yogeshojha / rengine

reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with minimal configuration and with the help of reNgine's correlation, it just makes recon effortless.
https://yogeshojha.github.io/rengine/
GNU General Public License v3.0
7.48k stars 1.13k forks source link

Fed Dirsearch/ffuf with Right Directory Bruteforcing File - Making Rengine Intelligent #184

Closed danzee1 closed 3 years ago

danzee1 commented 4 years ago

Hi @yogeshojha

Common mistake which I've noticed in almost all Recon tools is that they are feeding dirsearch/ffuf with the same directory bruteforce file to each type of subdomain. Currently rengine is using dirsearch which uses its default dict file for bruteforcing.

If httpx or wappalyzer is giving information that subdomain is wordpress. Then that wordpress subdomain should be tested against this directory bruteforcing list

https://github.com/danielmiessler/SecLists/blob/master/Discovery/Web-Content/CMS/wordpress.fuzz.txt

Similarly one can do it for each type of systems like SAP etc. (Should be done for as much type of system Dirs we have in SecLists by danielmiessler )

Regards,

issue-label-bot[bot] commented 4 years ago

Issue-Label Bot is automatically applying the label feature_request to this issue, with a confidence of 0.64. Please mark this comment with :thumbsup: or :thumbsdown: to give our bot feedback!

Links: app homepage, dashboard and code for this bot.

yogeshojha commented 3 years ago

Yay ffuf is coming. Duplicate of #146