Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/Anof-cyber/pentest-recon

Web application pentesting recon
https://github.com/Anof-cyber/pentest-recon

bugbounty information-extraction pentesting reconnaissance webapplication webpentest

Last synced: 21 days ago
JSON representation

Web application pentesting recon

Awesome Lists containing this project

README

        

# pentest-recon
Pentest recon is a small script that will do basic recon for web application pentesting. Pentest recon use multiple tools to perform recon.

![alt text](https://i.ibb.co/vvS5n5r/2020-07-05-18-19-59-Parrot-OS-Running-Oracle-VM-Virtual-Box.png)

# New V1.1
- Now output will be in HTML format, everything in one place
- removed Viewdns IPhistory
- removed Zile JS analysis & relative URL extrator
- [Thanks to Lazyrecon](https://github.com/nahamsec/lazyrecon)

# Tools
- [nmap](https://nmap.org/)
- [waybackurls](https://github.com/tomnomnom/waybackurls)
- [Link finder](https://github.com/jhaddix/LinkFinder)
- [Securityheaders](https://securityheaders.com/)
- [Waybackurls](https://github.com/tomnomnom/waybackurls)
- [Link Finder](https://github.com/GerbenJavado/LinkFinder)
- [ParamSpider](https://github.com/devanshbatham/ParamSpider)
- [Shodan](http://shodan.io/)

# Requirements
- [Shodan API](http://shodan.io/)
- python
- go

- **run the install.sh file and enter the api key**

# Usage
```
git clone https://github.com/Anof-cyber/pentest-recon/
cd pentest-recon
chmod +x install.sh
sudo ./install.sh
chmod +x web-recon.sh
sudo ./pentest-recon.sh
````
## Creator
- [Twitter](https://twitter.com/ano_f_)

# HTML Output Demo
![alt text](https://i.ibb.co/3pVSHz5/2020-07-26-00-48-39-Virtual-Box-VM.png)