ＷＥＬＣＯＭＥ ＴＯ ＬＡＹＬＡ

Layla is a python script that automatically performs recon on a given URL. It combines the outputs of other known tools into a single one.

:rocket: Getting Started

To start, make sure that you're using a Debian-based distro, like Kali Linux, for example. Since the script uses Python3 to run, it's essential to have it installed on your machine.

1. Cloning the project:

git clone https://github.com/mthf0/layla.git

2. Get into the project' folder:

cd layla/

3. Install all dependencies

chmod +x install.sh & sudo ./install.sh

4. Run the script

python3 layla.py --url owasp.org

:oncoming_police_car: Features:

• Web Application Firewall Detection

  • wafw00f

• Port Scanning

  • nmap

• Subdomain Detection

  • subfinder
  • sublist3r
  • assetfinder
  • amass

• Directory Discovery

  • dirsearch

:pencil: TODO's:

This script needs a lot of improvements, which I'll definitely add with time. I'll list some of them below:

• [ ] Fine-tune some parameters from:
  • [ ] NMAP
  • [ ] AMASS
• [ ] Add subdomain takeover detection with subjack.
• [ ] Add visual recon, aquatone would be nice for that.
• [ ] Add permutation scanning using dnsgen.
• [ ] Add certificate search from crt.sh. (automated script)
• [ ] Add GitHub recon.