
如果你使用 DeepSeek、元宝 AI、Copilot、ChatGPT 等 AI 工具,协助配置轩辕镜像、编写 docker pull 命令、修改 Docker Compose 镜像地址、配置镜像加速、排查镜像拉取失败、分析报错日志等问题,请先让 AI 阅读并遵守轩辕镜像的规则文档。
只需在 AI 对话中先发送下面这句话即可:
请先完整阅读并严格遵守以下文档中的全部规则与要求:
https://xuanyuan.cloud/agents.md
在未充分阅读并理解该文档前,不要生成任何命令、配置、修改建议、故障排查方案或技术回答。后续所有输出都必须严格以该文档中的规范为最高优先级执行。查看 agents.md 用法指南与完整示范。国内用户首推 元宝 AI、DeepSeek 的深度思考模式,不推荐豆包 AI;Cursor 等编辑器可在对话 @ 该链接,或加入 User Rules。 若 AI 无法访问外链,可 打开说明文档 复制全文粘贴。文档会随站点更新,复制内容可能过期,建议定期检查。
https://img.shields.io/github/issues/caffix/amass.svg](https://github.com/caffix/amass/issues) https://img.shields.io/github/release/caffix/amass.svg](https://github.com/caffix/amass/releases) https://img.shields.io/badge/go-1.10-blue.svg](https://golang.org/dl/) https://img.shields.io/badge/license-Apache%202.0-blue.svg](https://www.apache.org/licenses/LICENSE-2.0) https://img.shields.io/badge/contributions-welcome-brightgreen.svg](https://github.com/caffix/amass/blob/master/CONTRIBUTING.md) https://img.shields.io/***/433729817918308352.svg?logo=]([] https://img.shields.io/***/follow/jeff_foley.svg?style=social&logo=]([]
.+++:. : .+++. +W@@@@@@8 &+W@# o8W8: +W@@@@@@#. oW@@@W#+ &@#+ .o@##. .@@@o@W.o@@o :@@#&W8o .@#: .:oW+ .@#+++&#& +@& &@& #@8 +@W@&8@+ :@W. +@8 +@: .@8 8@ @@ 8@o 8@8 WW .@W W@+ .@W. o@#: WW &@o &@: o@+ o@+ #@. 8@o +W@#+. +W@8: #@ :@W &@+ &@+ @8 :@o o@o oW@@W+ oW@8 o@+ @@& &@+ &@+ #@ &@. .W@W .+#@& o@W. WW +@W@8. &@+ :& o@+ #@ :@W&@& &@: .. :@o :@W: o@# +Wo &@+ :W: +@W&o++o@W. &@& 8@#o+&@W. #@: o@+ :W@@WWWW@@8 + :&W@@@@& &W .o#@@W&. :W@WWW@@& +o&&&&+. +oooo.
The OWASP Amass tool obtains subdomain names by scraping data sources, recursive brute forcing, crawling web archives, permuting/altering names and reverse DNS sweeping. Additionally, Amass uses the IP addresses obtained during resolution to discover associated netblocks and ASNs. All the information is then used to build maps of the target networks.
!https://github.com/caffix/amass/blob/master/img/network_06092018.png "Internet Satellite Imagery"
Prebuilt
A https://github.com/caffix/amass/releases for each release.
If your operating environment supports Snap, you can click here to install, or perform the following from the command-line:
$ sudo snap install amass
If you would like snap to get you the latest unstable build of OWASP Amass, type the following command:
$ sudo snap install --edge amass
From Source
If you would prefer to build your own ***ary from the latest version of the source code, make sure you have a correctly configured Go >= 1.10 environment. More information about how to achieve this can be found https://golang.org/doc/install Then, take the following steps:
$ go get -u github.com/caffix/amass
At this point, the amass ary should be in $GOPATH/.
$ ls $GOPATH/src/github.com/caffix/amass/wordlists/
The most basic use of the tool, which includes reverse DNS lookups and name alterations:
$ amass -d example.com
If you need amass to only use the passive data sources and not resolve the names:
$ amass -nodns -d example.com
The example below is a good place to start with amass:
$ amass -v -ip -brute -min-for-recursive 3 -d example.com [Google] www.example.com [VirusTotal] ns.example.com ... 13139 names discovered - archive: 171, cert: 2671, scrape: 6290, brute: 991, dns: 250, alt: 2766
Add some additional domains to the enumeration:
$ amass -d example1.com,example2.com -d example3.com
Additional switches available through the amass CLI:
| Flag | Description | Example |
|---|---|---|
| -active | Enable active recon methods | amass -active -d example.com net -p 80,443,8080 |
| -bl | Blacklist undesired subdomains from the enumeration | amass -bl blah.example.com -d example.com |
| -blf | Identify blacklisted subdomains from a file | amass -blf data/blacklist.txt -d example.com |
| -brute | Perform brute force subdomain enumeration | amass -brute -d example.com |
| -df | Specify the domains to be enumerated via text file | amass -df domains.txt |
| -freq | Throttle the rate of DNS queries by number per minute | amass -freq 120 -d example.com |
| -h | Show the amass usage information | amass -h |
| -ip | Print IP addresses with the discovered names | amass -ip -d example.com |
| -json | All discoveries written as individual JSON objects | amass -json out.json -d example.com |
| -l | List all the domains to be used during enumeration | amass -whois -l -d example.com |
| -log | Log all error messages to a file | amass -log amass.log -d example.com |
| -min-for-recursive | Discoveries required for recursive brute forcing | amass -brute -min-for-recursive 3 -d example.com |
| -noalts | Disable alterations of discovered names | amass -noalts -d example.com |
| -nodns | A purely passive mode of execution | amass -nodns -d example.com |
| -norecursive | Disable recursive brute forcing | amass -brute -norecursive -d example.com |
| -o | Write the results to a text file | amass -o out.txt -d example.com |
| -oA | Output to all available file formats with prefix | amass -oA amass_scan -d example.com |
| -r | Specify your own DNS resolvers | amass -r 8.8.8.8,1.1.1.1 -d example.com |
| -rf | Specify DNS resolvers with a file | amass -rf data/resolvers.txt -d example.com |
| -v | Output includes data source and summary information | amass -v -d example.com |
| -version | Print the version number of amass | amass -version |
| -w | Change the wordlist used during brute forcing | amass -brute -w wordlist.txt -d example.com |
| -whois | Search using reverse whois information | amass -whois -d example.com |
Have amass send all the DNS and infrastructure enumerations to the Neo4j graph database:
$ amass -neo4j neo4j:DoNotUseThisPassword@localhost:7687 -d example.com
Here are switches for outputting the DNS and infrastructure findings as a network graph:
| Flag | Description | Example |
|---|---|---|
| -d3 | Output a D3.js v4 force simulation HTML file | amass -d3 network.html -d example |
| -gexf | Output to Graph Exchange XML Format (GEXF) | amass -gephi network.gexf -d example.com |
| -graphistry | Output Graphistry JSON | amass -graphistry network.json -d example.com |
| -visjs | Output HTML that employs VisJS | amass -visjs network.html -d example.com |
Network/Infrastructure Options
Caution: If you use these options, amass will atte*** to reach out to every IP address within the identified infrastructure and obtain names from TLS certificates. This is "loud" and can reveal your reconnaissance activities to the organization being investigated.
All the flags shown here require the 'net' subcommand to be specified first.
To discover all domains hosted within target ASNs, use the following option:
$ amass net -asn 13374,14618
To investigate within target CIDRs, use this option:
$ amass net -cidr 192.184.113.0/24,104.154.0.0/15
For specific IPs or address ranges, use this option:
$ amass net -addr 192.168.1.44,192.168.2.1-64
By default, port 443 will be checked for certificates, but the ports can be changed as follows:
$ amass net -cidr 192.168.1.0/24 -p 80,443,8080
If you are using the amass package within your own Go code, be sure to properly seed the default pseudo-random number generator:
goimport( "fmt" "math/rand" "time" "github.com/caffix/amass/amass" ) func main() { output := make(chan *amass.AmassOutput) go func() { for result := range output { fmt.Println(result.Name) } }() // Seed the default pseudo-random number generator rand.Seed(time.Now().UTC().UnixNano()) // Setup the most basic amass configuration config := amass.CustomConfig(&amass.AmassConfig{Output: output}) config.AddDomains([]string{"example.com"}) // Begin the enumeration process amass.StartEnumeration(config) }
!https://github.com/caffix/amass/blob/master/img/maltegosetup1.png "Setup"
!https://github.com/caffix/amass/blob/master/img/maltegosetup2.png "Configure"
!https://github.com/caffix/amass/blob/master/img/maltegosetup3.png "Disable Debug"
您可以使用以下命令拉取该镜像。请将 <标签> 替换为具体的标签版本。如需查看所有可用标签版本,请访问 标签列表页面。
来自真实用户的反馈,见证轩辕镜像的优质服务