the owasp amass project … · introduction • jeff foley (a.k.a caffix), project lead for owasp...
TRANSCRIPT
TheOWASPAmassProjectDNSEnumerationwritteninGoSeptember6,2018PresentedbyJeffFoley
Introduction
• JeffFoley(a.k.acaffix),ProjectLeadforOWASPAmass
• USManager,PenetrationTesting&RedTeamingatNationalGrid
• https://github.com/caffix• https://twitter.com/jeff_foley
WhatisAmass?• DNSenumerationandnetworkmappingtoaidin
understandinganorganization’sattacksurfaceontheInternet
• Theprojectprovidesasuiteoftoolsthatemployactiveandpassivetechniques:– Traditionalsubdomainenumerator– Maltegolocaltransform– TLScertificatesubdomainnamegrabber– Morecomingsoon
• Amassalsosupportsthevisualizationoffindingstobetterunderstandthenetworksbeinginvestigated.
GettingAmass• OnLinux,AmassiseasytogetwithSnapcraft:
$sudosnapinstallamass
• Usedocker:$sudodockerbuild–tamasshttps://github.com/OWASP/Amass.git$sudodockerrunamass–v–ip–freq480–dowasp.org
• UseGotoinstallAmass:$goget–ugithub.com/OWASP/Amass/…
Collaboration/CurrentGoals
• KeepingupwithnewdatasourcesandpossiblyaddservicesthatrequireAPIkeys
• Addsupportforadditionalpackagemanagers• ContinueturningAmassfunctionalitiesintosmallersuitetools.
LessonsLearned
• OneoflargestAmasscontributionsisthe“Alt&Sweep”technique– Alterations&permutationsofnames(AltDNS)– ReverseDNSsweepsarounddiscoveredIPaddresses– Inacyclicrelationship,additionalnetworkinfrastructureisrevealed
• Duringthelifeoftheproject,manydatasourceshaveincreasedthenumberofnamesprovided.
Demonstration
• Theowasp.orgenumeration:https://asciinema.org/a/P2kuxzy164LgCfc8uL2YtCMoM
• Thefb.comenumeration:https://asciinema.org/a/v6B1qdMRILRUflpkwRPhvCTaY
DemonstrationCont.
DemonstrationCont.
DemonstrationCont.
Thankyou!
Questions?