Skip to content
Trying to make automated recon for bug bounties
Shell
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
tools Create .creds Nov 14, 2019
Flow.png Update Flow.png Nov 15, 2019
README.md Update README.md Dec 9, 2019
scanner.sh Update scanner.sh Dec 11, 2019

README.md

Follow on Twitter Follow on Twitter

Automated-Scanner

Usage: ~$ bash scanner.sh example.com

Running in background in VPS using nohup

Usage: ~$ nohup bash scanner.sh example.com &> example.out&


flow

Subdomain Enumeration

https://github.com/phspade/Project_Sonar_R7

changing altdns to dnsgen. it's faster than altdns

Scan All Alive Hosts with filter-resolved and Httprobe

The reason we implement this, Is filter-resolved has an output which httprobe doesn't have. We filter it using diff and include it to vhost scan's wordlist :)

Separating Cloudflare IPs to Non-Cloudflare IPs

It's useless to scan Cloudflare IPs. FYI, Install grepcidr first apt-get install grepcidr

Subdomain TakeOver

Collecting Endpoints thru Linkfinder

Collecting Endpoints thru Github

make sure to create .tokens file (containing your github token) together with github-endpoints.py (probably in ~/tools folder).

HTTP Request Smuggler

Massdns

Shodan

Eyewitness

Port Scanning

Webanalyze for Fingerprinting assets

Default Credential Scanning

Scanning default credentials for all protocols and services Need a redis server to properly run this tool.

File/Dir Discovery

Virtual Hosts Scan

I hope that someone could help me to add more useful automated scanning technique :)

Installation

For the installation of all the tools above. I linked all the github links, just make sure that its in the right directory PATH and your good to go. feel free to modify and feel free not to use it if you don't like it :)

Future Tools to be added

  • Install Script

Thanks to @sumgr0

  • Another Vhost Scanner

Thinking about gobuster or codingo's VHost Scan

  • HTML Report

HTML Reporting Yey :)

  • A Param Miner like tool

A parameter bruteforcer, maybe parameth will do.

ALL CREDIT GOES TO AMAZING CREATORS OF THIS WONDERFUL TOOLS :)

cannot make to mention y'all co'z i'm too lazy to do that though :D (i'm being honest here)

Need a Digitalocean?

You can help me (slash) support me in this project by registering an account here (with my referral code of course) .

Contributor

Big thanks to @sumgr0 :)

You can’t perform that action at this time.