Automation

JSFScan.sh – Automation For Javascript Recon In Bug Bounty

03 Dec 2020 By

Blog can be found at https://medium.com/@patelkathan22/beginners-guide-on-how-you-can-use-javascript-in-bugbounty-492f6eb1f9ea?sk=21500dc4288281c7e6ed2315943269e7 Script made for all your javascript recon automation in bugbounty. Just pass subdomain list to it and options according to your preference. Features 1 – Gather Jsfile Links from different sources.2 – Import File Containing JSUrls3 – Extract Endpoints from Jsfiles4 – Find Secrets from Jsfiles5 – Get JsfilesRead More

Garud – An Automation Tool That Scans Sub-Domains, Sub-Domain Takeover And Then Filters Out XSS, SSTI, SSRF And More Injection Point Parameters

16 Nov 2020 By

An automation tool that scans sub-domains, sub-domain takeover and then filters out xss, ssti, ssrf and more injection point parameters. Requirements: Go Language, Python 2.7 or Python 3. System requirements: Recommended to run on vps with 1VCPU and 2GB ram. Tools used – You must need to install these tools to use this script SubFinderRead More

ReconNote – Web Application Security Automation Framework Which Recons The Target For Various Assets To Maximize The Attack Surface For Security Professionals & Bug-Hunters

09 Nov 2020 By

Web Application Security Recon Automation Framework It takes user input as a domain name and maximize the attack surface area by listing the assets of the domain like – Subdomains from – Amass ,findomain, subfinder & resolvable subdomains using shuffledns Screenshots Port Scan JS files Httpx Status codes of subdomains Dirsearch file/dir paths by fuzzingRead More

smbAutoRelay – Provides The Automation Of SMB/NTLM Relay Technique For Pentesting And Red Teaming Exercises In Active Directory Environments

02 Oct 2020 By

SMB AutoRelay provides the automation of SMB/NTLM Relay technique for pentesting and red teaming exercises in active directory environments. Usage Syntax: ./smbAutoRelay.sh -i <interface> -t <file> [-q] [-d] . Example: ./smbAutoRelay.sh -i eth0 -t ./targets.txt . Notice that the targets file should contain just the IP addresses of each target, one per line, to whichRead More

hackerEnv – An Automation Tool That Quickly And Easily Sweep IPs And Scan Ports, Vulnerabilities And Exploit Them

21 Jul 2020 By

hackerEnv is an automation tool that quickly and easily sweep IPs and scan ports, vulnerabilities and exploit them. Then, it hands you an interactive shell for further testing. Also, it generates HTML and docx reports. It uses other tools such as nmap, nikto, metasploit and hydra. Works in kali linux and Parrot OS. Do notRead More

Faraday presents the latest version of their Security Platform for Vulnerability Management Automation

25 Feb 2020 By

Miami, February 19, 2020 – Faraday is opening 2020 by strengthening their releases using the featured cybersecurity worldwide events calendar, starting next week with BSides and RSAC in San Francisco. As a Blackhat Global Partner, the company will also participate as a sponsor in all BH’s global events. By means of automation technology and workflowRead More

X