GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → EdOverflow → Megplus

EdOverflow / Megplus

Licence: mit
Automated reconnaissance wrapper — TomNomNom's meg on steroids. [DEPRECATED]

Programming Languages

shell
77523 projects

Labels

securityinfosecbugbountyreconnaissancerecon

Projects that are alternatives of or similar to Megplus

Autosetup
Auto setup is a bash script compatible with Debian based distributions to install and setup necessary programs.
Stars: ✭ 140 (-47.76%)
Mutual labels:  infosec, reconnaissance, recon, bugbounty
Rengine
reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with…
Stars: ✭ 3,439 (+1183.21%)
Mutual labels:  reconnaissance, recon, infosec, bugbounty
tugarecon
Pentest: Subdomains enumeration tool for penetration testers.
Stars: ✭ 142 (-47.01%)
Mutual labels:  infosec, recon, bugbounty, reconnaissance
flydns
Related subdomains finder
Stars: ✭ 29 (-89.18%)
Mutual labels:  infosec, recon, bugbounty, reconnaissance
targets
A collection of over 5.1 million sub-domains and assets belonging to public bug bounty programs, compiled into a repo, for performing bulk operations.
Stars: ✭ 85 (-68.28%)
Mutual labels:  infosec, recon, bugbounty, reconnaissance
Natlas
Scaling Network Scanning. Changes prior to 1.0 may cause difficult to avoid backwards incompatibilities. You've been warned.
Stars: ✭ 333 (+24.25%)
Mutual labels:  infosec, reconnaissance, recon
Awesome Asset Discovery
List of Awesome Asset Discovery Resources
Stars: ✭ 1,017 (+279.48%)
Mutual labels:  infosec, reconnaissance, recon
osmedeus-workflow
Community Workflow for the Osmedeus Engine that describes basic reconnaissance methodology for you to build your own
Stars: ✭ 26 (-90.3%)
Mutual labels:  infosec, recon, bugbounty
Asnlookup
Leverage ASN to look up IP addresses (IPv4 & IPv6) owned by a specific organization for reconnaissance purposes, then run port scanning on it.
Stars: ✭ 163 (-39.18%)
Mutual labels:  infosec, reconnaissance, bugbounty
fuzzmost
all manner of wordlists
Stars: ✭ 23 (-91.42%)
Mutual labels:  infosec, recon, bugbounty
Reconky-Automated Bash Script
Reconky is an great Content Discovery bash script for bug bounty hunters which automate lot of task and organized in the well mannered form which help them to look forward.
Stars: ✭ 167 (-37.69%)
Mutual labels:  recon, bugbounty, reconnaissance
apkizer
apkizer is a mass downloader for android applications for all available versions.
Stars: ✭ 40 (-85.07%)
Mutual labels:  recon, bugbounty, reconnaissance
aquatone
A Tool for Domain Flyovers
Stars: ✭ 43 (-83.96%)
Mutual labels:  infosec, bugbounty, reconnaissance
Autorecon
Simple shell script for automated domain recognition with some tools
Stars: ✭ 244 (-8.96%)
Mutual labels:  reconnaissance, recon, bugbounty
Spaces Finder
A tool to hunt for publicly accessible DigitalOcean Spaces
Stars: ✭ 122 (-54.48%)
Mutual labels:  infosec, reconnaissance, recon
Awesome Bbht
A bash script that will automatically install a list of bug hunting tools that I find interesting for recon, exploitation, etc. (minus burp) For Ubuntu/Debain.
Stars: ✭ 190 (-29.1%)
Mutual labels:  reconnaissance, recon, bugbounty
Getjs
A tool to fastly get all javascript sources/files
Stars: ✭ 190 (-29.1%)
Mutual labels:  reconnaissance, recon, bugbounty
Url Tracker
Change monitoring app that checks the content of web pages in different periods.
Stars: ✭ 171 (-36.19%)
Mutual labels:  reconnaissance, recon, bugbounty
3klcon
Automation Recon tool which works with Large & Medium scopes. It performs more than 20 tasks and gets back all the results in separated files.
Stars: ✭ 189 (-29.48%)
Mutual labels:  reconnaissance, recon, bugbounty
goverview
goverview - Get an overview of the list of URLs
Stars: ✭ 93 (-65.3%)
Mutual labels:  infosec, recon, bugbounty
View All Similar Projects ➔

meg+ [Deprecated]

Automated reconnaissance wrapper — TomNomNom's meg on steroids.

Built by TomNomNom and EdOverflow.

About

This wrapper will automate numerous tasks and help you during your reconnaissance process. The script finds common issues, low hanging fruit, and assists you when approaching a target. meg+ also allows you to scan all your in-scope targets on HackerOne in one go — it simply retrieves them using a GraphQL query.

Watch TomNomNom's talk to learn more about his reconnaissance methodology:

Installation

You will need Golang, Python 2 or 3, and PHP 7.0 to use all the features provided by this tool. On top of that, make sure to install meg, waybackurls, Sublist3r, and gio.

git clone https://github.com/EdOverflow/megplus.git
cd megplus
go get github.com/tomnomnom/meg
go get github.com/tomnomnom/waybackurls
git clone https://github.com/aboul3la/Sublist3r.git
# See https://github.com/aboul3la/Sublist3r#dependencies

⚠ If you do not want to use gio or do not have gio on your machine, just comment out all the lines that have gio in them! Make sure to also remove the error message located here: https://github.com/EdOverflow/megplus/blob/master/megplus.sh#L65-L68.

Usage

You can either scan a list of hosts or use your HackerOne X-Auth-Token token to scan all the bug bounty programs that you participate in.

$ ./megplus.sh
1) Usage - target list of domains:        ./megplus.sh <list of domains>
2) Usage - target all HackerOne programs: ./megplus.sh -x <H1 X-Auth-Token>
3) Usage - run sublist3r first:           ./megplus.sh -s <single host>

1) Example: ./megplus.sh domains
2) Example: ./megplus.sh -x XXXXXXXXXXXXXXXX
3) Example: ./megplus.sh -s example.com

Usage - Docker 🐋

If you don't feel like installing all the dependencies mentioned above, you can simply run the abhartiya/tools_megplus Docker container, where test.txt is a sample file containing the URLs to test against. In your case, this will be the file containing the URLs you want to test:

docker run -v $(pwd):/megplus abhartiya/tools_megplus test.txt

The command will run the abhartiya/tools_megplus Docker image as a container and mount the pwd onto the container as a volume (at /megplus), which makes the test.txt file available to the container. Once megplus finishes running, the out directory will be created in pwd with all the results.

Scanner

meg+ will scan for the following things:

  • Sudomains using Sublist3r;
  • Configuration files;
  • Interesting strings;
  • Open redirects;
  • CRLF injection;
  • CORS misconfigurations;
  • Path-based XSS;
  • (Sub)domain takeovers.

Contributing

I welcome contributions from the public.

Using the issue tracker 💡

The issue tracker is the preferred channel for bug reports and features requests.

Issues and labels 🏷

The bug tracker utilizes several labels to help organize and identify issues.

Guidelines for bug reports 🐛

Use the GitHub issue search — check if the issue has already been reported.

⚠ Legal Disclaimer

This project is made for educational and ethical testing purposes only. Usage of this tool for attacking targets without prior mutual consent is illegal. Developers assume no liability and are not responsible for any misuse or damage caused by this tool.

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].