This is a simple ruby based tool used for OSINT/PenTesting an application. The first version has static URL entries that are commonly attacked (PHPMyAdmin, VPN, Email, Citrix, etc.) And, to be technical its more enumeration or active recon.. moving right along..
###Supported Targets
- OWA (2003-2010)
- Citrix
- Cisco VPN
- Magneto ECommerce Software
- PHPMyadmin
- TomCat
- Juniper VPNs
- Sonicwall VPN
- Various admin portal checks
- Sharepoint
- SonicWall Virtual Assistant (added 6/27/2014)
ruby OSINT.rb --url http(s)://xxx.xxx.xxx.xxx --uri /lists/list.txt
- Clean up the code (in progress)
- Add target input via file
- Add scan output to file
- Add analysis of app headers to identify version of SharePoint and OWA.
- Ability to add in ports. Ex- 8080, 8443.
- add threading
- @CarnalOwnage for the ideas and some of the URL checks
- Alex Levinson for helping with some ruby foo.
- Chris @GitHub for adding some changes.
- @alanjones for contributing and helping implement changes
This code is licensed under the GPLv3. Full text of this can be found in LICENSE.txt
- Added Color to the Command Line
- Added only reporting for 200 status (302 may be enabled by uncommenting it(be prepare for a lot of output).
- fixed the SSL invalid certs breaking to tool (alanjones)
- pulled the target URLs from the main .rb code and added to list.txt (alanjones)
- added ability to call options from CLI. (alanjones)
- added new support to list.txt. (Sonicwall, Magneto, various admin portals)
- Split out URL checks into individual text documents to make more modular, and environment specific as needed.