htkcodes/blvckRECON.sh

## blvckRECON.sh
#!/bin/bash

CUR_DIR=$(pwd)

while getopts ":f:" input;do
        case "$input" in
                f) file=${OPTARG}
                        ;;
                esac
        done
if [ -z "$file" ]
        then
                echo "Please give a file like \"-f txt.url\""
                exit 1
fi

##token doesn't work nice try
github_token='2119512acfde04358789b265adf2ac878308bc2d'
echo "Now looking for CORS misconfiguration"
python3 ~/tools/Corsy/corsy.py -i $file -t 40 | tee -a corsy_op.txt


echo "####Starting Github Subdomain Scanning #####"
mkdir -p $CUR_DIR/github_recon

while IFS= read -r line; do
  python3 ~/tools/github-subdomains.py -t $github_token -d $line | tee -a $CUR_DIR/github_recon/github_subs.txt
done < "$file"

echo "####Starting Github Endpoint Scanning #####"

while IFS= read -r line; do
  python3 ~/tools/github-endpoints.py -d $line -t $github_token -s -r | tee -a $CUR_DIR/github_recon/github_endpoints.txt
done < "$file"

mkdir js
cat $CUR_DIR/$file | subjs| tee -a js/js.txt
cd js
cat js.txt | concurl -c 5
cat $CUR_DIR/js.txt |egrep -iv '\.json'|grep -iE '\.js'|antiburl|awk '{print $4}' | xargs -I %% bash -c 'python3 ~/tools/SecretFinder/SecretFinder.py -i %% -o cli' 2> /dev/null | tee -a secrets.txt
cat js.txt | while read url;do python3 ~/tools/LinkFinder/linkfinder.py -d -i $url -o cli;done > exdpoints.txt
cd -


echo "Starting FFUF"
mkdir $CUR_DIR/ffuf_op
for i in $(cat ${file})
do
    ffufop=$(echo $i | sed 's/\http\:\/\///g' |  sed 's/\https\:\/\///g')
    ffuf -u $i/FUZZ -w ~/wordlist/wordlist.txt -mc 200 -t 100 -fs 0 -o ffuf_op/$ffufop.html -of html
done
	#!/bin/bash

	CUR_DIR=$(pwd)

	while getopts ":f:" input;do
	case "$input" in
	f) file=${OPTARG}
	;;
	esac
	done
	if [ -z "$file" ]
	then
	echo "Please give a file like \"-f txt.url\""
	exit 1
	fi

	##token doesn't work nice try
	github_token='2119512acfde04358789b265adf2ac878308bc2d'
	echo "Now looking for CORS misconfiguration"
	python3 ~/tools/Corsy/corsy.py -i $file -t 40 \| tee -a corsy_op.txt


	echo "####Starting Github Subdomain Scanning #####"
	mkdir -p $CUR_DIR/github_recon

	while IFS= read -r line; do
	python3 ~/tools/github-subdomains.py -t $github_token -d $line \| tee -a $CUR_DIR/github_recon/github_subs.txt
	done < "$file"

	echo "####Starting Github Endpoint Scanning #####"

	while IFS= read -r line; do
	python3 ~/tools/github-endpoints.py -d $line -t $github_token -s -r \| tee -a $CUR_DIR/github_recon/github_endpoints.txt
	done < "$file"

	mkdir js
	cat $CUR_DIR/$file \| subjs\| tee -a js/js.txt
	cd js
	cat js.txt \| concurl -c 5
	cat $CUR_DIR/js.txt \|egrep -iv '\.json'\|grep -iE '\.js'\|antiburl\|awk '{print $4}' \| xargs -I %% bash -c 'python3 ~/tools/SecretFinder/SecretFinder.py -i %% -o cli' 2> /dev/null \| tee -a secrets.txt
	cat js.txt \| while read url;do python3 ~/tools/LinkFinder/linkfinder.py -d -i $url -o cli;done > exdpoints.txt
	cd -


	echo "Starting FFUF"
	mkdir $CUR_DIR/ffuf_op
	for i in $(cat ${file})
	do
	ffufop=$(echo $i \| sed 's/\http\:\/\///g' \| sed 's/\https\:\/\///g')
	ffuf -u $i/FUZZ -w ~/wordlist/wordlist.txt -mc 200 -t 100 -fs 0 -o ffuf_op/$ffufop.html -of html
	done