Skip to content

Latest commit

 

History

History
71 lines (48 loc) · 1.64 KB

README.md

File metadata and controls

71 lines (48 loc) · 1.64 KB
Raw

autoWebPentest

Automated bash script that performs several automated scans for web pentestingAutomatic Script in bash to automatice directory listing.

Actions performed:

  • Live URL analysis
  • WhatWeb Scan
  • FFUF Directory Scan Whit Fuzz.txt
  • Nuclei Scan
  • Optional wapiti Scan
  • Test SSL Scan testssl.sh

Preparations

To run the following script you need the following resources:

# Install nuclei and git commands
sudo apt install git nuclei whatweb ffuf curl -y

# Install Testssl.sh repo
git clone --depth 1 https://github.com/drwetter/testssl.sh.git /opt/testssl


# Install Fuzz.txt wordlist in /usr/share/wordlists
sudo wget https://raw.githubusercontent.com/Bo0oM/fuzz.txt/master/fuzz.txt -O /usr/share/wordlists/fuzz.txt

Execution

Download the repository:

git clone https://github.com/Fatake/autoWebPentest.git

For the only time you have to give execution permissions with

sudo chmod +x ./autoWebPentest/autoWebPentest.sh

For single Target

./autoWebPentest/autoWebPentest.sh -o ProyectName -u https://Target

For multiple Targets

./autoWebPentest/autoWebPentest.sh -o ProyectName -L FileListTargets

For Help

# ./autoWebPentest/autoWebPentest.sh -h
[i] Usage:
autoWebPentest.sh [-u | -L] <URL Single | URLs File> -o <output_name>
        -u <URL>                For single URL scan
        -L <URLs file>          For muliples URL in file scan
        -o <output_name>        For File name Output dir
        -h                      For Help


Made with love by:
[✓] @Fatake