-
Notifications
You must be signed in to change notification settings - Fork 0
/
main.py
86 lines (70 loc) · 2.43 KB
/
main.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
import os, argparse, signal
from subfinder import Subfinder
from initial_recon import Initial
from vulns_parser import Parser
from xss import Xss
from dns import DNS
from wpscan import Wordpress
parser = argparse.ArgumentParser(description='Hakaize Bug Bounty Automation')
parser.add_argument('-p', '--program', default="", help='Programa de bugbounty para hacerle recon (sale arriba en la url)')
parser.add_argument('-as', '--aggresivescan', default="", help='as xss,wpscan')
args = parser.parse_args()
aggresive_scan = args.aggresivescan
program = args.program
folder_name = program + "_results"
folder_vulns = os.path.join(folder_name, "parsed_vulns")
folder_wpscan = os.path.join(folder_name, "wpscan")
folder_wordlists = os.path.join(folder_name, "wordlists")
folder_dns = os.path.join(folder_name, "dns")
if aggresive_scan == "" and program == "":
parser.print_help()
exit()
def def_handler(sig, frame):
print("\n[+] Saliendo...")
exit(1)
signal.signal(signal.SIGINT, def_handler)
def createFolders():
if not os.path.exists(folder_name):
os.makedirs(folder_name)
os.makedirs(folder_vulns)
os.makedirs(folder_dns)
os.makedirs(folder_wpscan)
os.makedirs(folder_wordlists)
os.system('touch {}'.format(os.path.join(folder_name, "all_subdomains.txt")))
def passiveEnumeration():
initial = Initial(folder_name)
subfinder = Subfinder(program)
dns = DNS(folder_name , folder_dns, 50)
parser = Parser(folder_vulns)
subfinder.leerDominios()
subfinder.generarSubdominios()
while not subfinder.subdominios_generados:
pass # Espera 1 segundo antes de verificar nuevamente
dns.getResolvers()
dns.getWordlist()
dns.altDns()
dns.regulator()
dns.resolveRegulator()
dns.resolvePureDns()
dns.appendAllSubdomains()
dns.clearOutput()
initial.getGau()
initial.getUro()
initial.getHttpx()
parser.detectSSRF()
parser.detectLFI()
parser.detectRedirect()
parser.detectRCE()
parser.detectSQLI()
parser.detectDebugLogic()
if __name__ == "__main__":
createFolders()
passiveEnumeration()
if "xss" in aggresive_scan:
xss_tester = Xss(folder_name, xss)
xss_tester.detectXSS()
xss_tester.reflectedXSS()
if "wpscan" in aggresive_scan:
wpscan_tester = Wordpress(folder_name, folder_wpscan)
wpscan_tester.getHttpx()
wpscan_tester.allWpscan()