Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

modifying config.yaml #1040

Open
k0da101 opened this issue Oct 8, 2024 · 1 comment
Open

modifying config.yaml #1040

k0da101 opened this issue Oct 8, 2024 · 1 comment

Comments

@k0da101
Copy link

k0da101 commented Oct 8, 2024
edited
Loading

it may be the most ridiculous Q, but should I comment these default-data in config.yaml or edit on it:

  domains: # domain names to be in scope
    - example.com
  ips: # IP addresses to be in scope, multiple methods of inserting ip addresses can be used
    - 192.0.2.1
    - 192.0.2.2
    - 192.168.0.3-8
    - 192.168.0.10-192.168.0.20
  asns: # ASNs that are to be in scope
    - 1234
    - 5678
  cidrs: # CIDR ranges that are to be in scope
    - 192.0.2.0/24
    - 192.0.2.128/25
  ports: # ports to be used when actively reaching a service
    - 80
    - 443
  blacklist: # subdomains to be blacklisted
    - example.example1.com

I was dealing with it without modifying it, but recently i noticed that it's enumerate on example.com

If someone could refer me to a useful article or whatever for dealing with whole amass configuration I would be grateful.
@anselmomathias
Copy link

The data in config.yaml that you mentioned are default parameters used to configure the scope of domains, IPs, ASNs, CIDRs, and ports for an enumeration or audit process, such as a penetration test. If you notice that example.com is being enumerated, this indicates that the file is still using default configuration values, which might not be ideal because:

Domains and IPs: The domains and IPs listed in config.yaml are used as targets for scanning. Leaving values like "example.com" or "192.0.2.x" means that the scope of the scan may not be adequate for your project or might not be targeting the correct objectives.
ASN and CIDR: These fields are used to define entire networks or IP blocks that will be targeted in the scan. If these values are not updated for your specific scope, the scans will be inaccurate.
Ports and Blacklist: Setting the ports to be actively scanned and which subdomains to ignore is also important. If these ports are not customized according to the target, you may miss important services or test unnecessary areas.
Recommendations:
Edit Configuration: Personalize the fields domains, ips, asns, cidrs, ports, and blacklist based on the targets you are authorized to test.
Tool Documentation: Consult the documentation of the tool you're using with this config.yaml. Scanning tools like Masscan, Nmap, or Amass have specific recommendations for tuning these parameters effectively.
Custom Scope: Clearly define the scope (domains, IPs, ports) based on what has been authorized by the security team or the client, ensuring you do not exceed the boundaries of what can be tested.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@anselmomathias @k0da101