Merge branch 'Tib3rius:main' into main

This commit is contained in:
Asim Aziz 2023-08-19 13:24:58 +01:00 committed by GitHub
commit f76608510c
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
5 changed files with 26 additions and 6 deletions

View File

@ -4,8 +4,14 @@ jobs:
lint_python:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- uses: actions/setup-python@v2
- uses: actions/checkout@v3
- uses: actions/setup-python@v4
with:
python-version: |
3.8
3.9
3.10
3.11
- run: pip install --upgrade pip poetry
- run: pip install bandit black codespell flake8 flake8-bugbear flake8-comprehensions isort mypy pytest pyupgrade safety requests
- run: bandit --recursive --skip B101 . || true # B101 is assert statements
@ -21,5 +27,5 @@ jobs:
- run: pytest . || true
- run: pytest --doctest-modules . || true
- run: shopt -s globstar && pyupgrade --py36-plus **/*.py || true
- run: safety check
- run: safety check -r requirements.txt
- run: python3 autorecon.py 127.0.0.1 || true

14
Dockerfile Normal file
View File

@ -0,0 +1,14 @@
FROM debian:latest
RUN apt-get update
RUN apt-get install -y ca-certificates gnupg wget
RUN wget -q -O - https://archive.kali.org/archive-key.asc | apt-key add -
RUN echo "deb http://http.kali.org/kali kali-rolling main contrib non-free" >> /etc/apt/sources.list
RUN apt-get update
RUN apt-get install -y python3 python3-pip git seclists curl dnsrecon enum4linux feroxbuster gobuster impacket-scripts nbtscan nikto nmap onesixtyone oscanner redis-tools smbclient smbmap snmp sslscan sipvicious tnscmd10g whatweb wkhtmltopdf
RUN python3 -m pip install git+https://github.com/Tib3rius/AutoRecon.git
CMD ["/bin/bash"]

View File

@ -34,6 +34,6 @@ class VirtualHost(ServiceScan):
wildcard = requests.get(('https' if service.secure else 'http') + '://' + service.target.address + ':' + str(service.port) + '/', headers={'Host':''.join(random.choice(string.ascii_letters) for i in range(20)) + '.' + hostname}, verify=False)
size = str(len(wildcard.content))
await service.execute('ffuf -u {http_scheme}://' + hostname + ':{port}/ -t ' + str(self.get_option('threads')) + ' -w ' + wordlist + ' -H "Host: FUZZ.' + hostname + '" -fs ' + size + ' -r -noninteractive -s | tee "{scandir}/{protocol}_{port}_{http_scheme}_' + hostname + '_vhosts_' + name + '.txt"')
await service.execute('ffuf -u {http_scheme}://' + hostname + ':{port}/ -t ' + str(self.get_option('threads')) + ' -w ' + wordlist + ' -H "Host: FUZZ.' + hostname + '" -mc all -fs ' + size + ' -r -noninteractive -s | tee "{scandir}/{protocol}_{port}_{http_scheme}_' + hostname + '_vhosts_' + name + '.txt"')
else:
service.info('The target was not a hostname, nor was a hostname provided as an option. Skipping virtual host enumeration.')

View File

@ -17,7 +17,7 @@ from autorecon.io import slugify, e, fformat, cprint, debug, info, warn, error,
from autorecon.plugins import Pattern, PortScan, ServiceScan, Report, AutoRecon
from autorecon.targets import Target, Service
VERSION = "2.0.32"
VERSION = "2.0.33"
if not os.path.exists(config['config_dir']):
shutil.rmtree(config['config_dir'], ignore_errors=True, onerror=None)

View File

@ -1,6 +1,6 @@
[tool.poetry]
name = "autorecon"
version = "2.0.32"
version = "2.0.33"
description = "A multi-threaded network reconnaissance tool which performs automated enumeration of services."
authors = ["Tib3rius"]
license = "GNU GPL v3"