-
Notifications
You must be signed in to change notification settings - Fork 2
/
reconsite
executable file
·39 lines (31 loc) · 1.26 KB
/
reconsite
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
#!/usr/bin/env python3
# Written by Rafe Hart (@rafael_hart)
import sys
import os
from config import *
from enumeratelinks import *
from enumerateflaws import *
def main():
if len(sys.argv) == 1:
print("\nUsage: reconsite www.example.com\nNOTE: You must have permission to scan this domain\n")
sys.exit(1)
target = sys.argv[1]
create_directory(target)
create_directory(target + "/tool_output")
if not os.path.exists(target + "/target.txt"):
f = open(target + "/target.txt", "w")
f.write(target)
f.close()
# Discover URLs
run_hakcrawler(target, infile="target.txt", outfile="hakrawler.txt")
run_getallurls(target, outfile="getallurls.txt")
combine_results(target, infile1="hakrawler.txt", infile2="getallurls.txt",
outfile="urls.raw.txt")
find_injection_points(target, infile="urls.raw.txt", outfile="urls.interesting.txt")
validate_links(target, 200, infile="urls.interesting.txt", outfile="urls.totest.txt")
# Find flaws
look_for_xss(xsshunter_domain, custom_xss_payloads, target,
infile="urls.totest.txt", outfile="xss.results.txt")
look_for_sqli(target, infile="urls.totest.txt", outfile="sqli.results.txt")
if __name__ == '__main__':
main()