GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → si9int → quick-recon.py

si9int / quick-recon.py

Licence: MIT License
Do some quick reconnaissance on a domain-based web-application

Programming Languages

python
139335 projects - #7 most used programming language

Labels

osintpentestingbugbountyreconnaissance

Projects that are alternatives of or similar to quick-recon.py

Hosthunter
HostHunter a recon tool for discovering hostnames using OSINT techniques.
Stars: ✭ 427 (+3184.62%)
Mutual labels:  osint, pentesting, bugbounty, reconnaissance
Bigbountyrecon
BigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.
Stars: ✭ 541 (+4061.54%)
Mutual labels:  osint, pentesting, bugbounty, reconnaissance
Asnip
ASN target organization IP range attack surface mapping for reconnaissance, fast and lightweight
Stars: ✭ 126 (+869.23%)
Mutual labels:  osint, pentesting, bugbounty, reconnaissance
Rengine
reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with…
Stars: ✭ 3,439 (+26353.85%)
Mutual labels:  osint, pentesting, bugbounty, reconnaissance
Osint tips
OSINT
Stars: ✭ 322 (+2376.92%)
Mutual labels:  osint, pentesting, bugbounty, reconnaissance
Sn0int
Semi-automatic OSINT framework and package manager
Stars: ✭ 814 (+6161.54%)
Mutual labels:  osint, pentesting, reconnaissance
Social Analyzer
API, CLI & Web App for analyzing & finding a person's profile across +1000 social media \ websites (Detections are updated regularly by automated systems)
Stars: ✭ 8,449 (+64892.31%)
Mutual labels:  osint, pentesting, reconnaissance
AttackSurfaceManagement
Discover the attack surface and prioritize risks with our continuous Attack Surface Management (ASM) platform - Sn1per Professional #pentest #redteam #bugbounty
Stars: ✭ 45 (+246.15%)
Mutual labels:  osint, bugbounty, reconnaissance
Reconky-Automated Bash Script
Reconky is an great Content Discovery bash script for bug bounty hunters which automate lot of task and organized in the well mannered form which help them to look forward.
Stars: ✭ 167 (+1184.62%)
Mutual labels:  osint, bugbounty, reconnaissance
Spaces Finder
A tool to hunt for publicly accessible DigitalOcean Spaces
Stars: ✭ 122 (+838.46%)
Mutual labels:  osint, pentesting, reconnaissance
aquatone
A Tool for Domain Flyovers
Stars: ✭ 43 (+230.77%)
Mutual labels:  osint, bugbounty, reconnaissance
Spiderfoot
SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.
Stars: ✭ 6,882 (+52838.46%)
Mutual labels:  osint, pentesting, reconnaissance
Favfreak
Making Favicon.ico based Recon Great again !
Stars: ✭ 564 (+4238.46%)
Mutual labels:  osint, bugbounty, reconnaissance
Pentesting Bible
Learn ethical hacking.Learn about reconnaissance,windows/linux hacking,attacking web technologies,and pen testing wireless networks.Resources for learning malware analysis and reverse engineering.
Stars: ✭ 8,981 (+68984.62%)
Mutual labels:  osint, pentesting, bugbounty
Intrec Pack
Intelligence and Reconnaissance Package/Bundle installer.
Stars: ✭ 177 (+1261.54%)
Mutual labels:  osint, pentesting, reconnaissance
Pdlist
A passive subdomain finder
Stars: ✭ 204 (+1469.23%)
Mutual labels:  osint, bugbounty, reconnaissance
SourceWolf
Amazingly fast response crawler to find juicy stuff in the source code! 😎🔥
Stars: ✭ 132 (+915.38%)
Mutual labels:  osint, bugbounty, reconnaissance
Metabigor
Intelligence tool but without API key
Stars: ✭ 424 (+3161.54%)
Mutual labels:  osint, pentesting, bugbounty
Raccoon
A high performance offensive security tool for reconnaissance and vulnerability scanning
Stars: ✭ 2,312 (+17684.62%)
Mutual labels:  osint, pentesting, reconnaissance
Cc.py
Extracting URLs of a specific target based on the results of "commoncrawl.org"
Stars: ✭ 250 (+1823.08%)
Mutual labels:  osint, pentesting, bugbounty
View All Similar Projects ➔

quick-recon.py

Do some quick reconnaissance on a domain-based web-application.
This is very useful if you test a single web-application or domain and don't have time (mood) to gather information manually.

Features

  • Retreive the IP adress, location and it's corresponding IP range and IP history
  • Do a HTTP-OPTIONS request to lookup the allowed HTTP methods
  • Print the HTTP-response headers set by the server
  • Get the used technology (webserver, proxy, languages, scriptlanguage, frontend, frameworks) based on: w3techs.com
  • Get the name of the CMS (if in use) based on: whatcms.org
  • Read out: robots.txt
  • Bruteforce some interesting files, wordlist from: github.com/hannob/snallygaster

Installation

pip -r requirements.txt

Usage

quick-recon.py [-h] domain

positional arguments:
  domain      domain (by URL;e.g. https://test.de)

optional arguments:
  -h, --help  show this help message and exit

Example

Executing python quick-recon.py https://bund.de will output:

[-] IP Information: 77.87.229.48 (DE), BSI-IVBB
[-] IP Range: 77.87.224.0-77.87.231.255
[!] HTTP-OPTIONS failed
[-] HTTP-response header:
---
	Date: Sun, 17 Jun 2018 21:54:00 GMT
	Content-Length: 233
	Keep-Alive: timeout=5, max=100
	Connection: Keep-Alive
	Content-Type: text/html; charset=iso-8859-1
	Set-Cookie: {..}
---
[!] No "Server"-header
[-] W3-technologies:
--
	Content Management: Government Site Builder
	Server-side Language: Java
	Client-side Language: JavaScript
	JavaScript Library: jQuery
	Markup Language: HTML5
	Character Encoding: UTF-8
	Image File Formats: PNG, JPEG
	Site Elements: External CSS, Inline CSS, Session Cookies
	SSL Certificate Authority: Deutsche Telekom
	Server Location: Germany
	Content Language: German
--
[!] No CMS detected
[!] No robots.txt
[!] Checking interesting files
[-] Checked 50% of dictionary
[!] Finished quick-reconnaissance on: https://bund.de
Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].