-
NeutronSec is a Basic Tool which does most of our Recon Hassle.
-
It Uses Mohd Shibli's recon scripts as its core component.
-
It uses multiple bash scripts and executes them through python.
-
It Also does some Post reconnaissance stuff.
-
Consider using this Tool mostly for Medium/Large Scope Targets !
-
Gather Subdomains through Amass, subfinder and assetfinder.
-
Gather JS files.
-
Check For Any Reflected domain in response (Using Additional X-Header).
-
Extract Endpoints with relative url extractor.
-
Curate a Common wordlist for gathered enpoints.
-
Perform Waybackurls and Gau.
-
Grep gf patterns for XSS, SSRF, RCE, SQLi, etc.
-
Find Open S3 Buckets using S3Scanner.py
-
Perform Subdomain Takeover checks using Subjack.
-
Perform Eyewitness for visual Recon.
-
Perfom Nmap for port Scanning
-
Finally perform Nuclei on Subdomains.
-
pip3 install eyewitness -
pip3 install coloredlogs -
pip3 install requests -
pip3 install awscli
-
Here is Mohd Shibli's Github Repository
-
To Run the script, Just use
> python3 main.pyand relax! -
Keep in mind that you need to write the Path for amass config file (If any) and for S3Scanner.py
This Mini Project was developed by @Neutron__
If you are facing any problem getting things right, feel free to ping me :)
Possibility of Replacing Nmap with any other fast Port Scanner.
Active BruteForcing of Subdomains (Permutations) for VPS.
Adding more features like Checking SSTI, SSRF, etc.