Episode 8 - Show Notes

Listen to this episode8 - Domain and Network Recon using Amass - Mapping the Attack Surface
amass overviewhttps://danielmiessler.com/study/amass/
Query the ASN based on the organization nameamass intel -org "Victoria College
Query domains that reside within a specified ASNamass intel -asn 62912
A reverse whois query to find related domainsamass intel -d victoriacollege.edu -whois
Query domains that reside on a specified CIDR networkamass intel -cidr 74.200.132.0/24
Passive subdomain scanamass enum -passive -d owasp.org
Standard active queryamass enum -src -ipv4 -d owasp.org
Bruteforce subdomains with a custom wordlistamass enum -d owasp.org -brute -src -ip -active wordlist.txt | tee /tmp/amass.txt
Track changes to a given parent domainamass track -d owasp.org
Query database for previous scansamass db -list
amass db -enum 1 -show
Create visulizationamass viz -d3 -o /Path/To/Output/