Created
April 30, 2024 11:59
-
-
Save shorefall/feac44bd80be826cf218a9c5997350a6 to your computer and use it in GitHub Desktop.
PD Nuclei domain chain
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # Function to check if directory exists | |
| create_directory_if_not_exist() { | |
| if [ ! -d "$1" ]; then | |
| mkdir -p "$1" | |
| fi | |
| } | |
| BASE_DIR="${HOME}/Project/ext_active" | |
| create_directory_if_not_exist "${BASE_DIR}" | |
| # Read and process domain input | |
| read -p "Enter domain name(s) (comma-separated): " input_domains | |
| IFS=',' read -ra ADDR <<< "$input_domains" | |
| # Define web ports for Naabu | |
| PORTS="8080,10000,20000,2222,7080,9009,7443,2087,2096,8443,4100,2082,2083,2086,9999,2052,9001,9002,7000,7001,8082,8084,8085,8010,9000,2078,2080,2079,2053,2095,4000,5280,8888,9443,5800,631,8000,8008,8087,84,85,86,88,10125,9003,7071,8383,7547,3434,10443,8089,3004,81,4567,7081,82,444,1935,3000,9998,4433,4431,4443,83,90,8001,8099,80,300,443,591,593,832,981,1010,1311,2480,3128,3333,4243,4711,4712,4993,5000,5104,5108,6543,7396,7474,8014,8042,8069,8081,8088,8090,8091,8118,8123,8172,8222,8243,8280,8281,8333,8500,8834,8880,8983,9043,9060,9080,9090,9091,9200,9800,9981,12443,16080,18091,18092,20720,28017" | |
| # Loop through each domain | |
| for domain in "${ADDR[@]}"; do | |
| trimmed_domain=$(echo $domain | xargs) # Trim whitespace | |
| domain_folder="${BASE_DIR}/${trimmed_domain}" | |
| create_directory_if_not_exist "${domain_folder}" | |
| # Run Subfinder | |
| subfinder -d "${trimmed_domain}" -all -o "${domain_folder}/${trimmed_domain}.lst" | |
| # Run Naabu | |
| naabu -list "${domain_folder}/${trimmed_domain}.lst" -silent -o "${domain_folder}/${trimmed_domain}-ports.txt" -p $PORTS | |
| # Run Nuclei | |
| nuclei -l "${domain_folder}/${trimmed_domain}-ports.txt" -config ~/nuclei-templates/config/pentest.yml -o "${domain_folder}/${trimmed_domain}-nuclei.txt" | |
| done | |
| echo "Pentesting automation complete." | |
| # Description of Nuclei Checks | |
| echo "Running PD web killchain with the following nuclei tags:" | |
| echo "Types Included: HTTP, TCP, JavaScript, DNS, SSL" | |
| echo "Tags Excluded: DoS, Fuzz, OSINT" | |
| echo "Results located in ~/Project/ext_active/example.ltd" | |
| for domain in "${ADDR[@]}"; do | |
| trimmed_domain=$(echo $domain | xargs) | |
| nuclei_results_file="${domain_folder}/${trimmed_domain}-nuclei.txt" | |
| echo "Nuclei findings for ${trimmed_domain} - low, medium, high, critical:" | |
| grep -E 'low|medium|high|critical' "${nuclei_results_file}" | |
| echo "----------------------------------------------------" | |
| done |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment