Unlocking the Full Potential of Amass [Part-1]
A Comprehensive Guide for Proper Configuration of Amass 4.2.0
Hello Hackers, In this Artical I am gonna walk you through the process of configuring Amass for optimal performance. Discover how to fine-tune settings & leverage advanced techniques to expand its capabilities beyond default configurations. Whether you’re a cybersecurity enthusiast or a seasoned professional, My step-by-step instructions will empower you to maximize your reconnaissance efforts with Amass. so be with me, lets Go.!
What is Amass?
Amass is an open-source reconnaissance tool used in cybersecurity. It’s designed to help discover and map network infrastructure, finding domains, subdomains, and other related data to aid in security assessments and investigations.
Transitioning from the older config.ini to the newer config.yaml and datasources.yaml in Amass can be daunting. In this article, I’ll guide you through the process, providing clear instructions to configure Amass effectively and unlock its full potential for reconnaissance purposes.
I’ll strive to keep this walkthrough concise and easily understandable.!
Steps:
1. Installing amass:
I’m using Kali Linux OS, so it’s easy to install:
sudo apt update && sudo apt install amass
2. Configuration
Open Your Terminal And Follow the steps.
2.1 Navigate to the root configuration directory:
cd /root/.config
Create a new directory named amass:
mkdir amass #Remove If it's Already Created
Navigate to the newly created amass directory
cd amass
2.2 Config.yaml Installation
Now we have to download the config.yaml file. Which is very important for us to run Amass flawlessly,, I’m using the wget command. This command fetches the file from a specified URL and saves it to your current directory.
wget https://raw.githubusercontent.com/sahil3276/Amass_Config/main/config.yaml
When you open the config.yaml file, you’ll notice that downloading certain wordlists and resolvers is necessary for Amass to run smoothly.
Don’t worry about it. Here are the commands you need to paste into your terminal, and you’re good to go.
3. Wordlists Installation
3.1 resolvers.txt Install
Create a new directory named examples within the /root/.config directory
mkdir /root/.config/examples
Change the current working directory to the newly created examples directory
cd /root/.config/examples
Download the resolvers.txt file from the specified URL
wget https://raw.githubusercontent.com/sahil3276/Amass_Config/main/resolvers.txt
3.2 deepmagic.com_top50kprefixes.txt Install
Create a new directory named wordlists within the /root/.config/amass directory
mkdir /root/.config/amass/wordlists
Change the current working directory to the newly created wordlists directory
cd /root/.config/amass/wordlists
Download the deepmagic.com_top50kprefixes.txt file from the specified URL
wget https://raw.githubusercontent.com/sahil3276/Amass_Config/main/deepmagic.com_top50kprefixes.txt
3.3 deepmagic.com_top500prefixes.txt Install
Download the deepmagic.com_top500prefixes.txt file from the specified URL
wget https://raw.githubusercontent.com/sahil3276/Amass_Config/main/deepmagic.com_top500prefixes.txt
3.4 subdomains-top1mil-5000.txt Install
Download the subdomains-top1mil-5000.txt file from the specified URL
wget https://raw.githubusercontent.com/sahil3276/Amass_Config/main/subdomains-top1mil-5000.txt
3.4 subdomains-top1mil-110000.txt Install
Download the subdomains-top1mil-110000.txt file from the specified URL
wget https://raw.githubusercontent.com/sahil3276/Amass_Config/main/subdomains-top1mil-110000.txt
So now we Have reached the 1st stage of Configuring the amass,our config.yaml file is all set. Now, let’s configure the datasources.yaml file
4. datasources.yaml Installation
To unleash Amass’s full potential, we need a datasources.yaml file, which requires API keys for peak performance. I’ll guide you through obtaining the necessary API keys from various platforms to ensure seamless and effective operation. But first, let’s install the datasources.yaml file!
So here i’m in amass directory:
This is the location where we’ve set up our config.yaml file. Now, download the datasources.yaml file using the command below:
Download the datasources.yaml file from the specified URL
wget https://raw.githubusercontent.com/sahil3276/Amass_Config/main/datasources.yaml
Now that the datasources.yaml file is installed, let’s take a look. We need to provide API keys for different platforms. You’ll need to visit each platform, sign up, and obtain your own API keys.
I have compiled a list of websites that provide API keys to users upon signing up. In Part-2, I’ll share the list of domains that offer FREE API keys. You just need to sign up there and obtain your own API key.
If you encounter any difficulties or problems, let me know in the comments.
See You Soon In Part-2
Thanks for your patience.
Sahil Shah.
Get in touch with me here:
Linkedin: https://www.linkedin.com/in/sahilshah3276/
Twitter: https://x.com/sahil3276
Github: https://github.com/sahil3276