Merge pull request #785 from six2dez/dev

Dev
six2dez · Oct 19, 2023 · be7272e · be7272e
2 parents edce836 + 174d475
commit be7272e
Show file tree

Hide file tree

Showing 6 changed files with 141 additions and 135 deletions.
diff --git a/README.md b/README.md
@@ -7,8 +7,8 @@
 </h1>
 
 <p align="center">
-  <a href="https://github.com/six2dez/reconftw/releases/tag/v2.7">
-    <img src="https://img.shields.io/badge/release-v2.7-green">
+  <a href="https://github.com/six2dez/reconftw/releases/tag/v2.7.1">
+    <img src="https://img.shields.io/badge/release-v2.7.1-green">
   </a>
    </a>
   <a href="https://opensource.org/licenses/MIT">
@@ -173,7 +173,6 @@ export PATH=$GOPATH/bin:$GOROOT/bin:$HOME/.local/bin:$PATH
 AMASS_CONFIG=~/.config/amass/config.ini
 GITHUB_TOKENS=${tools}/.github_tokens
 GITLAB_TOKENS=${tools}/.gitlab_tokens
-SUBGPT_COOKIE=${tools}/subgpt_cookies.json
 #CUSTOM_CONFIG=custom_config_path.txt # In case you use a custom config file, uncomment this line and set your files path
 
 # APIs/TOKENS - Uncomment the lines you want removing the '#' at the beginning of the line
@@ -212,7 +211,6 @@ SUBBRUTE=true # DNS bruteforcing
 SUBSCRAPING=true # Subdomains extraction from web crawling
 SUBPERMUTE=true # DNS permutations
 SUBREGEXPERMUTE=true # Permutations by regex analysis
-SUBGPT=true # Permutations by BingGPT prediction
 PERMUTATIONS_OPTION=gotator # The alternative is "ripgen" (faster, not deeper)
 GOTATOR_FLAGS=" -depth 1 -numbers 3 -mindup -adv -md" # Flags for gotator
 SUBTAKEOVER=false # Check subdomain takeovers, false by default cuz nuclei already check this

diff --git a/Terraform/files/reconftw.cfg b/Terraform/files/reconftw.cfg
@@ -15,6 +15,7 @@ fuzzing_remote_list="https://raw.githubusercontent.com/six2dez/OneListForAll/mai
 proxy_url="http://127.0.0.1:8080/" # Proxy url
 install_golang=true # Set it to false if you already have Golang configured and ready
 upgrade_tools=true
+upgrade_before_running=false # Upgrade tools before running
 #dir_output=/custom/output/path
 
 # Golang Vars (Comment or change on your own)
@@ -27,7 +28,6 @@ export PATH=$GOPATH/bin:$GOROOT/bin:$HOME/.local/bin:$PATH
 AMASS_CONFIG=~/.config/amass/config.ini
 GITHUB_TOKENS=${tools}/.github_tokens
 GITLAB_TOKENS=${tools}/.gitlab_tokens
-SUBGPT_COOKIE=${tools}/subgpt_cookies.json
 #CUSTOM_CONFIG=custom_config_path.txt # In case you use a custom config file, uncomment this line and set your files path
 
 # APIs/TOKENS - Uncomment the lines you want removing the '#' at the beginning of the line
@@ -52,6 +52,7 @@ EMAILS=true # Fetch emails from differents sites
 DOMAIN_INFO=true # whois info
 REVERSE_WHOIS=true # amass intel reverse whois info, takes some time
 IP_INFO=true    # Reverse IP search, geolocation and whois
+POSTMAN_LEAKS=true # Check for postman leaks
 METAFINDER_LIMIT=20 # Max 250
 
 # Subdomains
@@ -60,16 +61,16 @@ RUNSUBFINDER=true
 SUBDOMAINS_GENERAL=true # Enable or disable the whole Subdomains module
 SUBPASSIVE=true # Passive subdomains search
 SUBCRT=true # crtsh search
-SUBNOERROR=true # Check DNS NOERROR response and BF on them
+CTR_LIMIT=999999 # Limit the number of results
+SUBNOERROR=false # Check DNS NOERROR response and BF on them
 SUBANALYTICS=true # Google Analytics search
 SUBBRUTE=true # DNS bruteforcing
 SUBSCRAPING=true # Subdomains extraction from web crawling
 SUBPERMUTE=true # DNS permutations
 SUBREGEXPERMUTE=true # Permutations by regex analysis
-SUBGPT=true # Permutations by BingGPT prediction
 PERMUTATIONS_OPTION=gotator # The alternative is "ripgen" (faster, not deeper)
 GOTATOR_FLAGS=" -depth 1 -numbers 3 -mindup -adv -md" # Flags for gotator
-SUBTAKEOVER=false # Check subdomain takeovers, false by default cuz nuclei already check this
+SUBTAKEOVER=true # Check subdomain takeovers, false by default cuz nuclei already check this
 SUB_RECURSIVE_PASSIVE=false # Uses a lot of API keys queries
 DEEP_RECURSIVE_PASSIVE=10 # Number of top subdomains for recursion
 SUB_RECURSIVE_BRUTE=false # Needs big disk space and time to resolve
@@ -96,8 +97,9 @@ CDN_IP=true # Check which IPs belongs to CDN
 # Web analysis
 WAF_DETECTION=true # Detect WAFs
 NUCLEICHECK=true # Enable or disable nuclei
+NUCLEI_TEMPLATES_PATH="$HOME/nuclei-templates" # Set nuclei templates path
 NUCLEI_SEVERITY="info,low,medium,high,critical" # Set templates criticity
-NUCLEI_FLAGS=" -silent -t $HOME/nuclei-templates/ -retries 2" # Additional nuclei extra flags, don't set the severity here but the exclusions like " -etags openssh"
+NUCLEI_FLAGS=" -silent -t ${NUCLEI_TEMPLATES_PATH}/ -retries 2" # Additional nuclei extra flags, don't set the severity here but the exclusions like " -etags openssh"
 NUCLEI_FLAGS_JS=" -silent -tags exposure,token -severity info,low,medium,high,critical" # Additional nuclei extra flags for js secrets
 URL_CHECK=true # Enable or disable URL collection
 URL_CHECK_PASSIVE=true # Search for urls, passive methods from Archive, OTX, CommonCrawl, etc
@@ -110,8 +112,8 @@ CMS_SCANNER=true # CMS scanner
 WORDLIST=true # Wordlist generation
 ROBOTSWORDLIST=true # Check historic disallow entries on waybackMachine
 PASSWORD_DICT=true # Generate password dictionary
-PASSWORD_MIN_LENGTH=5 # Min password lenght
-PASSWORD_MAX_LENGTH=14 # Max password lenght
+PASSWORD_MIN_LENGTH=5 # Min password length
+PASSWORD_MAX_LENGTH=14 # Max password length
 
 # Vulns
 VULNS_GENERAL=false # Enable or disable the vulnerability module (very intrusive and slow)
@@ -133,6 +135,7 @@ PROTO_POLLUTION=true # Check for prototype pollution flaws
 SMUGGLING=true # Check for HTTP request smuggling flaws
 WEBCACHE=true # Check for Web Cache issues
 BYPASSER4XX=true # Check for 4XX bypasses
+FUZZPARAMS=true # Fuzz parameters values
 
 # Extra features
 NOTIFICATION=false # Notification for every function
@@ -146,7 +149,7 @@ REMOVELOG=false # Delete logs after execution
 PROXY=false # Send to proxy the websites found
 SENDZIPNOTIFY=false # Send to zip the results (over notify)
 PRESERVE=true      # set to true to avoid deleting the .called_fn files on really large scans
-FFUF_FLAGS=" -mc all -fc 404 -ac -sf" # Ffuf flags
+FFUF_FLAGS=" -mc all -fc 404 -ach -sf -of json" # Ffuf flags
 HTTPX_FLAGS=" -follow-redirects -random-agent -status-code -silent -title -web-server -tech-detect -location -content-length" # Httpx flags for simple web probing
 GOWITNESS_FLAGS=" --disable-logging --timeout 5"
 
@@ -189,6 +192,7 @@ FFUF_MAXTIME=900                # Seconds
 HTTPX_TIMEOUT=10                # Seconds
 HTTPX_UNCOMMONPORTS_TIMEOUT=10  # Seconds
 PERMUTATIONS_LIMIT=21474836480  # Bytes, default is 20 GB
+GOWITNESS_TIMEOUT_PER_SITE=20   # Seconds
 
 # lists
 fuzz_wordlist=${tools}/fuzz_wordlist.txt

diff --git a/install.sh b/install.sh
@@ -6,45 +6,37 @@ dir=${tools}
 double_check=false
 
 # ARM Detection
-if [[ $(uname -m) == "amd64" ]] || [[ $(uname -m) == "x86_64" ]]; then
-    IS_ARM="False"
-fi
-if [[ $(uname -m) == "arm64" ]] || [[ $(uname -m) == "armv6l" ]]; then
-    IS_ARM="True"
-    if [[ $(uname -m) == "arm64" ]]; then
-        RPI_4="False"
-    else
-        RPI_3="True"
-    fi
-fi
+ARCH=$(uname -m)
+case $ARCH in
+    amd64|x86_64) IS_ARM="False" ;;
+    arm64|armv6l) 
+        IS_ARM="True"
+        RPI_4=$([[ $ARCH == "arm64" ]] && echo "True" || echo "False")
+        RPI_3=$([[ $ARCH == "arm64" ]] && echo "False" || echo "True")
+        ;;
+esac
 
 #Mac Osx Detecting
-if [[ "$OSTYPE" == "darwin"* ]]; then
-    IS_MAC="True"
-else
-    IS_MAC="False"
-fi
-
-# Check Bash version
-#(bash --version | awk 'NR==1{print $4}' | cut -d'.' -f1) 2&>/dev/null || echo "Unable to get bash version, for MacOS run 'brew install bash' and rerun installer in a new terminal" && exit 1
+IS_MAC=$([[ "$OSTYPE" == "darwin"* ]] && echo "True" || echo "False")
 
 BASH_VERSION=$(bash --version | awk 'NR==1{print $4}' | cut -d'.' -f1)
 if [ "${BASH_VERSION}" -lt 4 ]; then
      printf "${bred} Your Bash version is lower than 4, please update${reset}\n"
-     printf "%s Your Bash version is lower than 4, please update%s\n" "${bred}" "${reset}"
+     printf "%s Your Bash version is lower than 4, please update%s\n" "${bred}" "${reset}" >&2
     if [ "True" = "$IS_MAC" ]; then
         printf "${yellow} For MacOS run 'brew install bash' and rerun installer in a new terminal${reset}\n\n"
         exit 1;
     fi
 fi
 
+# Declaring Go tools and their installation commands
 declare -A gotools
 gotools["gf"]="go install -v github.com/tomnomnom/gf@latest"
 gotools["qsreplace"]="go install -v github.com/tomnomnom/qsreplace@latest"
 gotools["amass"]="go install -v github.com/owasp-amass/amass/v3/...@master"
 gotools["ffuf"]="go install -v github.com/ffuf/ffuf/v2@latest"
 gotools["github-subdomains"]="go install -v github.com/gwen001/github-subdomains@latest"
-gotools["gitlab-subdomains"]="go install github.com/gwen001/gitlab-subdomains@latest"
+gotools["gitlab-subdomains"]="go install -v github.com/gwen001/gitlab-subdomains@latest"
 gotools["nuclei"]="go install -v github.com/projectdiscovery/nuclei/v2/cmd/nuclei@latest"
 gotools["anew"]="go install -v github.com/tomnomnom/anew@latest"
 gotools["notify"]="go install -v github.com/projectdiscovery/notify/cmd/notify@latest"
@@ -54,7 +46,7 @@ gotools["github-endpoints"]="go install -v github.com/gwen001/github-endpoints@l
 gotools["dnsx"]="go install -v github.com/projectdiscovery/dnsx/cmd/dnsx@latest"
 gotools["subjs"]="go install -v github.com/lc/subjs@latest"
 gotools["Gxss"]="go install -v github.com/KathanP19/Gxss@latest"
-gotools["katana"]="go install github.com/projectdiscovery/katana/cmd/katana@latest"
+gotools["katana"]="go install -v github.com/projectdiscovery/katana/cmd/katana@latest"
 gotools["crlfuzz"]="go install -v github.com/dwisiswant0/crlfuzz/cmd/crlfuzz@latest"
 gotools["dalfox"]="go install -v github.com/hahwul/dalfox/v2@latest"
 gotools["puredns"]="go install -v github.com/d3mondev/puredns/v2@latest"
@@ -66,21 +58,22 @@ gotools["mapcidr"]="go install -v github.com/projectdiscovery/mapcidr/cmd/mapcid
 gotools["cdncheck"]="go install -v github.com/projectdiscovery/cdncheck/cmd/cdncheck@latest"
 gotools["dnstake"]="go install -v github.com/pwnesia/dnstake/cmd/dnstake@latest"
 gotools["gowitness"]="go install -v github.com/sensepost/gowitness@latest"
-gotools["tlsx"]="go install github.com/projectdiscovery/tlsx/cmd/tlsx@latest"
+gotools["tlsx"]="go install -v github.com/projectdiscovery/tlsx/cmd/tlsx@latest"
 gotools["gitdorks_go"]="go install -v github.com/damit5/gitdorks_go@latest"
 gotools["smap"]="go install -v github.com/s0md3v/smap/cmd/smap@latest"
 gotools["dsieve"]="go install -v github.com/trickest/dsieve@master"
-gotools["inscope"]="go install github.com/tomnomnom/hacks/inscope@latest"
-gotools["enumerepo"]="go install github.com/trickest/enumerepo@latest"
+gotools["inscope"]="go install -v github.com/tomnomnom/hacks/inscope@latest"
+gotools["enumerepo"]="go install -v github.com/trickest/enumerepo@latest"
 gotools["Web-Cache-Vulnerability-Scanner"]="go install -v github.com/Hackmanit/Web-Cache-Vulnerability-Scanner@latest"
 gotools["subfinder"]="go install -v github.com/projectdiscovery/subfinder/v2/cmd/subfinder@latest"
 gotools["byp4xx"]="go install -v github.com/lobuhi/byp4xx@latest"
-gotools["hakip2host"]="go install github.com/hakluke/hakip2host@latest"
+gotools["hakip2host"]="go install -v github.com/hakluke/hakip2host@latest"
 gotools["gau"]="go install -v github.com/lc/gau/v2/cmd/gau@latest"
-gotools["Mantra"]="go install github.com/MrEmpy/Mantra@latest"
-gotools["crt"]="go install github.com/cemulus/crt@latest"
+gotools["Mantra"]="go install -v github.com/MrEmpy/Mantra@latest"
+gotools["crt"]="go install -v github.com/cemulus/crt@latest"
 gotools["s3scanner"]="go install -v github.com/sa7mon/s3scanner@latest" 
 
+# Declaring repositories and their paths
 declare -A repos
 repos["dorks_hunter"]="six2dez/dorks_hunter"
 repos["pwndb"]="davidtavarez/pwndb"
@@ -115,7 +108,7 @@ repos["trufflehog"]="trufflesecurity/trufflehog"
 
 
 function banner_web(){
-    echo -en "\033c"
+    tput clear
 	printf "\n${bgreen}"
 	printf "  ██▀███  ▓█████  ▄████▄   ▒█████   ███▄    █   █████▒▄▄▄█████▓ █     █░\n"
 	printf " ▓██ ▒ ██▒▓█   ▀ ▒██▀ ▀█  ▒██▒  ██▒ ██ ▀█   █ ▓██   ▒ ▓  ██▒ ▓▒▓█░ █ ░█░\n"
@@ -130,8 +123,18 @@ function banner_web(){
         printf " ${reconftw_version}                                         by @six2dez\n"
 }
 
+function install_ppfuzz() {
+    local url=$1
+    local tar_file=$2
+
+    wget -N -c "$url" $DEBUG_STD
+    eval $SUDO tar -C /usr/local/bin/ -xzf "$tar_file" $DEBUG_STD
+    eval $SUDO rm -rf "$tar_file" $DEBUG_STD
+}
+
+# This function installs various tools and repositories as per the configuration.
 function install_tools(){
-    #eval ln -s /usr/local/bin/pip3 /usr/local/bin/pip3 $DEBUG_STD
+
     eval pip3 install -I -r requirements.txt $DEBUG_STD
 
     printf "${bblue} Running: Installing Golang tools (${#gotools[@]})${reset}\n\n"
@@ -219,28 +222,18 @@ function install_tools(){
 
     if [ "True" = "$IS_ARM" ]; then
         if [ "True" = "$RPI_3" ]; then
-            eval wget -N -c https://github.com/dwisiswant0/ppfuzz/releases/download/v1.0.1/ppfuzz-v1.0.1-armv7-unknown-linux-gnueabihf.tar.gz $DEBUG_STD
-            eval $SUDO tar -C /usr/local/bin/ -xzf ppfuzz-v1.0.1-armv7-unknown-linux-gnueabihf.tar.gz  $DEBUG_STD
-            eval $SUDO rm -rf ppfuzz-v1.0.1-armv7-unknown-linux-gnueabihf.tar.gz  $DEBUG_STD
+            install_ppfuzz "https://github.com/dwisiswant0/ppfuzz/releases/download/v1.0.1/ppfuzz-v1.0.1-armv7-unknown-linux-gnueabihf.tar.gz" "ppfuzz-v1.0.1-armv7-unknown-linux-gnueabihf.tar.gz"
         elif [ "True" = "$RPI_4" ]; then
-            eval wget -N -c https://github.com/dwisiswant0/ppfuzz/releases/download/v1.0.1/ppfuzz-v1.0.1-aarch64-unknown-linux-gnueabihf.tar.gz $DEBUG_STD
-            eval $SUDO tar -C /usr/local/bin/ -xzf ppfuzz-v1.0.1-aarch64-unknown-linux-gnueabihf.tar.gz  $DEBUG_STD
-            eval $SUDO rm -rf ppfuzz-v1.0.1-aarch64-unknown-linux-gnueabihf.tar.gz  $DEBUG_STD
+            install_ppfuzz "https://github.com/dwisiswant0/ppfuzz/releases/download/v1.0.1/ppfuzz-v1.0.1-aarch64-unknown-linux-gnueabihf.tar.gz" "ppfuzz-v1.0.1-aarch64-unknown-linux-gnueabihf.tar.gz"
         fi
     elif [ "True" = "$IS_MAC" ]; then
         if [ "True" = "$IS_ARM" ]; then
-            eval wget -N -c https://github.com/dwisiswant0/ppfuzz/releases/download/v1.0.1/ppfuzz-v1.0.1-armv7-unknown-linux-gnueabihf.tar.gz $DEBUG_STD
-            eval $SUDO tar -C /usr/local/bin/ -xzf ppfuzz-v1.0.1-armv7-unknown-linux-gnueabihf.tar.gz  $DEBUG_STD
-            eval $SUDO rm -rf ppfuzz-v1.0.1-armv7-unknown-linux-gnueabihf.tar.gz  $DEBUG_STD
+            install_ppfuzz "https://github.com/dwisiswant0/ppfuzz/releases/download/v1.0.1/ppfuzz-v1.0.1-armv7-unknown-linux-gnueabihf.tar.gz" "ppfuzz-v1.0.1-armv7-unknown-linux-gnueabihf.tar.gz"
         else
-            eval wget -N -c https://github.com/dwisiswant0/ppfuzz/releases/download/v1.0.1/ppfuzz-v1.0.1-x86_64-apple-darwin.tar.gz $DEBUG_STD
-            eval $SUDO tar -C /usr/local/bin/ -xzf ppfuzz-v1.0.1-x86_64-apple-darwin.tar.gz  $DEBUG_STD
-            eval $SUDO rm -rf ppfuzz-v1.0.1-x86_64-apple-darwin.tar.gz  $DEBUG_STD
+            install_ppfuzz "https://github.com/dwisiswant0/ppfuzz/releases/download/v1.0.1/ppfuzz-v1.0.1-x86_64-apple-darwin.tar.gz" "ppfuzz-v1.0.1-x86_64-apple-darwin.tar.gz"
         fi
     else
-        eval wget -N -c https://github.com/dwisiswant0/ppfuzz/releases/download/v1.0.1/ppfuzz-v1.0.1-x86_64-unknown-linux-musl.tar.gz $DEBUG_STD
-        eval $SUDO tar -C /usr/local/bin/ -xzf ppfuzz-v1.0.1-x86_64-unknown-linux-musl.tar.gz  $DEBUG_STD
-        eval $SUDO rm -rf ppfuzz-v1.0.1-x86_64-unknown-linux-musl.tar.gz  $DEBUG_STD
+        install_ppfuzz "https://github.com/dwisiswant0/ppfuzz/releases/download/v1.0.1/ppfuzz-v1.0.1-x86_64-unknown-linux-musl.tar.gz" "ppfuzz-v1.0.1-x86_64-unknown-linux-musl.tar.gz"
     fi
     eval $SUDO chmod 755 /usr/local/bin/ppfuzz
     eval $SUDO strip -s /usr/local/bin/ppfuzz $DEBUG_STD
@@ -272,7 +265,14 @@ install_webserver(){
     $SUDO pip3 install -r $SCRIPTPATH/web/requirements.txt &>/dev/null
 
     printf "${yellow} Installing tools...${reset}\n\n"
+    if command -v apt > /dev/null; then
     $SUDO apt install redis-server -y &>/dev/null
+    elif command -v yum > /dev/null; then
+        $SUDO yum install redis -y &>/dev/null
+    else
+        printf '[ERROR] Unable to find a supported package manager. Please install redis manually.\n'
+        exit 1
+    fi
 
     printf "${yellow} Creating WEB User...${reset}\n\n"
     $SUDO rm $SCRIPTPATH/web/db.sqlite3 &>/dev/null
@@ -305,9 +305,15 @@ display_menu(){
             printf "${bblue} 3. Setup Web Interface${reset} ${yellow}(User Interaction needed!)${reset}\n\n"
             printf "${bblue} 4. Exit${reset}\n\n"
             printf "${bgreen}#######################################################################${reset}\n\n"
-            read -p "$(echo -e ${bblue} "Insert option: "${reset})" option
+            read -p "${bblue}Insert option: ${reset}" option
             printf "\n\n${bgreen}#######################################################################${reset}\n\n"
 
+            option=$(echo "$option" | tr -d '[:space:]')
+            if ! [[ "$option" =~ ^[1-4]$ ]]; then
+                printf "${bred} Invalid option. Please try again.${reset}\n\n"
+                continue
+            fi
+
             case $option in
                 1)
                     web=false
@@ -354,22 +360,26 @@ display_menu(){
                     exit 1
                     ;;
                 *)
-                    printf "${bblue} Invalid option. Exiting...${reset}\n\n"
+                    printf "${bred} Invalid option. Please try again.${reset}\n\n"
                     exit 1
                     ;;
             esac
         fi    
     done
 }
 
-if [ "$1" = '--tools' ]; then
-    install_tools
-fi
-
-if [ "$1" != '--auto' ]; then
-    echo "$1"
-    display_menu
-fi
+case "$1" in
+    --tools)
+        install_tools
+        ;;
+    --auto)
+        # possibly some other actions
+        ;;
+    *)
+        echo "$1"
+        display_menu
+        ;;
+esac
 
 printf "${yellow} This may take time. So, go grab a coffee! ${reset}\n\n"
 
@@ -432,7 +442,11 @@ eval git config --global --unset https.proxy $DEBUG_STD
 
 printf "${bblue} Running: Looking for new reconFTW version${reset}\n\n"
 
-eval git fetch $DEBUG_STD
+if ! eval git fetch $DEBUG_STD; then
+    echo "Failed to fetch updates."
+    exit 1
+fi
+
 BRANCH=$(git rev-parse --abbrev-ref HEAD)
 HEADHASH=$(git rev-parse HEAD)
 UPSTREAMHASH=$(git rev-parse "${BRANCH}@{upstream}")
@@ -608,6 +622,6 @@ if [ "$web" = true ]; then
     printf "\n${bgreen} Web server is installed, to set it up run ./install.sh and select option 3 ${reset}\n\n"
 fi
 
-printf "${yellow} Remember set your api keys:\n - amass (~/.config/amass/config.ini)\n - subfinder (~/.config/subfinder/provider-config.yaml)\n - GitLab (~/Tools/.gitlab_tokens)\n - SSRF Server (COLLAB_SERVER in reconftw.cfg or env var) \n - Blind XSS Server (XSS_SERVER in reconftw.cfg or env var) \n - notify (~/.config/notify/provider-config.yaml) \n - WHOISXML API (WHOISXML_API in reconftw.cfg or env var)\n - subgpt_cookies.json (subgpt_cookies.json file, follow instructions at https://github.com/s0md3v/SubGPT#getting-bing-cookie)\n\n\n${reset}"
+printf "${yellow} Remember set your api keys:\n - amass (~/.config/amass/config.ini)\n - subfinder (~/.config/subfinder/provider-config.yaml)\n - GitLab (~/Tools/.gitlab_tokens)\n - SSRF Server (COLLAB_SERVER in reconftw.cfg or env var) \n - Blind XSS Server (XSS_SERVER in reconftw.cfg or env var) \n - notify (~/.config/notify/provider-config.yaml) \n - WHOISXML API (WHOISXML_API in reconftw.cfg or env var)\n\n${reset}"
 printf "${bgreen} Finished!${reset}\n\n"
 printf "\n\n${bgreen}#######################################################################${reset}\n"