PH-Recon icon indicating copy to clipboard operation
PH-Recon copied to clipboard

Published 20 hours ago verified publisher icon mrco24

Metadata

This script will find some basic vulns. I made this script for my daily hunting. The best feature about this script is just run it in background and then analyze the target manually.

PH-RECON

Bug Bounty Automation Recon Scirpt

Requirements:

Below are all the tools that must be installed so install these https://github.com/mrco24/OK-VPS tools first and your terminal must be rooted otherwise it may be a problem to install the tools and script in add your Resolver path

Installation:

  • git clone https://github.com/mrco24/PH-Recon
  • cd PH-Recon
  • chmod +x PH-Recon.sh

Usage:

  • ./PH-Recon.sh sub.txt

Current Features:

  • This script will collect all the subdomains using amass, assetfinder, subfinder, findomain, and crt.sh, riddler.io, jldc.me, nmap.bufferover.run
  • Gather all the subdomains and put them in a single .txt file.
  • Resolves all the subdomains using massdns
  • Check http/https services on the given domains using httpx tool.
  • All Active Subdomain Screenshot
  • This script will collect all the urls using Waybackurl, Gau, gospider, ParamSpider, hakrawler.
  • Gather all the urls and put them in a single .txt file.
  • This script will Able to sort all the good Urals by filtering.
  • FFUF is used in this script to find valid urls.
  • Gf tool and its patterns installation and also will set their path automatically.
  • It will check for the Following Vulnerablities:
  • Subdomain takeover
  • Http-Request-Smugglingr
  • Open_Port_Find
  • CloudFlare_Checker
  • Nuclei scan All Active Subdomain
  • Advance XSS Scanner
  • Sqli Scan All urls
  • LFI Scan All urls
  • Open Redirect Scan All urls
  • Fuzzing mass Subdomain
  • Fuzzing All Urls Endpoint

TOOLS Used:

Subdomain

  • Subfinder
  • Amass
  • Assetfinder
  • findomain
  • crt.sh
  • riddler.io
  • bufferover.run
  • jldc.me

Subdomain-Resolver

  • httprobe

Subdomain-takeover

  • Nuclei

Http-Request-Smugglingr

  • Smuggle

Open_Port_Find

  • Naabu

Web-screenshot

  • Gowitness

CloudFlare_Checker

  • Cf-Chack

Vulnerability Scan All Subdomain

  • Nuclei

Urls-find

  • Gospider
  • Hakrawler
  • ParamSpider
  • gau
  • waybackurls
  • paramspider

Url_endpoints

  • Using Bash Script

Gf-patterns

  • sqli
  • xss
  • lfi
  • Open Redirect
  • csrf
  • Etc

Sql-injection

  • sqlmap
  • nuclei

XSS

  • dalfox
  • kxss
  • Gxss

Bilnd_xss

LFI

  • Nuclei

Open Redirect

  • nuclei

Fuzzing mass Subdomain

  • content discovery

Fuzzing All Urls Endpoint

  • content discovery

Author:

  • https://www.facebook.com/MRCO24
  • https://www.youtube.com/@mrco24ln/videos
  • https://github.com/mrco24

Metadata

16
Stars
10
Forks
Watchers

Owner

verified publisher icon mrco24

Metadata

This script will find some basic vulns. I made this script for my daily hunting. The best feature about this script is just run it in background and then analyze the target manually.

Back