https://github.com/Tuhinshubhra/RED_HAWK

All in one tool for Information Gathering, Vulnerability Scanning and Crawling. A must have tool for all penetration testers
https://github.com/Tuhinshubhra/RED_HAWK

admin-scanner backups-finder cloudflare-detection cms-detector crawler domain-authority-scanner geo-ip http-header information-gathering mx-lookup page-authority-scanner reverse-ip-scan scanner sql-scanner sql-vulnerability-scannig subdomain-scanner subnet-lookup whois-lookup wordpress wordpress-scanner

Last synced: 14 days ago
JSON representation

All in one tool for Information Gathering, Vulnerability Scanning and Crawling. A must have tool for all penetration testers

• Host: GitHub
• URL: https://github.com/Tuhinshubhra/RED_HAWK
• Owner: Tuhinshubhra
• License: mit
• Created: 2017-06-11T05:02:35.000Z (over 7 years ago)
• Default Branch: master
• Last Pushed: 2024-07-31T15:33:36.000Z (3 months ago)
• Last Synced: 2024-10-29T14:14:40.494Z (14 days ago)
• Topics: admin-scanner, backups-finder, cloudflare-detection, cms-detector, crawler, domain-authority-scanner, geo-ip, http-header, information-gathering, mx-lookup, page-authority-scanner, reverse-ip-scan, scanner, sql-scanner, sql-vulnerability-scannig, subdomain-scanner, subnet-lookup, whois-lookup, wordpress, wordpress-scanner
• Language: PHP
• Homepage:
• Size: 44.9 KB
• Stars: 3,038
• Watchers: 191
• Forks: 851
• Open Issues: 14
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

• awesome-termux-hacking - RED_HAWK - All in one tool for Information Gathering, Vulnerability Scanning and Crawling. A must have tool for all penetration testers.[](https://github.com/Tuhinshubhra/RED_HAWK/stargazers/) (Uncategorized / Uncategorized)
• awesome-hacking-lists - Tuhinshubhra/RED_HAWK - All in one tool for Information Gathering, Vulnerability Scanning and Crawling. A must have tool for all penetration testers (PHP)

README

        


	



#### Version 2.0.0

#### By R3D#@0R_2H1N A.K.A Tuhinshubhra

All in one tool for **Information Gathering** and **Vulnerability Scanning**

# Scans That You Can Perform Using RED HAWK :

+ Basic Scan

	- Site Title **NEW**

	- IP Address

	- Web Server Detection `IMPROVED`

	- CMS Detection

	- Cloudflare Detection

	- robots.txt Scanner

+ Whois Lookup `IMPROVED`

+ Geo-IP Lookup

+ Grab Banners `IMPROVED`

+ DNS Lookup

+ Subnet Calculator

+ Nmap Port Scan

+ Sub-Domain Scanner `IMPROVED`

	- Sub Domain

	- IP Address

+ Reverse IP Lookup & CMS Detection `IMPROVED`

	- Hostname

	- IP Address

	- CMS

+ Error Based SQLi Scanner

+ Bloggers View **NEW**

	- HTTP Response Code

	- Site Title

	- Alexa Ranking

	- Domain Authority

	- Page Authority

	- Social Links Extractor

	- Link Grabber

+ WordPress Scan **NEW**

	- Sensitive Files Crawling

	- Version Detection

	- Version Vulnerability Scanner

+ Crawler

+ MX Lookup **NEW**

+ Scan For Everything - _The Old Lame Scanner_

---

# Released Versions:

    - Version 1.0.0 [11-06-2017]

    - Version 1.1.0 [15-06-2017]

    - Version 2.0.0 [11-08-2017]

# Changelog:

- Version 1.0.0

    - Initial Launch

- Version 1.1.0

    - Updated The `fix` command

- Version 2.0.0

	- Separated all scans so that you are served the amount of information you need

	- `Sub-Domain Scanner` improved

	- `fix` command improved

	- `Web Server Detection` Improved

	- `CMS Detection` Improved

	- `Banner Grabbing` Improved

	- Added `WordPress Scanner`

	- Added `Bloggers View`

	- Added `MX Lookup`

	- Added `Update` option

	- RED HAWK Banner Updated

	- Many Other Internal Fixes

# Installation:

1. Run The Tool and Type `fix` This will Install All Required Modules.

2. For The Bloggers View To Work Properly you have to configure RED HAWK with moz.com's api keys for that follow the following steps:

**How To Configure RED HAWK with moz.com for Bloggers View Scan**

+ Create an account in moz follow this link : https://moz.com/community/join

+ After successful account creation and completing the verification you need to generate the API Keys

+ You can get your API Keys here: https://moz.com/products/mozscape/access

+ Get your AccessID and SecretKey and replace the `$accessID` and `$secretKey` variable's value in the `config.php` file

+ All set, now you can enjoy the bloggers view.

# Usage:

- git clone `https://github.com/Tuhinshubhra/RED_HAWK`

- cd RED_HAWK

- php rhawk.php

- Use the "help" command to see the command list or type in the domain name you want to scan (without Http:// OR Https://).

- Select whether The Site Runs On HTTPS or not.

- Select the type of scan you want to perform

- Leave the rest to the scanner

# List of CMS Supported

RED HAWK's `CMS Detector` currently is able to detect the following CMSs (Content Management Systems) in case the website is using some other CMS, Detector will return _could not detect_.

- WordPress

- Joomla

- Drupal

- Magento

# Known Issues

**ISSUE:** Scanner Stops Working After Cloudflare Detection!

**SOLUTION:** Use The `fix` Command OR Manually Install *php-curl* & *php-xml*

Watch The Video TO See How To Solve This Isuue : https://www.youtube.com/watch?v=QuFPY9NFTM8

# Video Demonstration



# Suggestions And Feedbacks

Want to contribute to RED HAWK or point out something wrong? Just create a new issue here: https://github.com/Tuhinshubhra/RED_HAWK/issues/new

I'd love to hear from you.

# Support and Donations

Found RED HAWK cool? well you could buy me a cup of tea ;) (no alcohol plz xD) just send any amount of donations (in BTC) to this address : **1NbiQidWWVVhWknsfPSN1MuksF8cbXWCku**

Can't donate? well that's no problem just drop a **THANK YOU** this will motivate me to create more exciting stuffs for you ;)

# TODOs

- Make a proper update option ( Installs current version automatically )

- Add more CMS to the detector

- Improve The WordPress Scanner ( Add User, Theme & Plugins Enumeration )

- Create a web version of the scanner

- Add XSS & LFI Scanner

- Improve the Links grabber thingy under bloggers view

- Add some other scans under the Bloggers View