All Projects β†’ edoardottt β†’ Scilla

edoardottt / Scilla

Licence: gpl-3.0
πŸ΄β€β˜ οΈ Information Gathering tool πŸ΄β€β˜ οΈ DNS / Subdomains / Ports / Directories enumeration

Programming Languages

go
26613 projects - #10 most used programming language

Projects that are alternatives of or similar to Scilla

Hosthunter
HostHunter a recon tool for discovering hostnames using OSINT techniques.
Stars: ✭ 427 (+268.1%)
Mutual labels:  hacking, security-tools, pentesting, penetration-testing, hacking-tool, reconnaissance, recon
Raccoon
A high performance offensive security tool for reconnaissance and vulnerability scanning
Stars: ✭ 2,312 (+1893.1%)
Mutual labels:  hacking, pentesting, hacking-tool, reconnaissance, information-gathering, enumeration
Rengine
reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with…
Stars: ✭ 3,439 (+2864.66%)
Mutual labels:  security-tools, reconnaissance, recon, information-gathering, penetration-testing, pentesting
Crithit
Takes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures to cross-check vulnerabilities over multiple hosts.
Stars: ✭ 182 (+56.9%)
Mutual labels:  hacking, security-tools, pentesting, penetration-testing, hacking-tool, enumeration
Awesome Bbht
A bash script that will automatically install a list of bug hunting tools that I find interesting for recon, exploitation, etc. (minus burp) For Ubuntu/Debain.
Stars: ✭ 190 (+63.79%)
Mutual labels:  hacking, security-tools, penetration-testing, hacking-tool, reconnaissance, recon
Osmedeus
Fully automated offensive security framework for reconnaissance and vulnerability scanning
Stars: ✭ 3,391 (+2823.28%)
Mutual labels:  hacking, security-tools, penetration-testing, hacking-tool, reconnaissance, information-gathering
Active Directory Exploitation Cheat Sheet
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
Stars: ✭ 1,392 (+1100%)
Mutual labels:  hacking, pentesting, penetration-testing, hacking-tool, enumeration
Nosqlmap
Automated NoSQL database enumeration and web application exploitation tool.
Stars: ✭ 1,928 (+1562.07%)
Mutual labels:  hacking, security-tools, penetration-testing, hacking-tool, enumeration
Evillimiter
Tool that monitors, analyzes and limits the bandwidth of devices on the local network without administrative access.
Stars: ✭ 764 (+558.62%)
Mutual labels:  hacking, security-tools, pentesting, penetration-testing, hacking-tool
Vhostscan
A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, aliases and dynamic default pages.
Stars: ✭ 767 (+561.21%)
Mutual labels:  hacking, security-tools, penetration-testing, hacking-tool, ctf-tools
Fdsploit
File Inclusion & Directory Traversal fuzzing, enumeration & exploitation tool.
Stars: ✭ 199 (+71.55%)
Mutual labels:  hacking, security-tools, pentesting, penetration-testing, enumeration
Active Directory Exploitation Cheat Sheet
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
Stars: ✭ 870 (+650%)
Mutual labels:  hacking, pentesting, penetration-testing, hacking-tool, enumeration
Reconnoitre
A security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing.
Stars: ✭ 1,824 (+1472.41%)
Mutual labels:  hacking, security-tools, penetration-testing, hacking-tool, enumeration
Cheatsheet God
Penetration Testing Reference Bank - OSCP / PTP & PTX Cheatsheet
Stars: ✭ 3,521 (+2935.34%)
Mutual labels:  hacking, security-tools, pentesting, penetration-testing, hacking-tool
Whatweb
Next generation web scanner
Stars: ✭ 3,503 (+2919.83%)
Mutual labels:  hacking, security-tools, pentesting, penetration-testing, recon
A Red Teamer Diaries
RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.
Stars: ✭ 382 (+229.31%)
Mutual labels:  hacking, security-tools, pentesting, penetration-testing, enumeration
Cameradar
Cameradar hacks its way into RTSP videosurveillance cameras
Stars: ✭ 2,775 (+2292.24%)
Mutual labels:  hacking, security-tools, pentesting, penetration-testing, hacking-tool
Recsech
Recsech is a tool for doing Footprinting and Reconnaissance on the target web. Recsech collects information such as DNS Information, Sub Domains, HoneySpot Detected, Subdomain takeovers, Reconnaissance On Github and much more you can see in Features in tools .
Stars: ✭ 173 (+49.14%)
Mutual labels:  security-tools, penetration-testing, hacking-tool, reconnaissance, recon
Intrec Pack
Intelligence and Reconnaissance Package/Bundle installer.
Stars: ✭ 177 (+52.59%)
Mutual labels:  security-tools, pentesting, reconnaissance, recon, enumeration
Dirsearch
Web path scanner
Stars: ✭ 7,246 (+6146.55%)
Mutual labels:  hacking, pentesting, penetration-testing, hacking-tool, enumeration


πŸ΄β€β˜ οΈ Information Gathering tool πŸ΄β€β˜ οΈ - DNS / Subdomains / Ports / Directories enumeration

go-report-card workflows ubuntu-build win10-build pr-welcome
Mainteinance yes ask me anything gobadge license-GPL3
Coded with πŸ’™ by edoardottt.
Share on Twitter!

Preview β€’ Install β€’ Get Started β€’ Examples β€’ Contributing

Preview πŸ“Š

Example

Installation πŸ“‘

  • First of all, clone the repo locally

    • git clone https://github.com/edoardottt/scilla.git
    • cd scilla
  • Scilla has external dependencies, so they need to be pulled in:

    • go get
  • Linux (Requires high perms, run with sudo)

    • make linux (to install)

    • make unlinux (to uninstall)

  • Windows (executable works only in scilla folder. Alias?)

    • make windows (to install) or .\make.bat windows (powershell)

    • make unwindows (to uninstall) or .\make.bat unwindows (powershell)

  • Other commands:

    • make fmt run the golang formatter.

    • make update Update.

    • make remod Remod.

    • make test runs the tests (empty now..)

Get Started πŸŽ‰

scilla help prints the help in the command line.

usage: scilla subcommand { options }

	Available subcommands:
		- dns [-o output-format] -target <target (URL)> REQUIRED
		- port [-p <start-end>  or ports divided by comma]
		       [-o output-format]
		       [-common scan common ports]
		       -target <target (URL/IP)> REQUIRED
		- subdomain [-w wordlist]
			    [-o output-format]
			    [-i ignore status codes]
			    [-c use also a web crawler]
			    [-db use also a public database]
			    -target <target (URL)> REQUIRED
		- dir [-w wordlist]
	              [-o output-format]
		      [-i ignore status codes]
		      [-c use also a web crawler]
	       	      -target <target (URL)> REQUIRED
		- report [-p <start-end> or ports divided by comma]
			 [-ws subdomains wordlist]
			 [-wd directories wordlist]
			 [-o output-format]
			 [-id ignore status codes in directories scanning]
			 [-is ignore status codes in subdomains scanning]
			 [-cd use also a web crawler for directories scanning]
			 [-cs use also a web crawler for subdomains scanning]
			 [-db use also a public database for subdomains scanning]
			 [-common scan common ports]
			 -target <target (URL/IP)> REQUIRED
		- help
		- examples

Examples πŸ’‘

  • DNS enumeration:

    • scilla dns -target target.domain
    • scilla dns -target -o txt target.domain
    • scilla dns -target -o html target.domain
  • Subdomains enumeration:

    • scilla subdomain -target target.domain
    • scilla subdomain -w wordlist.txt -target target.domain
    • scilla subdomain -o txt -target target.domain
    • scilla subdomain -o html -target target.domain
    • scilla subdomain -i 400 -target target.domain
    • scilla subdomain -i 4** -target target.domain
    • scilla subdomain -c -target target.domain
    • scilla subdomain -db -target target.domain
  • Directories enumeration:

    • scilla dir -target target.domain
    • scilla dir -w wordlist.txt -target target.domain
    • scilla dir -o txt -target target.domain
    • scilla dir -o html -target target.domain
    • scilla dir -i 500,401 -target target.domain
    • scilla dir -i 5**,401 -target target.domain
    • scilla dir -c -target target.domain
  • Ports enumeration:

    • Default (all ports, so 1-65635) scilla port -target target.domain
    • Specifying ports range scilla port -p 20-90 -target target.domain
    • Specifying starting port (until the last one) scilla port -p 20- -target target.domain
    • Specifying ending port (from the first one) scilla port -p -90 -target target.domain
    • Specifying single port scilla port -p 80 -target target.domain
    • Specifying output format (txt)scilla port -o txt -target target.domain
    • Specifying output format (html)scilla port -o html -target target.domain
    • Specifying multiple ports scilla port -p 21,25,80 -target target.domain
    • Specifying common ports scilla port -common -target target.domain
  • Full report:

    • Default (all ports, so 1-65635) scilla report -target target.domain
    • Specifying ports range scilla report -p 20-90 -target target.domain
    • Specifying starting port (until the last one) scilla report -p 20- -target target.domain
    • Specifying ending port (from the first one) scilla report -p -90 -target target.domain
    • Specifying single port scilla report -p 80 -target target.domain
    • Specifying output format (txt)scilla report -o txt -target target.domain
    • Specifying output format (html)scilla report -o html -target target.domain
    • Specifying directories wordlist scilla report -wd dirs.txt -target target.domain
    • Specifying subdomains wordlist scilla report -ws subdomains.txt -target target.domain
    • Specifying status codes to be ignored in directories scanning scilla report -id 500,501,502 -target target.domain
    • Specifying status codes to be ignored in subdomains scanning scilla report -is 500,501,502 -target target.domain
    • Specifying status codes classes to be ignored in directories scanning scilla report -id 5**,4** -target target.domain
    • Specifying status codes classes to be ignored in subdomains scanning scilla report -is 5**,4** -target target.domain
    • Use also a web crawler for directories enumeration scilla report -cd -target target.domain
    • Use also a web crawler for subdomains enumeration scilla report -cs -target target.domain
    • Use also a public database for subdomains enumeration scilla report -db -target target.domain
    • Specifying multiple ports scilla report -p 21,25,80 -target target.domain
    • Specifying common ports scilla report -common -target target.domain

Contributing πŸ› 

Just open an issue/pull request. See also CONTRIBUTING.md and CODE OF CONDUCT.md

Help me building this!

A special thanks to danielmiessler, using those lists; and to sonarSearch.

To do:

  • [ ] Tests (πŸ˜‚)

  • [ ] Tor support

  • [ ] Proxy support

  • [ ] JSON report output

  • [ ] XML report output

  • [x] Add option to use a public database of known subdomains

  • [x] Recursive Web crawling for subdomains and directories

  • [x] Check input and if it's an IP try to change to hostname when dns or subdomain is active

  • [x] Ignore responses by status codes (partially done, to do with *, e.g. -i 4**)

  • [x] HTML output

  • [x] Build an Input Struct and use it as parameter

  • [x] Output color

  • [x] Subdomains enumeration

  • [x] DNS enumeration

  • [x] Subdomains enumeration

  • [x] Port enumeration

  • [x] Directories enumeration

  • [x] TXT output

If you liked it drop a ⭐️

edoardoottavianelli.it for contact me.

                                                                Edoardo Ottavianelli
Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected]