Hi, This is a short reconnaissance script which I had started writing some time back. It uses various open source tools to collect data and perform various task automatically on a given domain.
P.S: This is a script which I had created for personal use with with an intention to learn automation with bash and have no intention for commercial/ professional purpose. (You will find scripts which are far better than this one)
Currently it performs following tasks:
- Subdomain Enumeration
- Probing domains on HTTP/HTTPS
- Check for live hosts: Ping Sweep
- Check Status Codes
- Convert domains to IP addresses
- Port Scanning
- Taking screenshots of all the subdomains
- Getting some information from wayback archieve
- Check domains against subdomain takeover vulnerability
Tools Used: