RomanNum3ral
/
AutoRecon
mirror of https://github.com/Tib3rius/AutoRecon.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Update service-scans-default.toml 

Replaced gobuster with ffuf.
Retired nikto to manual commands.
This commit is contained in:
Tib3rius 2021-04-11 18:02:58 -04:00 committed by GitHub
parent 7481ac9c57
commit 14862104fd
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 14 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
src/autorecon/config/service-scans-default.toml
View File

@ -126,12 +126,21 @@ ignore-service-names = [
command = 'whatweb --color=never --no-errors -a 3 -v {scheme}://{address}:{port} 2>&1 | tee "{scandir}/{protocol}_{port}_{scheme}_whatweb.txt"'
[[http.scan]]
name = 'nikto'
command = 'nikto -ask=no -h {scheme}://{address}:{port} 2>&1 | tee "{scandir}/{protocol}_{port}_{scheme}_nikto.txt"'
name = 'ffuf'
command = 'ffuf -u {scheme}://{address}:{port}/FUZZ -t 10 -w /usr/share/seclists/Discovery/Web-Content/common.txt -e ".txt,.html,.php,.asp,.aspx,.jsp" -v -of csv -o {scandir}/{protocol}_{port}_{scheme}_ffuf.txt'
[[http.scan]]
name = 'gobuster'
command = 'if [[ `gobuster -h 2>&1 | grep -F "mode (dir)"` ]]; then gobuster -u {scheme}://{address}:{port}/ -w /usr/share/seclists/Discovery/Web-Content/common.txt -e -k -l -s "200,204,301,302,307,401,403" -x "txt,html,php,asp,aspx,jsp" -o "{scandir}/{protocol}_{port}_{scheme}_gobuster.txt"; else gobuster dir -u {scheme}://{address}:{port}/ -w /usr/share/seclists/Discovery/Web-Content/common.txt -z -k -l -x "txt,html,php,asp,aspx,jsp" -o "{scandir}/{protocol}_{port}_{scheme}_gobuster.txt"; fi'
[[http.manual]]
description = '(nikto) old but generally reliable web server enumeration tool'
commands = [
'nikto -ask=no -h {scheme}://{address}:{port} 2>&1 | tee "{scandir}/{protocol}_{port}_{scheme}_nikto.txt"'
]
[[http.manual]]
description = '(ffuf) Multi-threaded recursive directory/file enumeration for web servers using various wordlists:'
commands = [
'ffuf -u {scheme}://{address}:{port}/FUZZ -w /usr/share/seclists/Discovery/Web-Content/big.txt -e ".txt,.html,.php,.asp,.aspx,.jsp" -v -of csv -o {scandir}/{protocol}_{port}_{scheme}_ffuf_big.txt',
'ffuf -u {scheme}://{address}:{port}/FUZZ -w /usr/share/wordlists/dirbuster/directory-list-2.3-medium.txt -e ".txt,.html,.php,.asp,.aspx,.jsp" -v -of csv -o {scandir}/{protocol}_{port}_{scheme}_ffuf_dirbuster.txt'
]
[[http.manual]]
description = '(dirsearch) Multi-threaded recursive directory/file enumeration for web servers using various wordlists:'