def specific(options, module):
module = module.lower()
# checking the tool is installed right or not and exit
if 'health' in module:
health = healcheck.Healcheck(options)
if health.checking():
utils.print_good("All things look fine")
else:
utils.print_bad("Installing Osmedeus not correctly done")
utils.just_shutdown_flask(options)
sys.exit(0)
initials.Initials(options)
if 'sub' in module or 'subdomain' in module:
subdomain.SubdomainScanning(options)
takeover.TakeOverScanning(options)
screenshot.ScreenShot(options)
cors.CorsScan(options)
recon.Recon(options)
assetfinding.AssetFinding(options)
if 'ip' in module:
# Discovery IP space
ipspace.IPSpace(options)
if 'screen' in module:
# Discovery IP space
screenshot.ScreenShot(options)
if 'portscan' in module:
# scanning port, service and vuln with masscan and nmap
portscan.PortScan(options)
if 'headers' in module:
headers.HeadersScan(options)
if 'asset' in module:
assetfinding.AssetFinding(options)
if 'vuln' in module:
# scanning vulnerable service based on version
vulnscan.VulnScan(options)
if 'dir' in module:
# run blind directory brute force directly
dirbrute.DirBrute(options)
if 'brute' in module or 'force' in module:
# running brute force things based on scanning result
brutethings.BruteThings(options)
if 'git' in module:
gitscan.GitScan(options)
# if 'burp' in module:
# burpstate.BurpState(options)
conclusion.Conclusion(options)
def routine(options):
utils.print_good("Running with {0} speed".format(options['speed']))
#Finding subdomain
subdomain.SubdomainScanning(options)
#Scanning for subdomain take over
takeover.TakeOverScanning(options)
#Screen shot the target on common service
screenshot.ScreenShot(options)
#Scanning for CorsScan
cors.CorsScan(options)
#Discovery IP space
ipspace.IPSpace(options)
#SSL Scan
sslscan.SSLScan(options)
##### Note: From here the module gonna take really long time for scanning service and stuff like that
utils.print_info('This gonna take a while')
#Scanning all port using result from subdomain scanning and also checking vulnerable service based on version
portscan.PortScan(options)
#Starting vulnerable scan
vulnscan.VulnScan(options)
#Brute force service from port scan result
brutethings.BruteThings(options)
def normal(options):
utils.print_good("Running with {0} speed".format(options['SPEED']))
# Create skeleton json
initials.Initials(options)
# Finding subdomain
subdomain.SubdomainScanning(options)
# waiting for previous module
utils.just_waiting(options, 'SubdomainScanning')
# Scanning for subdomain take over
takeover.TakeOverScanning(options)
# Screen shot the target on common service
screenshot.ScreenShot(options)
# Recon
recon.Recon(options)
# Recon
assetfinding.AssetFinding(options)
# Scanning for CorsScan
cors.CorsScan(options)
# Discovery IP space
ipspace.IPSpace(options)
# SSL Scan
sslscan.SSLScan(options)
# Headers Scan
headers.HeadersScan(options)
# Note: From here the module gonna take really long time
# for scanning service and stuff like that
utils.print_info('This gonna take a while')
# Scanning all port using result from subdomain scanning
# and also checking vulnerable service based on version
portscan.PortScan(options)
# Directory scan
dirbrute.DirBrute(options)
# Starting vulnerable scan
vulnscan.VulnScan(options)
# brutethings.BruteThings(options)
conclusion.Conclusion(options)
def routine(options):
#Finding subdomain
subdomain.SubdomainScanning(options)
#Scanning for subdomain take over
takeover.TakeOverScanning(options)
#Scanning all port using result from subdomain scanning
portscan.PortScan(options)
#Brute force service from port scan result
brutethings.BruteThings(options)
def specific(options, module):
module = module.lower()
initials.Initials(options)
if 'sub' in module or 'subdomain' in module:
subdomain.SubdomainScanning(options)
takeover.TakeOverScanning(options)
screenshot.ScreenShot(options)
cors.CorsScan(options)
recon.Recon(options)
assetfinding.AssetFinding(options)
if 'ip' in module:
# Discovery IP space
ipspace.IPSpace(options)
if 'screen' in module:
# Discovery IP space
screenshot.ScreenShot(options)
if 'portscan' in module:
# scanning port, service and vuln with masscan and nmap
portscan.PortScan(options)
if 'headers' in module:
headers.HeadersScan(options)
if 'asset' in module:
assetfinding.AssetFinding(options)
if 'vuln' in module:
# scanning vulnerable service based on version
vulnscan.VulnScan(options)
if 'dir' in module:
# run blind directory brute force directly
dirbrute.DirBrute(options)
if 'brute' in module or 'force' in module:
# running brute force things based on scanning result
brutethings.BruteThings(options)
if 'git' in module:
gitscan.GitScan(options)
# if 'burp' in module:
# burpstate.BurpState(options)
conclusion.Conclusion(options)
def routine(options):
#Finding subdomain
subdomain.SubdomainScanning(options)
#Scanning for subdomain take over
takeover.TakeOverScanning(options)
#Screen shot the target on common service
screenshot.ScreenShot(options)
##### Note: From here the module gonna take really long time for scanning service and stuff like that
utils.print_info('This gonna take a while')
#Scanning all port using result from subdomain scanning and also checking vulnerable service based on version
portscan.PortScan(options)
#Starting vulnerable scan
vulnscan.VulnScan(options)
#Brute force service from port scan result
brutethings.BruteThings(options)
def single_target(args):
print('{2}---<---<--{1}@{2} Target: {0} {1}@{2}-->--->---'.format(
args.target, P, G))
if args.target:
if args.output:
options['env']['OUTPUT'] = args.output
else:
options['env']['OUTPUT'] = args.target
#just loop in the for if the target list
options['target'] = args.target
options['env']['TARGET'] = args.target
options['env']['STRIP_TARGET'] = args.target.replace('https://',
'').replace(
'http://', '')
if '/' in options['env']['STRIP_TARGET']:
options['env']['STRIP_TARGET'] = options['env'][
'STRIP_TARGET'].split('/')[0]
if args.workspace:
if args.workspace[-1] == '/':
options['env']['WORKSPACE'] = args.workspace + options['env'][
'STRIP_TARGET']
else:
options['env']['WORKSPACE'] = args.workspace + '/' + options[
'env']['STRIP_TARGET']
else:
options['env'][
'WORKSPACE'] = current_path + '/workspaces/' + options['env'][
'STRIP_TARGET']
#create workspace folder for the target
utils.make_directory(options['env']['WORKSPACE'])
options['env']['IP'] = socket.gethostbyname(options['env']['TARGET'])
#run specific task otherwise run the normal routine
if args.module:
module = args.module
if 'subdomain' in module:
subdomain.SubdomainScanning(options)
takeover.TakeOverScanning(options)
screenshot.ScreenShot(options)
cors.CorsScan(options)
elif 'screenshot' in module:
screenshot.ScreenShot(options)
elif 'portscan' in module:
# scanning port, service and vuln with masscan and nmap
portscan.PortScan(options)
elif 'vuln' in module:
# scanning vulnerable service based on version
vulnscan.VulnScan(options)
elif 'git' in module:
gitscan.GitScan(options)
elif 'burp' in module:
burpstate.BurpState(options)
elif 'brute' in module or 'force' in module:
# running brute force things based on scanning result
brutethings.BruteThings(options)
elif 'ip' in module:
#Discovery IP space
ipspace.IPSpace(options)
elif 'dir' in module:
# run blind directory brute force directly
dirbrute.DirBrute(options)
else:
routine(options)
