search

00xZ / eye

My personal pretesting recon/low hanging fruit script. Uses Gxss, Dalfox, and a few other scripts to scan all of a domain(and/or subdomains as well) for user inputs, checks if reflected, tests for sqli, xss, open red. and a few more. This is really just for my personal use.
21 stars 0 forks source link

readme

See more with an extra Eye

screenshot

Quick install

chmod x+ * Then run the setup.sh

About

This is a collection of my automation process, its intended to be an all in one web scanner along with bug hunter.

It makes use of many different scripts in a way that tangles them together.

The custom exploit's part of the script under: vuln3()

Is where you can add any amount of custom tests to run

It outputs everything to output/NameOfTheSiteYouScanned.com/

USE

Use:

scan

./eye.sh --scan thewebsite.com

screenshot

exploit

./eye.sh --exploit thewebsite.com

custom exploit's

./eye.sh --custom thewebsite.com

screenshot

Programs To Install

gf ( https://github.com/tomnomnom/gf ) #with the templates ( https://github.com/1ndianl33t/Gf-Patterns )

Gxss ( https://github.com/KathanP19/Gxss )

trashcompator ( https://github.com/michael1026/trashcompactor )

dalfox ( https://github.com/hahwul/dalfox )

xray ( https://github.com/chaitin/xray )

anew ( https://github.com/tomnomnom/anew )

waymore ( https://github.com/xnl-h4ck3r/waymore )

dirsearch ( https://github.com/maurosoria/dirsearch )

qsreplace ( https://github.com/tomnomnom/qsreplace )

ghauri ( https://github.com/r0oth3x49/ghauri )

nuclei ( https://github.com/projectdiscovery/nuclei ) #along with templates

paramspider ( https://github.com/devanshbatham/ParamSpider )

httpx ( https://github.com/projectdiscovery/httpx )

parallel ( https://github.com/parallel-finance/parallel )

gdn ( https://github.com/kmskrishna/gdn )

Lastest update

LFIscanner ( https://github.com/R3LI4NT/LFIscanner )

TPLmap ( https://github.com/epinna/tplmap )