smartrecon is a script written in Bash, it is intended to automate some tedious tasks of reconnaissance and information gathering
sudo ./smartrecon.sh -d domain.com <option>
option:
-a | --alt : Additionally permutate subdomains
-b | --brute : Basic directory bruteforce
-f | --fuzz : SSRF/XSS/Nuclei/CORS/prototype fuzzing
-s | --ssrf : SSRF fuzzing
-x | --xss : XSS fuzzing
-n | --nuclei: Nuclei fuzzing
-c | --cors : Cors fuzzing
-p | --pp : prototype pollution fuzzing
- Create a dated folder with recon notes
- Grab subdomains using:
- subfinder, assetfinder, SonarSearch, cert.sh
- dnsgen , shuffledns , massdns
- Find any CNAME records pointing to unused cloud services like aws
- Probe for live hosts with shuffledns and fresh resolver
- Web servers hunting [httpx] over top 50 ports
- Grab a screenshots of responsive hosts with gowitness
- Extract wayback import data
- Perform naabu on specific ports
- Perform dirsearch for all subdomains
- find exposure data with nuclei scanner
- find XSS, SSRF, cache poisoning vulnerability
- send notifiaction wthi notify tools to discord,telegram,...
- Generate a HTML report with output from the tools above
git clone https://github.com/kh4sh3i/smartrecon.git
cd smartrecon
chmod +x install.sh
./install.sh
- SonarSearch
- subfinder
- assetfinder
- dnsgen
- Fresh Resolvers
- shuffledns
- Massdns
- goWitness
- Waybackurls
- httpx
- gf
- interestingEXT
- feroxbuster
- naabu
- sqlmap-dev
- Unfurl
- nuclei
- dalfox
- ParamSpider
- qsreplace
- notify
- Seclists collection
- CorsMe
- ppmap
this is not only recon tools ! we automate find bug for your :D today we can find below bug :
- XSS
- SSRF
- data exposure
- Broken authentication
- cache poisoning
- subdomain takeover
- Cors
- prototype pollution
for send notification you should config ($HOME/.config/notify/provider-config.yaml) with discord webhook ulr.
- Recommended to run on vps with 1VCPU and 2GB ram.
If you want to contribute to a project and make it better, your help is very welcome.
- add open redirect scanner
- add sql injection scanner
- increase performance
- fix some bugs