source ~/.bashrc
  • ln -s /mnt/c/tools/ ~/tools
  • cd ~/tools
  • cd amass
  • amass enum -active -brute -o Domain.text -d Domain.com

I am looking for feedback and will respond to your comments! If you have a hacking tool that you use on almost every engagement, bug bounty campaign, or if you are a tool author -- Let me know! I might highlight it here and will give you credit! :) Also, if you downvote this video, please let me know why, I will make sure I make necessary changes for future videos. 

Follow me on Twitter: https://twitter.com/hevnsnt 

[Links] 
https://youtu.be/d_bkqz_k0jI (Kali on Windows10 Walkthrough video) 

[Audio] 

Background: Rotten Dirty Sinky Vegas Steak ||Electro House Mix by AliKat https://www.mixcloud.com/alikat/rotten-dirty-stinky-vegas-steak/

No comments:

Post a Comment

HackersArsenal 0x01 - AMASS - Automated SubDomain Enumeration and Reconnaissance (Full walk-though)

Today on Hacker's Arsenal, We explore a tool that automates reconnaissance for us find interesting assets like servers, web applications...