dnstake vs Amass

dnstake

DNSTake — A fast tool to check missing hosted DNS zones that can lead to subdomain takeover (by pwnesia)

#Go #Golang #DNS #Subdomain #nameserver #Takeover #Vulnerability

Amass

In-depth Attack Surface Mapping and Asset Discovery (by OWASP)

#Go #DNS #Subdomain #Enumeration #Recon #Osint #osint-reconnaissance #network-security #Owasp #Maltego #attack-surfaces #information-gathering

Source Code

owasp.org

Our great sponsors

Scout APM - Less time debugging, more time building

SonarLint - Deliver Cleaner and Safer Code - Right in Your IDE of Choice!

SaaSHub - Software Alternatives and Reviews

Our great sponsors

dnstake		Amass
	Project
3	Mentions	10
630	Stars	7,136
5.9%	Growth	4.7%
7.1	Activity	9.3
5 days ago	Latest Commit	4 days ago
Go	Language	Go
MIT License	License	GNU General Public License v3.0 or later

The number of mentions indicates the total number of mentions that we've tracked plus the number of user suggested alternatives.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.

dnstake

Posts with mentions or reviews of dnstake. We have used some of these posts to build our list of alternatives and similar projects.

GitHub - pwnesia/dnstake: DNSTake — A fast tool to check missing hosted DNS zones that can lead to subdomain takeover
1 project | reddit.com/r/bag_o_news | 1 Sep 2021
DNSTake — A fast tool to check missing hosted DNS zones that can lead to subdomain takeover
1 project | reddit.com/r/netsec | 28 Aug 2021

1 project | reddit.com/r/golang | 28 Aug 2021

Amass

Posts with mentions or reviews of Amass. We have used some of these posts to build our list of alternatives and similar projects. The last one was on 2022-04-04.

OWASP/Amass: In-depth Attack Surface Mapping and Asset Discovery
1 project | reddit.com/r/blueteamsec | 23 Apr 2022
A new free, open source, cross platform OSINT Tool
3 projects | reddit.com/r/PrivacySecurityOSINT | 4 Apr 2022

Mostly by researching the OSINT sources that other open source project pulls data from e.g amass, spiderfoot, the Harvetser etc
Awesome Penetration Testing
124 projects | dev.to | 6 Oct 2021

OWASP Amass - Subdomain enumeration via scraping, web archives, brute forcing, permutations, reverse DNS sweeping, TLS certificates, passive DNS data sources, etc.
Setting Amass config file?
1 project | reddit.com/r/hacking | 23 Sep 2021

I posted this question on the amass discord and haven't gotten a reply so I thought I would throw it up here. I'm trying to get the config file setup. I added a file to /etc/amass/ using nano and named it config.ini and copy/pasted the example config.ini from github ( Amass/config.ini at master · OWASP/Amass (github.com ). Tried running it, permission denied, did chmod+x config.ini, ran with sudo and still permission denied. I've tried running the command as amass enum -d example.com -config /etc/amass/config.ini.
Is There A Tool For Scanning All Near Devices And Discover What Network They Are Connected To
1 project | reddit.com/r/hacking | 1 Sep 2021

yeah amass
OWASP Amass
1 project | news.ycombinator.com | 19 Jul 2021
Laramies / TheHarvester Emails, Subdomains and Names Harvester – Osint
3 projects | news.ycombinator.com | 16 Jun 2021
Clarification on Black Box Pentesting
2 projects | reddit.com/r/Pentesting | 31 May 2021

On the subdomain part you may want to use amass https://github.com/OWASP/Amass
Tools for InfoSec
5 projects | dev.to | 18 Apr 2021

Amass
Excited about my first Linux laptop ! Lemur Pro. Tips for who to optimize this for OSINT / Kali type of work?
5 projects | reddit.com/r/System76 | 12 Jan 2021

Amass - https://github.com/OWASP/Amass

What are some alternatives?

When comparing dnstake and Amass you can also consider the following projects:

subfinder - Subfinder is a subdomain discovery tool that discovers valid subdomains for websites. Designed as a passive framework to be useful for bug bounties and safe for penetration testing.

assetfinder - Find domains and subdomains related to a given domain

spiderfoot - SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.

masscan - TCP port scanner, spews SYN packets asynchronously, scanning entire Internet in under 5 minutes.

nuclei - Fast and customizable vulnerability scanner based on simple YAML based DSL.

theHarvester - E-mails, subdomains and names Harvester - OSINT

SQLMap - Automatic SQL injection and database takeover tool

Zed - The OWASP ZAP core project

checkip - Get (security) info about IP addresses

grype - A vulnerability scanner for container images and filesystems

flan - A pretty sweet vulnerability scanner

trivy - Scanner for vulnerabilities in container images, file systems, and Git repositories, as well as for configuration issues and hard-coded secrets

Amass vs theHarvester