Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/melbadry9/ScanApi

Subdomains-enumeration, subdomain-takeover monitoring api and S3 bucket scanner.
https://github.com/melbadry9/ScanApi

bugbounty recon s3-bucket-scanner subdomains-enumeration

Last synced: 21 days ago
JSON representation

Subdomains-enumeration, subdomain-takeover monitoring api and S3 bucket scanner.

Awesome Lists containing this project

README

        

# ScanApi ![Python 3.5](https://img.shields.io/badge/Python-3.x-blue.svg) ![linux 64-bit](https://img.shields.io/badge/Linux-64bit-blue.svg) [![Total alerts](https://img.shields.io/lgtm/alerts/g/melbadry9/ScanApi.svg?logo=lgtm&logoWidth=18)](https://lgtm.com/projects/g/melbadry9/ScanApi/alerts/) [![Language grade: Python](https://img.shields.io/lgtm/grade/python/g/melbadry9/ScanApi.svg?logo=lgtm&logoWidth=18)](https://lgtm.com/projects/g/melbadry9/ScanApi/context:python)

Subdomains-enumeration, subdomain-takeover monitoring api and S3 bucket scanner.

## Installing

- Linux

```bash
git clone https://github.com/melbadry9/ScanApi.git
cd ScanApi
sudo bash install.sh
python3 app.py
```

- Docker

```bash
docker build -t scanapi:latest .
docker run -d -p 8000:8000 scanapi
```

- Update `config.ini` before building docker image.

- Add slack hook in `config.ini` if Slack is Enabled.

- Commit docker image `docker commit scanapi:latest` to avoid losing data from db.

## Endpoints

1. `/enum/domain//`
- Start subdomain enumeration task in background then update db
- Domain ex: `example.com`

2. `/enum/s3//`
- Start s3 bucket permissions scanner and update db
- Bucket-name ex: `example-prod`

3. `/db/domain//`
- Retrieve all subdomains from db if any exist

4. `/db/domain//?pro=http`
- Retrieve subdomains with port 80 opened from db if any exist

5. `/db/domain//?pro=https`
- Retrieve subdomains with port 443 opened from db if any exist

6. `/db/s3//`
- Retrieve s3 bucket scanner data from db if any exist

7. `/scan/domain//`
- Start scanning for possible subdomain takeover depending on db
- Domain ex: `example.com`

## Supported Tools

- [Amass](https://github.com/OWASP/Amass)
- [Gasset](https://github.com/melbadry9/gasset)
- [Findomain](https://github.com/Edu4rdSHL/findomain)
- [Subfinder](https://github.com/projectdiscovery/subfinder)
- [Subover](https://github.com/melbadry9/SubOver)
- [Sublist3r](https://github.com/melbadry9/Sublist3r)
- [Httprobe](https://github.com/tomnomnom/httprobe)
- [Gobuster](https://github.com/OJ/gobuster)
- [Assetfinder](https://github.com/tomnomnom/assetfinder)
- [Chaos](https://github.com/projectdiscovery/chaos-client)

## To-Do list

- [ ] Add directory brute forcing monitoring
- [ ] Add open ports monitoring
- [ ] Add scheduling jobs
- [ ] Add UI

## Donation

[![Coffee](https://www.buymeacoffee.com/assets/img/custom_images/black_img.png)](https://buymeacoffee.com/melbadry9)