TheOWASPAmassProjectDNSEnumerationwritteninGoSeptember6,2018PresentedbyJeffFoley

Introduction

•  JeffFoley(a.k.acaffix),ProjectLeadforOWASPAmass

•  USManager,PenetrationTesting&RedTeamingatNationalGrid

•  https://github.com/caffix•  https://twitter.com/jeff_foley

WhatisAmass?•  DNSenumerationandnetworkmappingtoaidin

understandinganorganization’sattacksurfaceontheInternet

•  Theprojectprovidesasuiteoftoolsthatemployactiveandpassivetechniques:–  Traditionalsubdomainenumerator–  Maltegolocaltransform–  TLScertificatesubdomainnamegrabber–  Morecomingsoon

•  Amassalsosupportsthevisualizationoffindingstobetterunderstandthenetworksbeinginvestigated.

GettingAmass•  OnLinux,AmassiseasytogetwithSnapcraft:

$sudosnapinstallamass

•  Usedocker:$sudodockerbuild–tamasshttps://github.com/OWASP/Amass.git$sudodockerrunamass–v–ip–freq480–dowasp.org

•  UseGotoinstallAmass:$goget–ugithub.com/OWASP/Amass/…

Collaboration/CurrentGoals

•  KeepingupwithnewdatasourcesandpossiblyaddservicesthatrequireAPIkeys

•  Addsupportforadditionalpackagemanagers•  ContinueturningAmassfunctionalitiesintosmallersuitetools.

LessonsLearned

•  OneoflargestAmasscontributionsisthe“Alt&Sweep”technique– Alterations&permutationsofnames(AltDNS)–  ReverseDNSsweepsarounddiscoveredIPaddresses–  Inacyclicrelationship,additionalnetworkinfrastructureisrevealed

•  Duringthelifeoftheproject,manydatasourceshaveincreasedthenumberofnamesprovided.

Demonstration

•  Theowasp.orgenumeration:https://asciinema.org/a/P2kuxzy164LgCfc8uL2YtCMoM

•  Thefb.comenumeration:https://asciinema.org/a/v6B1qdMRILRUflpkwRPhvCTaY

DemonstrationCont.

DemonstrationCont.

DemonstrationCont.

Thankyou!

Questions?