reddit hackernews mail facebook facebook linkedin


Automation tool designed to enumerate subdomains and detect bugs using different open-source tools.
#rce   #scanner   #sqli   #ssrf   #xss  

The script first enumerate all the subdomains of the given target domain using assetfinder, sublister, subfinder, amass, findomain, hackertarget, riddler and crt then do active subdomain enumeration using gobuster from SecLists wordlist then filters out all the live subdomains using dnsx then it extract titles of the subdomains using httpx & scans for subdomain takeover using subjack. Then it uses gauplus & waybackurls to crawl all the endpoints of the given subdomains then it use gf patterns to filters out xss, lfi, ssrf, sqli, open redirect & rce parameters from that given subdomains, and then it scans for vulnerabilities on the subdomains using different open-source tools (like kxss, dalfox, openredirex, nuclei, etc). Then it'll print out the result of the scan and save all the output in a specified directory.

- Subdomain Enumeration using assetfinder, sublist3r, subfinder, amass, findomain, etc.
- Active Subdomain Enumeration using gobuster & amass from SecLists/DNS wordlist.
- Extract titles and take screenshots of live subdomains using aquatone & httpx.
- Crawl all the endpoints of the subdomains using waybackurls & gauplus and filter out XSS, SQLi, SSRF, etc parameters using gf patterns.
- Run different open-source tools (like dalfox, nuclei, sqlmap, etc) to search for vulnerabilities on these parameters and then save all the outputs in the folder.