Installation

For the installation of all the tools below. I linked all the github links, just make sure that its in the right directory PATH and your good to go. feel free to modify and feel free not to use it if you don't like it :)

ALL CREDIT GOES TO AMAZING CREATORS OF THIS WONDERFUL TOOLS :)

^{cannot make to mention y'all co'z i'm too lazy to do that though :D (i'm being honest here)}

List of tools to be installed

golang

amass
subfinder
assetfinder
zcat
goaltdns
shuffledns
dnsprobe
ffuf
httprobe
tko-subs
subjack
zdns
aquatone
webanalyze
gau
getching
kxss
dalfox

APT-GET

jq
grepcidr
nmap
masscan
brutespray

Download Only

findomain
github-endpoints
github-secrets
smuggler

GIT

massdns
S3Scanner
LinkFinder
defparam smuggler

PIP

shodan

How to use

Usage: ~$ bash scanner.sh example.com

Running in background in VPS using nohup

Usage: ~$ nohup bash scanner.sh example.com &> example.out&

Need a Digitalocean?

You can help me (slash) support me in this project by registering an account here (with my referral code of course) .

Contributor

Big thanks to @sumgr0 :)

Links

Subdomain Enumeration

https://github.com/phspade/Project_Sonar_R7

goaltdns + massdns

Scan All Alive Hosts with Httprobe

Getting All IP from the subdomains collected with DNSProbe

Separating Cloudflare, Incapsula, Sucuri, and Akamai IPs from collected IPs

It's useless to scan Cloudflare, Incapsula, Sucuri, and Akamai IPs. (Just like talking to a wall)

FYI, Install grepcidr first apt-get install grepcidr

S3 Bucket scanner with s3scanner

Subdomain TakeOver

Collecting Endpoints thru Linkfinder

Collecting Endpoints and Secrets in Github

make sure to create .tokens file (containing your github token) together with github-endpoints.py and github-secrets.py (probably in ~/tools folder).

HTTP Request Smuggler

ZDNS

Shodan

Aquatone

Port Scanning