-
Notifications
You must be signed in to change notification settings - Fork 275
/
AutoRecon.py
71 lines (66 loc) · 2.4 KB
/
AutoRecon.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
#!/usr/bin/env python
# -*- coding: utf-8 -*-
"""
Automate the reconnaissance process, given a domain name.
"""
from __future__ import absolute_import, print_function
import sys
import socket
import subprocess
from time import sleep
def main():
"""Execute main code."""
try:
domain = sys.argv[1]
ip_address = socket.gethostbyname(domain)
except IndexError:
print('Error: Domain name not specified.')
sys.exit(1)
except socket.gaierror:
print('Error: Domain name cannot be resolved.')
raise
procs = []
whois_cmd = ['whois', domain]
dig_cmd = ['dig', '-t', 'txt', '+short', domain]
wpscan_cmd = ['wpscan', '--force', '--update', '--url', domain]
nmap_hosts_cmd = ['nmap', '-sn', ip_address + '/24']
nmap_script_names = ('*-vuln*, banner, default, dns-brute,'
'dns-zone-transfer, ftp-*, hostmap-ip2hosts, http-config-backup,'
'http-cross*, http-devframework, http-enum, http-headers,'
'http-shellshock, http-sitemap-generator, http-waf-fingerprint,'
'http-xssed, smtp-*, ssl-*, version')
nmap_full_cmd = ['nmap', '-sV', '-sS', '-A', '-Pn', '--script',
nmap_script_names, domain]
cmds = {'TXT Records': dig_cmd, 'WHOIS Info': whois_cmd,
'Active Hosts': nmap_hosts_cmd, 'Nmap Results': nmap_full_cmd,
'WPScan': wpscan_cmd}
def handle_proc(proc):
"""Handle subprocesses outputs."""
separator = '=================='
output = b''.join(proc.stdout.readlines()).decode('utf-8')
print(proc.title)
print(separator)
print(output.strip())
print(separator + '\n')
procs.remove(proc)
for title, cmd in cmds.items():
try:
proc = subprocess.Popen(cmd, stdout=subprocess.PIPE, stderr=subprocess.STDOUT)
proc.title = title
procs.append(proc)
except OSError:
print('%s >> Dependency error occurred.\n' % title)
while True:
for proc in procs:
retcode = proc.poll()
if retcode is not None:
handle_proc(proc)
else:
continue
if not procs:
break
else:
sleep(1)
if __name__ == '__main__':
print('This is gonna take quite a while; you better go make some coffee!\n')
main()