amass-db

List all performed enumerations in the database

$ amass db -dir [path/to/database_directory] -list

$ amass db -dir [path/to/database_directory] -d [domain_name] -enum [index_from_list] -show

$ amass db -dir [path/to/database_directory] -d [domain_name] -enum [index_from_list] -names

$ amass db -dir [path/to/database_directory] -d [domain_name] -enum [index_from_list] -summary

amass db <subcommand> [options]

Examples:
amass db list -d example.com -names
amass db show -id 1234567890 -full
amass db add -d newdomain.com -src user -tag domain
amass db delete -id 1234567890

-dir <path>
    Specifies the path to the Amass output directory where the database file is located. This option is common to the amass db command and its subcommands. Defaults to ~/.config/amass.

-h, --help
    Displays help information for the db command or its specific subcommand. This option is common to all Amass commands and subcommands.

-add <type>
    Used with the add and delete subcommands. Specifies the type of information to add or delete (e.g., 'domain', 'ip', 'asn', 'ptr', 'cname').

-f <file>
    Used with the add and delete subcommands. Provides a file containing a list of items to add or delete, one per line.

-ip <address>
    Used with the add and delete subcommands. Specifies an IP address to add or delete.

-nocommunity
    Used exclusively with the add subcommand. Disables interaction with the Amass Community API when adding information.

-src <source>
    Used with the add subcommand. Specifies the source of the information being added (e.g., 'user', 'OSINT', 'DNS').

-tag <tag>
    Used with the add subcommand. Assigns a tag to the information being added (e.g., 'subdomain', 'A', 'NS').

-d <domain>
    Used with the add, delete, and list subcommands. Specifies the target domain for the operation.

-id <ID>
    Used with the delete and show subcommands. Specifies the unique ID of an enumeration result to delete or display.

-asn
    Used with the list subcommand. Displays the Autonomous System Numbers (ASNs) collected in the database.

-domains
    Used with the list subcommand. Lists all unique domains currently stored in the database.

-ips
    Used with the list subcommand. Shows all unique IP addresses stored in the database.

-min <num>
    Used with the list subcommand. Filters domains, listing only those with a minimum number of discovered names (subdomains, etc.). Default is 1.

-max <num>
    Used with the list subcommand. Filters domains, listing only those with a maximum number of discovered names. A value of 0 means no upper limit.

-names
    Used with the list subcommand. Displays the discovered names (e.g., subdomains, hostnames) for each domain found in the database.

-full
    Used with the show subcommand. Displays all collected data for a specific enumeration ID, including detailed relationships and associated entities.

The amass db (often referred to conceptually as amass-db) command is the primary interface for managing the graph database used by the OWASP Amass project. This database stores all discovered attack surface information, including subdomains, IP addresses, ASNs, DNS records, and their relationships, collected during various enumeration and intelligence gathering operations. It allows users to persist, retrieve, add, and delete this valuable reconnaissance data. By leveraging this command, analysts can ensure the longevity and reusability of their gathered intelligence, facilitating ongoing monitoring and historical analysis of target organizations' infrastructure.

The Amass database can grow very large, consuming significant disk space, especially after extensive or continuous enumerations. Users should regularly manage old or irrelevant data using the delete subcommand. Direct manual tampering with the database file (usually amass.gdb) without using the amass db commands can corrupt the data, leading to loss of information or errors in future Amass operations. It is advisable to make backups before performing major database changes or deletions.

The amass db command operates through several dedicated subcommands, each designed for a specific database management task:

add: Allows users to manually insert new data points (like domains, IPs, or DNS records) into the database, associating them with specified sources and tags.
delete: Enables the removal of specific data entries (e.g., domains, IPs) or entire enumeration results from the database using their IDs.
list: Provides various options to list and filter the contents of the database, such as domains, IPs, ASNs, or discovered names associated with domains.
show: Displays detailed information for a specific enumeration ID, offering a comprehensive view of all collected data and relationships pertinent to that enumeration.

By default, the Amass database is stored in a file named amass.gdb within the Amass output directory (typically ~/.config/amass). It is designed as a graph database, storing entities (like domains, IP addresses, ASNs, hostnames) as nodes and their relationships (e.g., 'A record points to', 'is a subdomain of', 'resolves to') as edges. This graph structure is optimized for querying and analyzing complex connections within the attack surface, making it highly effective for detailed reconnaissance and dependency mapping.

The amass-db functionality is an integral part of the OWASP Amass project, which began development around 2017 to provide comprehensive attack surface mapping. The database component evolved alongside the enumeration engine, becoming crucial for persisting and managing the vast amounts of reconnaissance data gathered. Early versions might have used simpler storage mechanisms, but it quickly matured into a robust graph database solution, enabling complex querying and analysis of discovered assets and their interconnections. Its design allows for flexible data models to accommodate the diverse types of information collected by Amass over time.

amass(1), amass enum(1), amass intel(1), amass track(1)