Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/Anof-cyber/pentest-recon

Web application pentesting recon
https://github.com/Anof-cyber/pentest-recon

bugbounty information-extraction pentesting reconnaissance webapplication webpentest

Last synced: 3 months ago
JSON representation

Web application pentesting recon

Awesome Lists containing this project

README 

        
# pentest-recon

Pentest recon is a small script that will do basic recon for web application pentesting. Pentest recon use multiple tools to perform recon.



![alt text](https://i.ibb.co/vvS5n5r/2020-07-05-18-19-59-Parrot-OS-Running-Oracle-VM-Virtual-Box.png)



# New V1.1

- Now output will be in HTML format, everything in one place

- removed Viewdns IPhistory

- removed Zile JS analysis & relative URL extrator

- [Thanks to Lazyrecon](https://github.com/nahamsec/lazyrecon)



# Tools

- [nmap](https://nmap.org/)

- [waybackurls](https://github.com/tomnomnom/waybackurls)

- [Link finder](https://github.com/jhaddix/LinkFinder)

- [Securityheaders](https://securityheaders.com/)

- [Waybackurls](https://github.com/tomnomnom/waybackurls)

- [Link Finder](https://github.com/GerbenJavado/LinkFinder)

- [ParamSpider](https://github.com/devanshbatham/ParamSpider)

- [Shodan](http://shodan.io/)



# Requirements

- [Shodan API](http://shodan.io/)

- python

- go 



- **run the install.sh file and enter the api key**



# Usage

```

git clone https://github.com/Anof-cyber/pentest-recon/

cd pentest-recon

chmod +x install.sh

sudo ./install.sh 

chmod +x web-recon.sh

sudo ./pentest-recon.sh

````

## Creator

- [Twitter](https://twitter.com/ano_f_)



# HTML Output Demo

![alt text](https://i.ibb.co/3pVSHz5/2020-07-26-00-48-39-Virtual-Box-VM.png)