-
-
Save emadshanab/548153a83c7b0674698148a475a2c40a to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| echo "[*]Basic Aquatone Scan Started [*]" | |
| aquatone-discover -d $1 --threads 10 | |
| aquatone-scan -d $1 --ports huge --threads 10 | |
| DEBUG=nightmare xvfb-run -a aquatone-gather -d $1 --threads 10 | |
| aquatone-takeover -d $1 --threads 10 | |
| echo "[*]sublistr scan for subdomains[*]" | |
| python /root/Sublist3r/sublist3r.py -v -b -d $1 -o $1-subdomains.txt | |
| dos2unix $1-subdomains.txt | |
| echo "Merging found subdomains" | |
| cat /root/Sublist3r/$1-subdomains.txt /root/aquatone/$1/urls.txt >> /root/$1-final.txt | |
| sort /root/$1-final.txt | uniq -u | |
| echo "[*]TKO Subdomain take over check.[*]" | |
| /root/tko-subs/tko-subs -domains=/root/$1-final.txt -data=providers-data.csv -output=/root/results/output.csv | |
| echo "[*] CRLF check [*]" | |
| python /root/CRLF-Injection-Scanner/crlf_scan.py -i $1-final.txt -o /root/results/crlf.txt | |
| echo "[*]Adding HTTPS prefix to subdomains [*]" | |
| awk '{print "https://"$0}' /root/$1-final.txt >> /root/$1-https.txt | |
| echo "[*] Angular JS XSS check [*]" | |
| mass-scan /root/$1-https.txt | |
| cp $1.log /root/results/$1-angularjs-xss.log | |
| echo "[*] jboss check [*]" | |
| python /root/jexboss/jexboss.py -mode file-scan -file /root/$1-https.txt -out /root/results/jboss.log | |
| echo "[*] Content Discovery Time [*]" | |
| bash dirsearch /root/$1-https.txt |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment