def __init__(self, options):
utils.print_banner("IP Discovery")
utils.make_directory(options['WORKSPACE'] + '/ipspace')
self.module_name = self.__class__.__name__
self.options = options
slack.slack_noti(
'status',
self.options,
mess={
'title':
"{0} | {1}".format(self.options['TARGET'], self.module_name),
'content':
'Start IP Discovery for {0}'.format(self.options['TARGET'])
})
self.initial()
utils.just_waiting(self.module_name)
try:
self.conclude()
except:
utils.print_bad("Something wrong with conclude for {0}".format(
self.module_name))
slack.slack_noti(
'good',
self.options,
mess={
'title':
"{0} | {1} ".format(self.options['TARGET'], self.module_name),
'content':
'Done IP Discovery for {0}'.format(self.options['TARGET'])
})
def result_parsing(self):
utils.print_good('Parsing XML for masscan report')
utils.make_directory(
self.options['WORKSPACE'] + '/portscan/parsed')
result_path = utils.replace_argument(
self.options, '$WORKSPACE/portscan')
main_json = utils.reading_json(utils.replace_argument(
self.options, '$WORKSPACE/$COMPANY.json'))
for filename in glob.iglob(result_path + '/**/*.xml'):
ip = filename.split('/')[-1].split('-masscan.xml')[0]
masscan_report = NmapParser.parse_fromfile(filename)
masscan_report_json = json.dumps(masscan_report)
# store the raw json
utils.just_write(utils.replace_argument(
self.options, '$WORKSPACE/portscan/parsed/{0}.json'.format(ip)), masscan_report_json, is_json=True)
services = [x['__NmapHost__']['_services']
for x in masscan_report_json['_host']]
# ports = [y.get('_portid') for y in services]
ports = []
for service in services:
for element in service:
ports.append(
{"port": str(element['_portid']), "service": str(element['_protocol'])})
for i in range(len(main_json['Subdomains'])):
if main_json['Subdomains'][i]['IP'] == ip:
main_json['Subdomains'][i]['Network']['Ports'] = ports
utils.just_write(utils.replace_argument(
self.options, '$WORKSPACE/$COMPANY.json'), main_json, is_json=True)
def __init__(self, options):
utils.print_banner("IP Discovery")
utils.make_directory(options['WORKSPACE'] + '/ipspace')
self.module_name = self.__class__.__name__
self.options = options
slack.slack_info(
self.options,
mess={
'title':
"{0} | {1}".format(self.options['TARGET'], self.module_name),
'content':
'Start IP Discovery for {0}'.format(self.options['TARGET'])
})
self.initial()
utils.just_waiting(self.module_name)
self.conclude()
slack.slack_good(
self.options,
mess={
'title':
"{0} | {1} ".format(self.options['TARGET'], self.module_name),
'content':
'Done IP Discovery for {0}'.format(self.options['TARGET'])
})
def __init__(self, options):
utils.print_banner("Scanning Subdomain")
utils.make_directory(options['WORKSPACE'] + '/subdomain')
self.module_name = self.__class__.__name__
self.options = options
slack.slack_noti('status',
self.options,
mess={
'title':
"{0} | {1}".format(self.options['TARGET'],
self.module_name),
'content':
'Start Scanning Subdomain for {0}'.format(
self.options['TARGET'])
})
self.initial()
utils.just_waiting(self.module_name, seconds=10)
self.conclude()
#this gonna run after module is done to update the main json
slack.slack_noti('good',
self.options,
mess={
'title':
"{0} | {1} ".format(self.options['TARGET'],
self.module_name),
'content':
'Done Scanning Subdomain for {0}'.format(
self.options['TARGET'])
})
def __init__(self, options):
utils.print_banner("Scanning through BurpState")
utils.make_directory(options['WORKSPACE'] + '/burpstate/')
self.module_name = self.__class__.__name__
self.options = options
slack.slack_noti('status',
self.options,
mess={
'title':
"{0} | {1}".format(self.options['TARGET'],
self.module_name),
'content':
'Start Scanning BurpState for {0}'.format(
self.options['TARGET'])
})
self.initial()
slack.slack_noti('good',
self.options,
mess={
'title':
"{0} | {1}".format(self.options['TARGET'],
self.module_name),
'content':
'Start Scanning BurpState for {0}'.format(
self.options['TARGET'])
})
self.conclude()
def __init__(self, options):
utils.print_banner("Scanning Subdomain")
utils.make_directory(options['WORKSPACE'] + '/subdomain')
self.module_name = self.__class__.__name__
self.options = options
self.options['CURRENT_MODULE'] = self.module_name
self.options['SPEED'] = utils.custom_speed(self.options)
if utils.resume(self.options, self.module_name):
utils.print_info(
"It's already done. use '-f' options to force rerun the module")
return
slack.slack_noti('status', self.options, mess={
'title': "{0} | {1}".format(self.options['TARGET'], self.module_name),
'content': 'Start Scanning Subdomain for {0}'.format(self.options['TARGET'])
})
self.initial()
utils.just_waiting(self.options, self.module_name, seconds=60)
self.conclude()
# this gonna run after module is done to update the main json
slack.slack_noti('good', self.options, mess={
'title': "{0} | {1} ".format(self.options['TARGET'], self.module_name),
'content': 'Done Scanning Subdomain for {0}'.format(self.options['TARGET'])
})
utils.print_line()
def __init__(self, options):
utils.print_banner("IP Discovery")
utils.make_directory(options['WORKSPACE'] + '/ipspace')
self.module_name = self.__class__.__name__
self.options = options
if utils.resume(self.options, self.module_name):
utils.print_info("It's already done. use '-f' options to force rerun the module")
return
slack.slack_noti('status', self.options, mess={
'title': "{0} | {1}".format(self.options['TARGET'], self.module_name),
'content': 'Start IP Discovery for {0}'.format(self.options['TARGET'])
})
self.initial()
utils.just_waiting(self.options, self.module_name)
try:
self.conclude()
except:
utils.print_bad("Something wrong with conclude for {0}".format(self.module_name))
slack.slack_noti('good', self.options, mess={
'title': "{0} | {1} ".format(self.options['TARGET'], self.module_name),
'content': 'Done IP Discovery for {0}'.format(self.options['TARGET'])
})
def __init__(self, options):
utils.print_banner("Port Scanning")
utils.make_directory(options['WORKSPACE'] + '/portscan')
self.module_name = self.__class__.__name__
self.options = options
slack.slack_noti(
'status',
self.options,
mess={
'title':
"{0} | {1}".format(self.options['TARGET'], self.module_name),
'content':
'Start Port Scanning for {0}'.format(self.options['TARGET'])
})
# self.initial()
utils.just_waiting(self.module_name, seconds=60)
# self.create_ip_result()
self.conclude()
slack.slack_noti(
'good',
self.options,
mess={
'title':
"{0} | {1}".format(self.options['TARGET'], self.module_name),
'content':
'Start Port Scanning for {0}'.format(self.options['TARGET'])
})
def screenshots(self, csv_data):
# add http:// and https:// prefix to domain
if csv_data:
result = []
for line in csv_data.splitlines()[1:]:
# print(line)
host = line.split(',')[0]
port = line.split(',')[3]
result.append("http://" + host + ":" + port)
result.append("https://" + host + ":" + port)
utils.just_write(
utils.replace_argument(
self.options, '$WORKSPACE/portscan/$OUTPUT-hosts.txt'),
"\n".join(result))
# screenshots with gowitness
utils.make_directory(self.options['WORKSPACE'] +
'/portscan/screenshoots-massscan/')
cmd = "$GO_PATH/gowitness file -s $WORKSPACE/portscan/$OUTPUT-hosts.txt -t 30 --log-level fatal --destination $WORKSPACE/portscan/screenshoots-massscan/ --db $WORKSPACE/portscan/screenshoots-massscan/gowitness.db"
execute.send_cmd(self.options,
utils.replace_argument(self.options, cmd), '', '',
self.module_name)
utils.just_waiting(self.options, self.module_name, seconds=10)
cmd = "$GO_PATH/gowitness generate -n $WORKSPACE/portscan/$OUTPUT-masscan-screenshots.html --destination $WORKSPACE/portscan/screenshoots-massscan/ --db $WORKSPACE/portscan/screenshoots-massscan/gowitness.db"
html_path = utils.replace_argument(
self.options,
"$WORKSPACE/portscan/$OUTPUT-masscan-screenshots.html")
execute.send_cmd(self.options,
utils.replace_argument(self.options, cmd),
html_path, '', self.module_name)
def __init__(self, options):
utils.print_banner("AssetFinding")
utils.make_directory(options['WORKSPACE'] + '/assets')
self.module_name = self.__class__.__name__
self.options = options
self.options['CURRENT_MODULE'] = self.module_name
self.options['SPEED'] = utils.custom_speed(self.options)
if utils.resume(self.options, self.module_name):
utils.print_info(
"It's already done. use '-f' options to force rerun the module"
)
return
self.is_direct = utils.is_direct_mode(options, require_input=True)
slack.slack_noti(
'status',
self.options,
mess={
'title':
"{0} | {1}".format(self.options['TARGET'], self.module_name),
'content':
'Start AssetFinding for {0}'.format(self.options['TARGET'])
})
self.initial()
utils.just_waiting(self.options, self.module_name)
slack.slack_noti(
'good',
self.options,
mess={
'title':
"{0} | {1} ".format(self.options['TARGET'], self.module_name),
'content':
'Done AssetFinding for {0}'.format(self.options['TARGET'])
})
utils.print_line()
def gowithness(self, data):
# add http:// and https:// prefix to domain
domains = []
utils.make_directory(self.options['WORKSPACE'] +
'/screenshot/screenshoots-gowitness')
for item in data:
host = utils.get_domain(item)
domains.append("http://" + host)
domains.append("https://" + host)
http_file = utils.replace_argument(
self.options, '$WORKSPACE/screenshot/$OUTPUT-hosts.txt')
utils.just_write(http_file, "\n".join(domains))
utils.clean_up(http_file)
time.sleep(2)
# screenshots with gowitness
cmd = "$GO_PATH/gowitness file -s $WORKSPACE/screenshot/$OUTPUT-hosts.txt -t 30 --log-level fatal --destination $WORKSPACE/screenshot/screenshoots-gowitness/ --db $WORKSPACE/screenshot/screenshoots-gowitness/gowitness.db"
execute.send_cmd(self.options,
utils.replace_argument(self.options,
cmd), '', '', self.module_name)
utils.just_waiting(self.options, self.module_name, seconds=10)
cmd = "$GO_PATH/gowitness generate -n $WORKSPACE/screenshot/$OUTPUT-gowitness-screenshots.html --destination $WORKSPACE/screenshot/screenshoots-gowitness/ --db $WORKSPACE/screenshot/screenshoots-gowitness/gowitness.db"
html_path = utils.replace_argument(
self.options,
"$WORKSPACE/portscan/$OUTPUT-gowitness-screenshots.html")
execute.send_cmd(self.options,
utils.replace_argument(self.options, cmd), html_path,
'', self.module_name)
def __init__(self, options):
utils.print_banner("Scanning through BurpState")
utils.make_directory(options['WORKSPACE'] + '/burpstate/')
self.module_name = self.__class__.__name__
self.options = options
if utils.resume(self.options, self.module_name):
utils.print_info(
"It's already done. use '-f' options to force rerun the module"
)
return
slack.slack_noti('status',
self.options,
mess={
'title':
"{0} | {1}".format(self.options['TARGET'],
self.module_name),
'content':
'Start Scanning BurpState for {0}'.format(
self.options['TARGET'])
})
self.initial()
slack.slack_noti('good',
self.options,
mess={
'title':
"{0} | {1}".format(self.options['TARGET'],
self.module_name),
'content':
'Start Scanning BurpState for {0}'.format(
self.options['TARGET'])
})
self.conclude()
def __init__(self, options):
utils.print_banner("Port Scanning")
utils.make_directory(options['WORKSPACE'] + '/portscan')
utils.make_directory(options['WORKSPACE'] + '/subdomain')
self.module_name = self.__class__.__name__
self.options = options
if utils.resume(self.options, self.module_name):
utils.print_info(
"It's already done. use '-f' options to force rerun the module")
return
self.is_direct = utils.is_direct_mode(options, require_input=True)
slack.slack_noti('status', self.options, mess={
'title': "{0} | {1}".format(self.options['TARGET'], self.module_name),
'content': 'Start Port Scanning for {0}'.format(self.options['TARGET'])
})
self.initial()
utils.just_waiting(self.options, self.module_name, seconds=60)
self.conclude()
slack.slack_noti('good', self.options, mess={
'title': "{0} | {1}".format(self.options['TARGET'], self.module_name),
'content': 'Start Port Scanning for {0}'.format(self.options['TARGET'])
})
def __init__(self, options):
utils.print_banner("Reconnaisance")
utils.make_directory(options['WORKSPACE'] + '/recon')
self.module_name = self.__class__.__name__
self.options = options
if utils.resume(self.options, self.module_name):
utils.print_info(
"It's already done. use '-f' options to force rerun the module"
)
return
slack.slack_noti('status',
self.options,
mess={
'title':
"{0} | {1}".format(self.options['TARGET'],
self.module_name),
'content':
'Start Scanning Subdomain for {0}'.format(
self.options['TARGET'])
})
self.initial()
self.conclude()
# this gonna run after module is done to update the main json
slack.slack_noti('good',
self.options,
mess={
'title':
"{0} | {1} ".format(self.options['TARGET'],
self.module_name),
'content':
'Done Scanning Subdomain for {0}'.format(
self.options['TARGET'])
})
def __init__(self, options):
utils.print_banner("Github Repo Scanning")
utils.make_directory(options['WORKSPACE'] + '/gitscan/')
self.module_name = self.__class__.__name__
self.options = options
slack.slack_noti('status',
self.options,
mess={
'title':
"{0} | {1}".format(self.options['TARGET'],
self.module_name),
'content':
'Start Github Repo Scanning for {0}'.format(
self.options['TARGET'])
})
self.initial()
slack.slack_noti('good',
self.options,
mess={
'title':
"{0} | {1}".format(self.options['TARGET'],
self.module_name),
'content':
'Start Github Repo Scanning for {0}'.format(
self.options['TARGET'])
})
def __init__(self, options):
utils.print_banner("ScreenShot the target")
utils.make_directory(options['WORKSPACE'] + '/screenshot')
self.module_name = self.__class__.__name__
self.options = options
self.options['CURRENT_MODULE'] = self.module_name
self.options['SPEED'] = utils.custom_speed(self.options)
if utils.resume(self.options, self.module_name):
utils.print_info(
"It's already done. use '-f' options to force rerun the module"
)
return
slack.slack_noti(
'status',
self.options,
mess={
'title':
"{0} | {1}".format(self.options['TARGET'], self.module_name),
'content':
'Start ScreenShot for {0}'.format(self.options['TARGET'])
})
self.initial()
slack.slack_noti(
'good',
self.options,
mess={
'title':
"{0} | {1} ".format(self.options['TARGET'], self.module_name),
'content':
'Done ScreenShot for {0}'.format(self.options['TARGET'])
})
utils.print_line()
def __init__(self, options):
utils.print_banner("CORS Scanning")
utils.make_directory(options['WORKSPACE'] + '/cors')
self.module_name = self.__class__.__name__
self.options = options
if utils.resume(self.options, self.module_name):
utils.print_info(
"It's already done. use '-f' options to force rerun the module"
)
return
slack.slack_noti(
'status',
self.options,
mess={
'title':
"{0} | {1}".format(self.options['TARGET'], self.module_name),
'content':
'Start Scanning CORS for {0}'.format(self.options['TARGET'])
})
self.initial()
utils.just_waiting(self.options, self.module_name)
slack.slack_noti(
'good',
self.options,
mess={
'title':
"{0} | {1} ".format(self.options['TARGET'], self.module_name),
'content':
'Done Scanning CORS for {0}'.format(self.options['TARGET'])
})
def dig_info(self):
utils.print_good('Starting basic Dig')
utils.make_directory(self.options['WORKSPACE'] + '/screenshot/digs')
final_subdomains = utils.replace_argument(self.options, '$WORKSPACE/subdomain/final-$OUTPUT.txt')
#run command directly instead of run it via module cause there're a lot of command to run
all_domains = utils.just_read(final_subdomains).splitlines()
if self.options['DEBUG'] == 'True':
all_domains = all_domains[:10]
custom_logs = {"module": self.module_name, "content": []}
for part in list(utils.chunks(all_domains, 5)):
for domain in part:
cmd = utils.replace_argument(
self.options, 'dig all {0} | tee $WORKSPACE/screenshot/digs/{0}.txt'.format(domain))
output_path = utils.replace_argument(self.options, 'tee $WORKSPACE/screenshot/digs/{0}.txt'.format(domain))
execute.send_cmd(self.options, cmd, '', '', self.module_name, True)
# time.sleep(0.5)
custom_logs['content'].append(
{"cmd": cmd, "std_path": '', "output_path": output_path, "status": "Done"})
#just wait couple seconds and continue but not completely stop the routine
time.sleep(5)
print(custom_logs)
#submit a log
utils.print_info('Update activities log')
utils.update_activities(self.options, str(custom_logs))
def __init__(self, options):
utils.print_banner("Scanning Directory")
utils.make_directory(options['WORKSPACE'] + '/directory')
self.module_name = self.__class__.__name__
self.options = options
if utils.resume(self.options, self.module_name):
utils.print_info(
"Detect is already done. use '-f' options to force rerun the module"
)
return
self.is_direct = utils.is_direct_mode(options, require_input=True)
slack.slack_noti('status',
self.options,
mess={
'title':
"{0} | {1}".format(self.options['TARGET'],
self.module_name),
'content':
'Start Scanning Directory for {0}'.format(
self.options['TARGET'])
})
self.initial()
slack.slack_noti('good',
self.options,
mess={
'title':
"{0} | {1}".format(self.options['TARGET'],
self.module_name),
'content':
'Start Scanning Directory for {0}'.format(
self.options['TARGET'])
})
def dig_info(self):
utils.print_good('Starting basic Dig')
utils.make_directory(self.options['WORKSPACE'] + '/screenshot/digs')
final_subdomains = utils.replace_argument(self.options, '$WORKSPACE/subdomain/final-$OUTPUT.txt')
#run command directly instead of run it via module cause there're a lot of command to run
all_domains = utils.just_read(final_subdomains).splitlines()
if self.options['DEBUG'] == 'True':
all_domains = all_domains[:10]
custom_logs = {"module": self.module_name, "content": []}
for part in list(utils.chunks(all_domains, 5)):
for domain in part:
cmd = utils.replace_argument(
self.options, 'dig all {0} | tee $WORKSPACE/screenshot/digs/{0}.txt'.format(domain))
output_path = utils.replace_argument(self.options, 'tee $WORKSPACE/screenshot/digs/{0}.txt'.format(domain))
execute.send_cmd(self.options, cmd, '', '', self.module_name, True)
# time.sleep(0.5)
custom_logs['content'].append(
{"cmd": cmd, "std_path": '', "output_path": output_path, "status": "Done"})
#just wait couple seconds and continue but not completely stop the routine
time.sleep(5)
print(custom_logs)
#submit a log
utils.print_info('Update activities log')
utils.update_activities(self.options, str(custom_logs))
def __init__(self, options):
utils.print_banner("ScreenShot the target")
utils.make_directory(options['WORKSPACE'] + '/screenshot')
self.module_name = self.__class__.__name__
self.options = options
slack.slack_info(
self.options,
mess={
'title':
"{0} | {1}".format(self.options['TARGET'], self.module_name),
'content':
'Start ScreenShot for {0}'.format(self.options['TARGET'])
})
self.initial()
#check if the screenshot success or not, if not run it again
# while True:
# if not os.listdir(utils.replace_argument(self.options, '$WORKSPACE/screenshot/')):
# utils.print_bad('Something wrong with these module ... run it again')
# self.initial()
# utils.just_waiting(self.module_name)
# else:
# break
slack.slack_good(
self.options,
mess={
'title':
"{0} | {1} ".format(self.options['TARGET'], self.module_name),
'content':
'Done ScreenShot for {0}'.format(self.options['TARGET'])
})
def __init__(self, options):
utils.print_banner("Port Scanning")
utils.make_directory(options['WORKSPACE'] + '/portscan')
utils.make_directory(options['WORKSPACE'] + '/subdomain')
self.module_name = self.__class__.__name__
self.options = options
if utils.resume(self.options, self.module_name):
utils.print_info(
"It's already done. use '-f' options to force rerun the module")
return
self.is_direct = utils.is_direct_mode(options, require_input=True)
slack.slack_noti('status', self.options, mess={
'title': "{0} | {1}".format(self.options['TARGET'], self.module_name),
'content': 'Start Port Scanning for {0}'.format(self.options['TARGET'])
})
self.initial()
utils.just_waiting(self.options, self.module_name, seconds=60)
# self.create_ip_result()
self.conclude()
slack.slack_noti('good', self.options, mess={
'title': "{0} | {1}".format(self.options['TARGET'], self.module_name),
'content': 'Start Port Scanning for {0}'.format(self.options['TARGET'])
})
def __init__(self, options):
utils.print_banner("CORS Scanning")
utils.make_directory(options['WORKSPACE'] + '/cors')
self.module_name = self.__class__.__name__
self.options = options
slack.slack_noti(
'status',
self.options,
mess={
'title':
"{0} | {1}".format(self.options['TARGET'], self.module_name),
'content':
'Start Scanning CORS for {0}'.format(self.options['TARGET'])
})
self.initial()
utils.just_waiting(self.options, self.module_name)
slack.slack_noti(
'good',
self.options,
mess={
'title':
"{0} | {1} ".format(self.options['TARGET'], self.module_name),
'content':
'Done Scanning CORS for {0}'.format(self.options['TARGET'])
})
def __init__(self, options):
utils.make_directory(options['env']['WORKSPACE'] + '/bruteforce/')
self.options = options
if self.options['speed'] == 'slow':
self.routine()
elif self.options['speed'] == 'quick':
utils.print_good("Skipping for quick speed")
def __init__(self, options):
utils.print_line()
utils.print_banner("Create Skeleton JSON file")
utils.make_directory(options['WORKSPACE'] + '/info')
self.module_name = self.__class__.__name__
self.options = options
self.initial()
# #this gonna run after module is done to update the main json
# self.conclude()
utils.print_line()
def linkfinder(self):
utils.print_good('Starting linkfinder')
if self.is_direct:
if utils.not_empty_file(self.is_direct):
http_domains = utils.just_read(self.is_direct)
# just return if direct input is just a string
else:
domain = self.is_direct
strip_domain = utils.get_domain(domain)
if strip_domain == domain:
domain = 'http://' + domain
cmd = 'python3 $PLUGINS_PATH/LinkFinder/linkfinder.py -i {0} -d -o cli | tee $WORKSPACE/assets/linkfinder/{1}-linkfinder.txt'.format(
domain, strip_domain)
cmd = utils.replace_argument(self.options, cmd)
output_path = utils.replace_argument(
self.options,
'$WORKSPACE/assets/linkfinder/{0}-linkfinder.txt'.format(
strip_domain))
std_path = utils.replace_argument(
self.options,
'$WORKSPACE/assets/linkfinder/{0}-linkfinder.std'.format(
strip_domain))
execute.send_cmd(self.options, cmd, output_path, std_path,
self.module_name)
return None
else:
if self.options['SPEED'] != 'slow':
utils.print_good("Skipping linkfinder in quick mode")
return None
http_domains = utils.replace_argument(
self.options, '$WORKSPACE/assets/http-$OUTPUT.txt')
utils.make_directory(self.options['WORKSPACE'] + '/assets/linkfinder')
if utils.not_empty_file(http_domains):
domains = utils.just_read(http_domains)
for domain in domains.splitlines():
strip_domain = utils.get_domain(domain)
cmd = 'python3 $PLUGINS_PATH/LinkFinder/linkfinder.py -i {0} -d -o cli | tee $WORKSPACE/assets/linkfinder/{1}-linkfinder.txt'.format(
domain, strip_domain)
cmd = utils.replace_argument(self.options, cmd)
output_path = utils.replace_argument(
self.options,
'$WORKSPACE/assets/linkfinder/{0}-linkfinder.txt'.format(
strip_domain))
std_path = utils.replace_argument(
self.options,
'$WORKSPACE/assets/linkfinder/{0}-linkfinder.std'.format(
strip_domain))
execute.send_cmd(self.options, cmd, output_path, std_path,
self.module_name)
def __init__(self, options):
utils.make_directory(options['WORKSPACE'] + '/bruteforce/')
self.options = options
if utils.resume(self.options, self.module_name):
utils.print_info("It's already done. use '-f' options to force rerun the module")
return
if self.options['SPEED'] == 'slow':
self.routine()
elif self.options['SPEED'] == 'quick':
utils.print_good("Skipping for quick speed")
def __init__(self, options):
utils.print_banner("Scanning Subdomain")
utils.make_directory(options['env']['WORKSPACE'] + '/subdomain')
self.options = options
self.initial()
#check if the screenshot success or not, if not run it again
while True:
if os.stat(utils.replace_argument(self.options, '$WORKSPACE/subdomain/final-$OUTPUT.txt')).st_size == 0:
utils.print_bad('Something wrong with these module ... run it again')
self.initial()
else:
break
def __init__(self, options):
utils.print_banner("SSL Scanning")
utils.make_directory(options['WORKSPACE'] + '/ssl/')
self.module_name = self.__class__.__name__
self.options = options
if utils.resume(self.options, self.module_name):
utils.print_info("It's already done. use '-f' options to force rerun the module")
return
slack.slack_noti('status', self.options, mess={
'title': "{0} | {1}".format(self.options['TARGET'], self.module_name),
'content': 'Start SSL Scanning for {0}'.format(self.options['TARGET'])
})
self.initial()
utils.just_waiting(self.options, self.module_name)
def __init__(self, options):
utils.print_banner("ScreenShot the target")
utils.make_directory(options['WORKSPACE'] + '/screenshot')
self.module_name = self.__class__.__name__
self.options = options
slack.slack_noti('status', self.options, mess={
'title': "{0} | {1}".format(self.options['TARGET'], self.module_name),
'content': 'Start ScreenShot for {0}'.format(self.options['TARGET'])
})
self.initial()
slack.slack_noti('good', self.options, mess={
'title': "{0} | {1} ".format(self.options['TARGET'], self.module_name),
'content': 'Done ScreenShot for {0}'.format(self.options['TARGET'])
})
def __init__(self, options):
utils.print_banner("Services Scanning")
utils.make_directory(options['env']['WORKSPACE'] + '/screenshot')
# utils.make_directory(options['env']['WORKSPACE'] + '/screenshot/all')
self.options = options
self.initial()
#check if the screenshot success or not, if not run it again
while True:
if not os.listdir(
utils.replace_argument(self.options,
'$WORKSPACE/screenshot/')):
utils.print_bad(
'Something wrong with these module ... run it again')
self.initial()
else:
break
def __init__(self, options):
utils.print_banner("ScreenShot the target")
utils.make_directory(options['WORKSPACE'] + '/screenshot')
self.module_name = self.__class__.__name__
self.options = options
if utils.resume(self.options, self.module_name):
utils.print_info("It's already done. use '-f' options to force rerun the module")
return
slack.slack_noti('status', self.options, mess={
'title': "{0} | {1}".format(self.options['TARGET'], self.module_name),
'content': 'Start ScreenShot for {0}'.format(self.options['TARGET'])
})
self.initial()
slack.slack_noti('good', self.options, mess={
'title': "{0} | {1} ".format(self.options['TARGET'], self.module_name),
'content': 'Done ScreenShot for {0}'.format(self.options['TARGET'])
})
def __init__(self, options):
utils.print_banner("Port Scanning")
utils.make_directory(options['WORKSPACE'] + '/portscan')
self.module_name = self.__class__.__name__
self.options = options
slack.slack_info(self.options, mess={
'title': "{0} | {1}".format(self.options['TARGET'], self.module_name),
'content': 'Start Port Scanning for {0}'.format(self.options['TARGET'])
})
self.initial()
utils.just_waiting(self.module_name)
self.result_parsing()
self.conclude()
slack.slack_good(self.options, mess={
'title': "{0} | {1}".format(self.options['TARGET'], self.module_name),
'content': 'Start Port Scanning for {0}'.format(self.options['TARGET'])
})
def get_response(self):
utils.print_good('Starting meg')
if self.is_direct:
if utils.not_empty_file(self.is_direct):
cmd = '$GO_PATH/meg / {0} $WORKSPACE/assets/responses/ -v -c 100'.format(
self.is_direct)
# just return if direct input is just a string
else:
utils.print_bad("meg required input as a file.")
return None
else:
cmd = '$GO_PATH/meg / $WORKSPACE/assets/http-$OUTPUT.txt $WORKSPACE/assets/responses/ -v -c 100'
utils.make_directory(self.options['WORKSPACE'] + '/assets/responses')
cmd = utils.replace_argument(self.options, cmd)
output_path = utils.replace_argument(
self.options, '$WORKSPACE/assets/responses/index')
std_path = utils.replace_argument(self.options,
'$WORKSPACE/assets/responses/index')
execute.send_cmd(self.options, cmd, output_path, std_path,
self.module_name)
def __init__(self, options):
utils.print_banner("Headers Scanning")
utils.make_directory(options['WORKSPACE'] + '/headers')
utils.make_directory(options['WORKSPACE'] + '/headers/details')
self.module_name = self.__class__.__name__
self.options = options
if utils.resume(self.options, self.module_name):
utils.print_info("It's already done. use '-f' options to force rerun the module")
return
self.is_direct = utils.is_direct_mode(options, require_input=True)
slack.slack_noti('status', self.options, mess={
'title': "{0} | {1}".format(self.options['TARGET'], self.module_name),
'content': 'Start Headers Scanning for {0}'.format(self.options['TARGET'])
})
self.initial()
slack.slack_noti('good', self.options, mess={
'title': "{0} | {1}".format(self.options['TARGET'], self.module_name),
'content': 'Start Headers Scanning for {0}'.format(self.options['TARGET'])
})
def screenshots(self, csv_data):
utils.print_info("Screenshot again with new port found")
# add http:// and https:// prefix to domain
if csv_data:
result = []
for line in csv_data.splitlines()[1:]:
# some output of the script is contain new line
try:
# print(line)
host = line.split(',')[0]
port = line.split(',')[4]
result.append("http://" + host + ":" + port)
result.append("https://" + host + ":" + port)
except:
pass
utils.just_write(
utils.replace_argument(
self.options, '$WORKSPACE/vulnscan/$OUTPUT-hosts.txt'),
"\n".join(result))
# screenshots with gowitness
utils.make_directory(self.options['WORKSPACE'] +
'/vulnscan/screenshoots-nmap/')
cmd = "$GO_PATH/gowitness file -s $WORKSPACE/vulnscan/$OUTPUT-hosts.txt -t 30 --log-level fatal --destination $WORKSPACE/vulnscan/screenshoots-nmap/ --db $WORKSPACE/vulnscan/screenshoots-nmap/gowitness.db"
execute.send_cmd(self.options,
utils.replace_argument(self.options, cmd), '', '',
self.module_name)
utils.just_waiting(self.options, self.module_name, seconds=10)
cmd = "$GO_PATH/gowitness generate -n $WORKSPACE/vulnscan/$OUTPUT-nmap-screenshots.html --destination $WORKSPACE/vulnscan/screenshoots-nmap/ --db $WORKSPACE/vulnscan/screenshoots-nmap/gowitness.db"
html_path = utils.replace_argument(
self.options,
"$WORKSPACE/vulnscan/$OUTPUT-nmap-screenshots.html")
execute.send_cmd(self.options,
utils.replace_argument(self.options, cmd),
html_path, '', self.module_name)
def __init__(self, options):
utils.print_banner("Reconnaisance")
utils.make_directory(options['WORKSPACE'] + '/recon')
self.module_name = self.__class__.__name__
self.options = options
if utils.resume(self.options, self.module_name):
utils.print_info(
"It's already done. use '-f' options to force rerun the module")
return
slack.slack_noti('status', self.options, mess={
'title': "{0} | {1}".format(self.options['TARGET'], self.module_name),
'content': 'Start Scanning Subdomain for {0}'.format(self.options['TARGET'])
})
self.initial()
self.conclude()
#this gonna run after module is done to update the main json
slack.slack_noti('good', self.options, mess={
'title': "{0} | {1} ".format(self.options['TARGET'], self.module_name),
'content': 'Done Scanning Subdomain for {0}'.format(self.options['TARGET'])
})
def parsing_config(config_path, args):
options = {}
##some default path
github_api_key = str(os.getenv("GITROB_ACCESS_TOKEN"))
cwd = str(os.getcwd())
#just hardcode if gopath not loaded
go_path = cwd + "/plugins/go"
# go_path = str(os.getenv("GOPATH")) + "/bin"
# if "None" in go_path:
# go_path = cwd + "/plugins/go"
bot_token = str(os.getenv("SLACK_BOT_TOKEN"))
log_channel = str(os.getenv("LOG_CHANNEL"))
status_channel = str(os.getenv("STATUS_CHANNEL"))
report_channel = str(os.getenv("REPORT_CHANNEL"))
stds_channel = str(os.getenv("STDS_CHANNEL"))
verbose_report_channel = str(os.getenv("VERBOSE_REPORT_CHANNEL"))
if os.path.isfile(config_path):
utils.print_info('Config file detected: {0}'.format(config_path))
#config to logging some output
config = ConfigParser(interpolation=ExtendedInterpolation())
config.read(config_path)
else:
utils.print_info('New config file created: {0}'.format(config_path))
shutil.copyfile(cwd + '/template-config.conf', config_path)
config = ConfigParser(interpolation=ExtendedInterpolation())
config.read(config_path)
workspace = cwd + "/workspaces/"
config.set('Enviroments', 'cwd', cwd)
config.set('Enviroments', 'go_path', go_path)
config.set('Enviroments', 'github_api_key', github_api_key)
config.set('Enviroments', 'workspaces', str(workspace))
if args.debug:
config.set('Slack', 'bot_token', 'bot_token')
config.set('Slack', 'log_channel', 'log_channel')
config.set('Slack', 'status_channel', 'status_channel')
config.set('Slack', 'report_channel', 'report_channel')
config.set('Slack', 'stds_channel', 'stds_channel')
config.set('Slack', 'verbose_report_channel', 'verbose_report_channel')
else:
config.set('Slack', 'bot_token', bot_token)
config.set('Slack', 'log_channel', log_channel)
config.set('Slack', 'status_channel', status_channel)
config.set('Slack', 'report_channel', report_channel)
config.set('Slack', 'stds_channel', stds_channel)
config.set('Slack', 'verbose_report_channel', verbose_report_channel)
##config of the tool
if args.slow:
speed = "slow"
else:
speed = "quick"
module = str(args.module)
debug = str(args.debug)
force = str(args.force)
config.set('Mode', 'speed', speed)
config.set('Mode', 'module', module)
config.set('Mode', 'debug', debug)
config.set('Mode', 'force', force)
##target stuff
#parsing agument
git_target = args.git if args.git else None
burpstate_target = args.burp if args.burp else None
target_list = args.targetlist if args.targetlist else None
company = args.company if args.company else None
direct_input = args.input if args.input else None
if args.target:
target = args.target
output = args.output if args.output else args.target
company = args.company if args.company else args.target
strip_target = target.replace('https://', '').replace('http://', '')
if '/' in strip_target:
strip_target = strip_target.split('/')[0]
if args.workspace:
if args.workspace[-1] == '/':
workspace = args.workspace + options['env']['STRIP_TARGET']
else:
workspace = args.workspace + '/' + options['env']['STRIP_TARGET']
else:
workspace += strip_target
if not direct_input:
try:
ip = socket.gethostbyname(strip_target)
except:
ip = "None"
utils.print_bad("Something wrong to connect to {0}".format(target))
else:
ip = None
try:
#getting proxy from args
proxy = args.proxy if args.proxy else None
proxy_file = args.proxy_file if args.proxy_file else None
config.set('Proxy', 'proxy', str(proxy))
config.set('Proxy', 'proxy_file', str(proxy_file))
if config['Proxy']['proxy_cmd'] == 'None':
#only works for Kali proxychains, change it if you on other OS
proxy_cmd = "proxychains -f {0}".format(proxy_file)
config.set('Proxy', 'proxy_cmd', str(proxy_cmd))
except:
utils.print_info("Your config file seem to be outdated, Backup it and delete it to regenerate the new one")
config.set('Target', 'input', str(direct_input))
config.set('Target', 'git_target', str(git_target))
config.set('Target', 'burpstate_target', str(burpstate_target))
config.set('Target', 'target_list', str(target_list))
config.set('Target', 'output', str(output))
config.set('Target', 'target', str(target))
config.set('Target', 'strip_target', str(strip_target))
config.set('Target', 'company', str(company))
config.set('Target', 'ip', str(ip))
config.set('Enviroments', 'workspace', str(workspace))
#create workspace folder for the target
utils.make_directory(workspace)
#set the remote API
if args.remote:
remote_api = args.remote
config.set('Server', 'remote_api', remote_api)
#set credentials as you define from agurments
if args.auth:
#user:pass
creds = args.auth.strip().split(":")
username = creds[0]
password = creds[1]
config.set('Server', 'username', username)
config.set('Server', 'password', password)
else:
#set random password if default password detect
if config['Server']['password'] == 'super_secret':
new_pass = ''.join(random.choice(string.ascii_lowercase)
for i in range(6)).upper()
config.set('Server', 'password', new_pass)
#save the config
with open(config_path, 'w') as configfile:
config.write(configfile)
config = ConfigParser(interpolation=ExtendedInterpolation())
config.read(config_path)
sections = config.sections()
for sec in sections:
for key in config[sec]:
options[key.upper()] = config.get(sec, key)
######
#parsing proxy stuff
if options.get('PROXY') or options.get('PROXY_FILE'):
proxy_parsing(options)
else:
#just for the old config
options['PROXY'] = "None"
options['PROXY_FILE'] = "None"
return options
def __init__(self, options):
utils.print_banner("Create Skeleton JSON file")
utils.make_directory(options['WORKSPACE'] + '/info')
self.module_name = self.__class__.__name__
self.options = options
self.initial()