Skip to content

a python script that automates recon flow for a given target domain.

Notifications You must be signed in to change notification settings

Import3r/Huntsman

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Huntsman - web application recon and asset discovery

image

Description

A python script that automates my discovery process and recon workflow for given target domains/assets, by utilizing open-source tools used for web application testing.

What it does

  • Utilizes "Amass" in enum mode to collect subdomains under given domains.
  • Utilizes an open-source tool by gwen001 to perform GitHub-dorking with a GitHub access token to collect more subdomains.
  • Utilizes "Aquatone" to perform visual sorting of discovered end-points to seperate unique web applications from duplicate ones.
  • Utilizes "Subdomainizer" to scan responses and JS files for potentially sensitive information.

Setup

  • Clone "Huntsman" from Github:
git clone https://github.com/Import3r/Huntsman.git
  • Change directory to "Huntsman":
cd Huntsman
  • Install needed packages from apt_packages.txt:
xargs -r -a apt_packages.txt sudo apt-get install -y
  • Run "Huntsman":
python3 main.py

Note: running "Huntsman" for the first time may trigger the installer prompt for missing tools.