https://github.com/eslam3kl/3klCon
Automation Recon tool which works with Large & Medium scopes. It performs a lot of tasks and gets back all the results in separated files.
https://github.com/eslam3kl/3klCon
3klcon automation penetration-test recon reconnaissance-framework
Last synced: 26 days ago
JSON representation
Automation Recon tool which works with Large & Medium scopes. It performs a lot of tasks and gets back all the results in separated files.
- Host: GitHub
- URL: https://github.com/eslam3kl/3klCon
- Owner: eslam3kl
- Archived: true
- Created: 2020-10-24T11:06:05.000Z (over 4 years ago)
- Default Branch: main
- Last Pushed: 2024-07-15T13:43:47.000Z (9 months ago)
- Last Synced: 2024-11-01T11:34:57.261Z (6 months ago)
- Topics: 3klcon, automation, penetration-test, recon, reconnaissance-framework
- Language: Shell
- Homepage:
- Size: 7.81 KB
- Stars: 679
- Watchers: 20
- Forks: 134
- Open Issues: 4
-
Metadata Files:
- Readme: README.md
- Funding: .github/FUNDING.yml
Awesome Lists containing this project
- WebHackersWeapons - 3klCon
- awesome-hacking-lists - eslam3kl/3klCon - Automation Recon tool which works with Large & Medium scopes. It performs a lot of tasks and gets back all the results in separated files. (Shell)
README
# 3klCon Project [Archived]
## Description
Automated Recon tool which works with Large and Medium scopes.ّIt's recommended to use it on VPS, it'll discover secrets and search for vulnerabilities
**So, Welcome, and let's get deep into it <3**
----------------------------------------
## What are the tasks it will do?
1. Search for subdomains using different tools and resources (Subfinder - Findomain - Amass - Assetfinder - Archive.Org - RapidDNS.io - Riddler.io - JLDC - GitHub-Subdomains - Chaos)
2. Search for the 3rd level of subdomains by extracting them using a simple Python script and enumerate them using (Subfinder - Findomain - Assetfinder - Archive.Org)
3. Resolving Subdomains with basic web ports 80 and 443
4. Resolving Subdomains with Special Web ports 81,3000,3001,8000,8080,8443,10000,9000,9443
5. Port scanning for all discovered assets using Naabu
6. Search for Wayback records using (Hakrawler - GauPlus)
7. Enumerate JavaScript files using (SubJs - Wayback Records)
8. Extract the files with interesting extensions
9. Search for Admin and login panels
10. Scan the assets using Nuclei----------------------------------------
## Installation instructions
#### 1. Run the following script to check what tools you need to install
```
# ./check_tools.sh
Checking for tool installation...
--> subfinder is installed.
--> findomain is installed.
--> assetfinder is installed.
--> amass is installed.
--> anew is installed.
--> github-subdomains is not installed. You can install it from https://github.com/gwen001/github-search/releases
--> chaos is installed.
--> hakrawler is installed.
--> gauplus is installed.
--> subjs is installed.
--> httpx is installed.
--> python3 is installed.
--> naabu is installed.
--> nuclei is installed.
```#### 2. Create your targets.txt file (Target per line)
```
hackerone.com
bugcrowd.com
google.com
```#### 3. Open 3klcon.sh file and put your CHAOS API Key
```
export CHAOS_KEY=""; # please insert your chaos key here
```#### 4. Open `github_tokens.txt`z file and put in your API keys.
#### 5. Run the tool
```
./3klcon.sh targets.txt
```----------------------------------------
## Notes
1. It will take almost 1 ~ 2 hours to run if your target is a medium. So, be _Patient_ or use VPS and sleep while running :)
2. It will collect all the results for every target into a separate directory.----------------------------------------
## Tools
- subfinder
- findomain
- assetfinder
- amass
- anew
- github-subdomains
- chaos
- hakrawler
- gauplus
- subjs
- httpx
- python3
- naabu
- nuclei----------------------------------------
## Stay in touch <3
[LinkedIn](https://www.linkedin.com/in/eslam3kl/) | [Blog](https://eslam3kl.gitbook.io/)