~$ bash scanner.sh example.com
Running in background in VPS using nohup
~$ nohup bash scanner.sh example.com &> example.out&
changing altdns to dnsgen. it's faster than altdns
The reason we implement this, Is filter-resolved has an output which httprobe doesn't have. We filter it using diff and include it to vhost scan's wordlist :)
Separating Cloudflare IPs to Non-Cloudflare IPs
It's useless to scan Cloudflare IPs. FYI, Install grepcidr first
apt-get install grepcidr
Collecting Endpoints thru Linkfinder
Collecting Endpoints thru Github
make sure to create
.tokensfile (containing your github token) together with
github-endpoints.py(probably in ~/tools folder).
Webanalyze for Fingerprinting assets
Default Credential Scanning
Scanning default credentials for all protocols and services Need a redis server to properly run this tool.
Virtual Hosts Scan
I hope that someone could help me to add more useful automated scanning technique :)
For the installation of all the tools above. I linked all the github links, just make sure that its in the right directory PATH and your good to go. feel free to modify and feel free not to use it if you don't like it :)
Future Tools to be added
- Install Script
Thanks to @sumgr0
- Another Vhost Scanner
Thinking about gobuster or codingo's VHost Scan
- HTML Report
HTML Reporting Yey :)
- A Param Miner like tool
A parameter bruteforcer, maybe parameth will do.
ALL CREDIT GOES TO AMAZING CREATORS OF THIS WONDERFUL TOOLS :)
cannot make to mention y'all co'z i'm too lazy to do that though :D (i'm being honest here)
Need a Digitalocean?
You can help me (slash) support me in this project by registering an account here (with my referral code of course) .
Big thanks to @sumgr0 :)