Vajra – A Highly Customi zable Target And Scope Based Automated Web Hacking Framework To Automate Boring Recon Tasks

An automated web hacking framework for web applications Detailed insight about Vajra can be found at https://hackwithproxy.medium.com/introducing-vajra-an-advanced-web-hacking-framework-bd8307a01aa8  About Vajra   Vajra is an automated web hacking framework to automate boring recon tasks and same scans for multiple target during web applications penetration testing. Vajra has highly customizable target scope based scan feature. Instead of runningRead More

UDdup – Urls De-Duplication Tool For Better Recon

The tool gets a list of URLs, and removes “duplicate” pages in the sense of URL patterns that are probably repetitive and points to the same web template. For example: https://www.example.com/product/123https://www.example.com/product/456https://www.example.com/product/123?is_prod=falsehttps://www.example.com/product/222?is_debug=true All the above are probably points to the same product “template”. Therefore it should be enough to scan only some of these URLs byRead More

Reconftw – Simple Script For Full Recon

This is a simple script intended to perform a full recon on an objective with multiple subdomains tl;dr Requires Go Run ./install.sh before first run (apt, rpm, pacman compatible) git clone https://github.com/six2dez/reconftwcd reconftwchmod +x *.sh./install.sh./reconftw.sh -d target.com -a Features Tools checker Google Dorks (based on deggogle_hunter) Subdomain enumeration (passive, resolution, bruteforce and permutations) Sub TKORead More

Urlhunter – A Recon Tool That Allows Searching On URLs That Are Exposed Via Shortener Services

urlhunter is a recon tool that allows searching on URLs that are exposed via shortener services such as bit.ly and goo.gl. The project is written in Go. How? A group named URLTeam (kudos to them) are brute forcing the URL shortener services and publishing matched results on a daily basis. urlhunter downloads their collections andRead More

GRecon – Your Google Recon Is Now Automated

GRecon (Greei-Conn) is a simple python tool that automates the process of Google Based Recon AKA Google Dorking The current Version 1.0 Run 7 Search Queries (7 Micro-Plugins) on the spicified Target Providing Awsome Results Current Version Run Google Search Queries to find : Subdomains Sub-Subdomains Signup/Login pages Dir Listing Exposed Docs pdf…xls…docx… WordPress EntriesRead More

Bheem – Simple Collection Of Small Bash-Scripts Which Runs Iteratively To Carry Out Various Tools And Recon Process

Project Bheem is a simple collection of small bash-scripts which runs iteratively to carry out various tools and recon process & store output in an organized way. This project was created initially for automation of Recon for personal usage and was never meant to be public as there is nothing fancy about it but dueRead More

JSFScan.sh – Automation For Javascript Recon In Bug Bounty

Blog can be found at https://medium.com/@patelkathan22/beginners-guide-on-how-you-can-use-javascript-in-bugbounty-492f6eb1f9ea?sk=21500dc4288281c7e6ed2315943269e7 Script made for all your javascript recon automation in bugbounty. Just pass subdomain list to it and options according to your preference. Features 1 – Gather Jsfile Links from different sources.2 – Import File Containing JSUrls3 – Extract Endpoints from Jsfiles4 – Find Secrets from Jsfiles5 – Get JsfilesRead More

FinalRecon v1.1.0 – The Last Web Recon Tool You’ll Need

FinalRecon is an automatic web reconnaissance tool written in python. Goal of FinalRecon is to provide an overview of the target in a short amount of time while maintaining the accuracy of results. Instead of executing several tools one after another it can provide similar results keeping dependencies small and simple. Features FinalRecon provides detailedRead More

Nuubi Tools – Information Ghatering, Scanner And Recon

Nuubi Tools: Information-ghatering|Scanner|Recon Options: -h/–help | Show help message and exitArguments: -b/–banner | Banner grabing of target ip address -s/–subnet | Subnetlookup of target -c/–cms | Cms detect with headers -d/–dns | Dnslookup of target domain -e/–extract | Extract links from target url(https/http) -H/–http | Httpheaders of target url -n/–nmap | Nmapscan of target domainRead More

X