Last active
May 28, 2020 11:05
-
-
Save random-robbie/638ee387cdd27a58d0ee1ce5fd41c07c to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| echo "[*]Basic Aquatone Scan Started [*]" | |
| aquatone-discover -d $1 --threads 10 | |
| aquatone-scan -d $1 --ports huge --threads 10 | |
| DEBUG=nightmare xvfb-run -a aquatone-gather -d $1 --threads 10 | |
| aquatone-takeover -d $1 --threads 10 | |
| echo "[*]sublistr scan for subdomains[*]" | |
| python /root/Sublist3r/sublist3r.py -v -b -d $1 -o $1-subdomains.txt | |
| dos2unix $1-subdomains.txt | |
| echo "Merging found subdomains" | |
| cat /root/Sublist3r/$1-subdomains.txt /root/aquatone/$1/urls.txt >> /root/$1-final.txt | |
| sort /root/$1-final.txt | uniq -u | |
| echo "[*]TKO Subdomain take over check.[*]" | |
| /root/tko-subs/tko-subs -domains=/root/$1-final.txt -data=providers-data.csv -output=/root/results/output.csv | |
| echo "[*] CRLF check [*]" | |
| python /root/CRLF-Injection-Scanner/crlf_scan.py -i $1-final.txt -o /root/results/crlf.txt | |
| echo "[*]Adding HTTPS prefix to subdomains [*]" | |
| awk '{print "https://"$0}' /root/$1-final.txt >> /root/$1-https.txt | |
| echo "[*] Angular JS XSS check [*]" | |
| mass-scan /root/$1-https.txt | |
| cp $1.log /root/results/$1-angularjs-xss.log | |
| echo "[*] jboss check [*]" | |
| python /root/jexboss/jexboss.py -mode file-scan -file /root/$1-https.txt -out /root/results/jboss.log | |
| echo "[*] Content Discovery Time [*]" | |
| bash dirsearch /root/$1-https.txt |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
dc