Scribd
Upload
37 views13 pages

Ajay Report

This document is a project report for an automated script for reconnaissance. It includes the source code for the script, a data flow diagram, screenshots of the script's output, and a list of the tools required to run the script. The script automates tasks like directory bruteforcing, subdomain enumeration, vulnerability scanning, and more against a target IP address or URL to gather intelligence.

Uploaded by

Ritik
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
37 views13 pages

Ajay Report

This document is a project report for an automated script for reconnaissance. It includes the source code for the script, a data flow diagram, screenshots of the script's output, and a list of the tools required to run the script. The script automates tasks like directory bruteforcing, subdomain enumeration, vulnerability scanning, and more against a target IP address or URL to gather intelligence.

Uploaded by

Ritik
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 13

Project Report

on
Automated Script for Reconnaissance

Submitted in partial fulfillment of the requirements for


the award of the degree of

BACHELOR OF TECHNOLOGY
in
CSE (CYBER SECURITY)

Submitted By
Ajay Sharma
2822453
Batch (2022-2026)

Panipat Institute of Engineering & Technology,


(Affiliated to Kurukshetra University Kurukshetra, India)
Samalkha, Panipat
(Session 2023-2024)
INDEX
Sr.no Description Page
1) Source Code 3
2) Data Flow Diagram (DFD) 9

3) Screenshots 10
4) Requirements 15
SOURCE CODE
#!/bin/bash

echo "Please ensure your system has these


essential tools before proceeding:"
echo "1. dirb 2. gobuster 3. nmap 4. knockpy 5.
amass 6. sublist3r 7. aquatone-discover 8. nikto
9. nuclei 10. httprobe 11. aquatone"
echo "Please confirm that these tools are
installed."

# Input IP address to work with


read -p "Enter the IP address: " IP

# Input URL to analyze


read -p "Enter the URL: " url

# Create a directory to store data


mkdir "analysis_$IP"
cd "analysis_$IP"
echo " "
echo "Starting Directory Bruteforcing"
echo " "

# Run Dirb for directory brute-forcing


echo "Running Dirb for $url"
dirb "$url" -o dirb.txt

# Directory brute-forcing with gobuster


echo "Running gobuster for $IP"
read -p "Specify the path to a word list (or type
'default' to use the default wordlist): " w1
wordlist="${w1:-
/usr/share/wordlists/dirbuster/directory-list-2.3-
medium.txt}"
echo "Using wordlist: $wordlist"
gobuster --no-error dir -u "$IP" -w "$wordlist"
>> gobuster.txt

# Use Nmap for open ports information


echo "Running Nmap for $IP"
nmap -vv -p- -sV -sC -A "$IP" -oN nmap.txt
echo " "
echo "Commands for finding subdomains:"
echo " "

# Use Knockpy to find subdomains


echo "Running Knockpy for $IP"
knockpy "$IP" > knockpy.txt

# Enumerate subdomains using amass


echo "Running amass for subdomain
enumeration"
read -p "Specify the path to a word list (or type
'default' to use the default wordlist): " w2
wordlist="${w2:-
/usr/share/seclists/Discovery/DNS/subdomains-
top1million-20000.txt}"
echo "Using wordlist: $wordlist"
amass enum -active -alts -aw "$wordlist" -brute
-d "$IP" -dns-qps 50 -log error.txt -max-depth
10 -o amass.txt

# Use Sublist3r for subdomains


echo "Running Sublist3r for $IP"
read -p "Specify the path to a word list (or type
'default' to use the default wordlist): " w3
wordlist="${w3:-
/usr/share/seclists/Discovery/DNS/subdomains-
top1million-20000.txt}"
echo "Using wordlist: $wordlist"
sublist3r -d "$IP" -t 40 -b "$wordlist" -o
sublister.txt

# Use aquatone-discover for subdomains


echo "Running aquatone-discover for $IP"
aquatone-discover -d "$IP" >>
aquatonediscover.txt

# Combine all subdomains found into a single


text file
touch all_subdomains.txt
cat knockpy.txt amass.txt sublister.txt | grep -E
'[0-9a-zA-Z.-]+' >> all_subdomains.txt

# Use httprobe to check subdomains


cat all_subdomains.txt | httprobe >
Subdomains.txt

# Use aquatone for screenshots of subdomains


echo "Running aquatone for screenshots of
subdomains"
cat Subdomains.txt | aquatone

echo " "


echo "Commands for finding vulnerabilities:"
echo " "

# Run Nikto for vulnerability scanning


echo "Running Nikto"
nikto -h "$url" >> nikto.txt

# Use Nuclei for vulnerability scanning


echo "Running nuclei for $IP"
nuclei -l "$IP" -t /path/to/nuclei-templates >>
nuclei_results.txt

echo " "


echo "Thank you for using this tool!"
echo " ( ) ( ) ( )"
echo " ) ( ) ) ( ) ) ("

Data Flow Diagram (DFD)


SCREENSHOTS
Tool Requirements

1. dirb
2. gobuster
3. nmap
4. knockpy
5. amass
6. sublist3r
7. aquatone-discover
8. nikto
9. nuclei
10. httprobe
11. aquatone

You might also like