Skip to content
A tool for performing an initial, information-gathering scan of websites for penetration tests.
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
LICENSE
README.md
TODO.md
big.txt
initial-scan.sh

README.md

Initial Scan

A tool for performing an initial, information-gathering scan on a target URL before beginning a web application penetration test.

Usage: initial-scan.sh [URL] [TARGET]

A full URL including the scheme and/or port is required, as well as a target name. An output directory will be created with the target name along with a timestamp for each run of the script.

Example: ./initial-scan.sh https://www.example.com example

Installation

All tools can be installed into the ~/tools directory (created as needed) by running initial-scan.sh install.

Tools

Initial Scan uses the following tools:

  • nmap (Installed via Kali package)
  • whatweb (Installed via Kali package)
  • nikto (Installed via Kali package)
  • gobuster (Installed via Kali package)
  • sslscan (Installed via Kali package)
  • ffuf (Binary downloaded from git repo)
  • bfac (clone git repo and add path to script)
  • snallygaster (clone git repo and add path to script)
  • wafw00f (Installed via Kali package)
  • Breacher (clone git repo and add path to script)
You can’t perform that action at this time.