amass_config.ini.default

# Copyright 2017-2020 Jeff Foley. All rights reserved.
# Use of this source code is governed by Apache 2 LICENSE that can be found in the LICENSE file.

# Should results only be collected passively and without DNS resolution? Not recommended.
#mode = passive
# Would you like to use active techniques that communicate directly with the discovered assets, 
# such as pulling TLS certificates from discovered IP addresses and attempting DNS zone transfers?
#mode = active

# The directory that stores the Cayley graph database and other output files
# The default for Linux systems is: $HOME/.config/amass
#output_directory = amass

# Another location (directory) where the user can provide ADS scripts to the engine.
#scripts_directory = 

# The maximum number of DNS queries that can be performed concurrently during the enumeration.
#maximum_dns_queries = 20000

# DNS resolvers used globally by the amass package.
#[resolvers]
#monitor_resolver_rate = true
#resolver = 1.1.1.1 ; Cloudflare
#resolver = 8.8.8.8 ; Google
#resolver = 64.6.64.6 ; Verisign
#resolver = 74.82.42.42 ; Hurricane Electric
#resolver = 1.0.0.1 ; Cloudflare Secondary
#resolver = 8.8.4.4 ; Google Secondary
#resolver = 64.6.65.6 ; Verisign Secondary
#resolver = 77.88.8.1 ; Yandex.DNS Secondary

[scope]
# The network infrastructure settings expand scope, not restrict the scope.
# Single IP address or range (e.g. a.b.c.10-245)
#address = 192.168.1.1
#cidr = 192.168.1.0/24
#asn = 26808
#port = 80
port = 443
#port = 8080

# Root domain names used in the enumeration. The findings are limited by the root domain names provided.
#[scope.domains]
#domain = owasp.org
#domain = appsecusa.org
#domain = appsec.eu
#domain = appsec-labs.com

# Are there any subdomains that are out of scope?
#[scope.blacklisted]
#subdomain = education.appsec-labs.com
#subdomain = 2012.appsecusa.org

# The graph database discovered DNS names, associated network infrastructure, results from data sources, etc.
# This information is then used in future enumerations and analysis of the discoveries.
#[graphdbs]
#local_database = true ; Set this to false to disable use of the local database.

# postgres://[username:password@]host[:port]/database-name?sslmode=disable of the PostgreSQL 
# database and credentials. Sslmode is optional, and can be disable, require, verify-ca, or verify-full.
#[graphdbs.postgres]
#primary = false ; Specify which graph database is the primary db, or the local database will be selected.
#url = "postgres://[username:password@]host[:port]/database-name?sslmode=disable"
#options="connect_timeout=10"

# MqSQL database and credentials URL format:
# [username:password@]tcp(host[:3306])/database-name?timeout=10s
#[graphdbs.mysql]
#url = [username:password@]tcp(host[:3306])/database-name?timeout=10s

# Settings related to DNS name brute forcing.
#[bruteforce]
#enabled = true
#recursive = true
# Number of discoveries made in a subdomain before performing recursive brute forcing: Default is 1.
#minimum_for_recursive = 1
#wordlist_file = /usr/share/wordlists/all.txt
#wordlist_file = /usr/share/wordlists/all.txt # multiple lists can be used

# Would you like to permute resolved names?
#[alterations]
#enabled = true
# edit_distance specifies the number of times a primitive edit operation will be
# performed on a name sample during fuzzy label searching.
#edit_distance = 1 ; Setting this to zero will disable this expensive feature.
#flip_words = true   # test-dev.owasp.org -> test-prod.owasp.org
#flip_numbers = true # test1.owasp.org -> test2.owasp.org
#add_words = true    # test.owasp.org -> test-dev.owasp.org
#add_numbers = true  # test.owasp.org -> test1.owasp.org
# Multiple lists can be used.
#wordlist_file = /usr/share/wordlists/all.txt
#wordlist_file = /usr/share/wordlists/all.txt

[data_sources]
# When set, this time-to-live is the minimum value applied to all data source caching.
minimum_ttl = 1440 ; One day

# Are there any data sources that should be disabled?
#[data_sources.disabled]
#data_source = Ask
#data_source = Exalead
#data_source = IPv4Info

# Provide data source configuration information.
# See the following format:
#[data_sources.SOURCENAME] ; The SOURCENAME must match the name in the data source implementation.
#ttl = 4320 ; Time-to-live value sets the number of minutes that the responses are cached.
# Unique identifier for this set of SOURCENAME credentials.
# Multiple sets of credentials can be provided and will be randomly selected.
#[data_sources.SOURCENAME.CredentialSetID]
#apikey = ; Each data source uses potentially different keys for authentication.
#secret = ; See the examples below for each data source.
#username =
#password =

#https://otx.alienvault.com (Free)
#[data_sources.AlienVault]
#[data_sources.AlienVault.Credentials]
#apikey =

#https://app.binaryedge.com (Free)
#[data_sources.BinaryEdge]
#ttl = 10080
#[data_sources.BinaryEdge.Credentials]
#apikey =

#https://c99.nl (Paid)
#[data_sources.C99]
#ttl = 4320
#[data_sources.C99.account1]
#apikey=
#[data_sources.C99.account2]
#apikey=

#https://censys.io (Free)
#[data_sources.Censys]
#ttl = 10080
#[data_sources.Censys.Credentials]
#apikey =
#secret =

#https://chaos.projectdiscovery.io (Free-InviteOnly)
#[data_sources.Chaos]
#ttl = 4320
#[data_sources.Chaos.Credentials]
#apikey=

#https://cloudflare.com (Free)
#[data_sources.Cloudflare]
#[data_sources.Cloudflare.Credentials]
#apikey=

#Closed Source Invite Only
#[data_sources.CIRCL]
#[data_sources.CIRCL.Credentials]
#username =
#password =

#https://dnsdb.info (Paid)
#[data_sources.DNSDB]
#ttl = 4320
#[data_sources.DNSDB.Credentials]
#apikey =

#https://developer.facebook.com (Free)
# Look here for how to obtain the Facebook credentials:
# https://goldplugins.com/documentation/wp-social-pro-documentation/how-to-get-an-app-id-and-secret-key-from-facebook/
#[data_sources.FacebookCT]
#ttl = 4320
#[data_sources.FacebookCT.app1]
#apikey=
#secret=
#[data_sources.FacebookCT.app2]
#apikey=
#secret=

#https://github.com (Free)
#[data_sources.GitHub]
#ttl = 4320
#[data_sources.GitHub.accountname]
#apikey =

#https://networksdb.io (Free)
#[data_sources.NetworksDB]
#[data_sources.NetworksDB.Credentials]
#apikey =

#https://passivetotal.com (Free)
#[data_sources.PassiveTotal]
#ttl = 10080
#[data_sources.PassiveTotal.Credentials]
#username =
#apikey =

#https://recon.dev (Free)
#[data_sources.ReconDev]
#[data_sources.ReconDev.free]
#apikey = 
#[data_sources.ReconDev.paid]
#apikey = 

#https://securitytrails.com (Free)
#[data_sources.SecurityTrails]
#ttl = 1440
#[data_sources.SecurityTrails.Credentials]
#apikey =

#https://shodan.io (Free)
#[data_sources.Shodan]
#ttl = 10080
#[data_sources.Shodan.Credentials]
#apikey =

#https://spyse.com (Paid/Free-trial)
#[data_sources.Spyse]
#ttl = 4320
#[data_sources.Spyse.Credentials]
#apikey =

#https://developer.twitter.com (Free)
# Provide your Twitter App Consumer API key and Consumer API secrety key
#[data_sources.Twitter]
#[data_sources.Twitter.account1]
#apikey =
#secret =
#[data_sources.Twitter.account2]
#apikey =
#secret =

#https://umbrella.cisco.com (Paid-Enterprise)
# The apikey must be an API access token created through the Investigate management UI
#[data_sources.Umbrella]
#[data_sources.Umbrella.Credentials]
#apikey =

#https://urlscan.io (Free)
# URLScan can be used without an API key, but the key allows new submissions to be made
#[data_sources.URLScan]
#[data_sources.URLScan.Credentials]
#apikey =

#https://virustotal.com (Free)
#[data_sources.VirusTotal]
#ttl = 10080
#[data_sources.VirusTotal.Credentials]
#apikey =

#https://whoisxmlapi.com (Free)
#[data_sources.WhoisXML]
#[data_sources.WhoisXML.Credentials]
#apikey= 

#https://zetalytics.com (Paid)
#[data_sources.ZETAlytics]
#ttl = 1440
#[data_sources.ZETAlytics.Credentials]
#apikey=

#[data_sources.ZoomEye]
#ttl = 1440
#[data_sources.ZoomEye.Credentials]
#apikey=