├── README.md
└── Arsenal.sh
/README.md:
--------------------------------------------------------------------------------
1 | # Arsenal
2 |
3 | 
4 |
5 |
6 |
7 | Recon Tool installer
8 |
9 |
10 | 
11 |
12 |
13 | ----
14 |
15 | Arsenal is a Simple shell script (Bash) used to install the most important tools and requirements for your environment and save time in installing all these tools.
16 | ## Tools in Arsenal
17 |
18 | |Name| description |
19 | |---|---|
20 | | Amass | The OWASP Amass Project performs network mapping of attack surfaces and external asset discovery using open source information gathering and active reconnaissance techniques |
21 | | ffuf | A fast web fuzzer written in Go |
22 | | dnsX | Fast and multi-purpose DNS toolkit allow to run multiple DNS queries |
23 | | meg | meg is a tool for fetching lots of URLs but still being 'nice' to servers |
24 | | gf | A wrapper around grep to avoid typing common patterns |
25 | | XnLinkFinder | This is a tool used to discover endpoints crawling a target |
26 | | httpX | httpx is a fast and multi-purpose HTTP toolkit allow to run multiple probers using retryablehttp library, it is designed to maintain the result reliability with increased threads|
27 | | Gobuster| Gobuster is a tool used to brute-force (DNS,Open Amazon S3 buckets,Web Content) |
28 | | Nuclei | Nuclei tool is Golang Language-based tool used to send requests across multiple targets based on nuclei templates leading to zero false positive or irrelevant results and provides fast scanning on various host|
29 | | Subfinder | Subfinder is a subdomain discovery tool that discovers valid subdomains for websites by using passive online sources. It has a simple modular architecture and is optimized for speed. subfinder is built for doing one thing only - passive subdomain enumeration, and it does that very well |
30 | | Naabu | Naabu is a port scanning tool written in Go that allows you to enumerate valid ports for hosts in a fast and reliable manner. It is a really simple tool that does fast SYN/CONNECT scans on the host/list of hosts and lists all ports that return a reply |
31 | | assetfinder |Find domains and subdomains potentially related to a given domain |
32 | |httprobe| Take a list of domains and probe for working http and https servers |
33 | | knockpy| Knockpy is a python3 tool designed to quickly enumerate subdomains on a target domain through dictionary attack |
34 | | waybackurl | fetch known URLs from the Wayback Machine for *.domain and output them on stdout |
35 | | Logsensor | A Powerful Sensor Tool to discover login panels, and POST Form SQLi Scanning |
36 | |Subzy |Subdomain takeover tool which works based on matching response fingerprints from can-i-take-over-xyz |
37 | | Xss-strike | Advanced XSS Detection Suite|
38 | | Altdns | Subdomain discovery through alterations and permutations |
39 | | Nosqlmap | NoSQLMap is an open source Python tool designed to audit for as well as automate injection attacks and exploit default configuration weaknesses in NoSQL databases and web applications using NoSQL in order to disclose or clone data from the database|
40 | | ParamSpider | Parameter miner for humans |
41 | |GoSpider| GoSpider - Fast web spider written in Go
42 | |eyewitness|EyeWitness is a Python tool written by @CptJesus and @christruncer. It’s goal is to help you efficiently assess what assets of your target to look into first.|
43 | |CRLFuzz| A fast tool to scan CRLF vulnerability written in Go|
44 | | DontGO403 |dontgo403 is a tool to bypass 40X errors |
45 | | Chameleon| Chameleon provides better content discovery by using wappalyzer's set of technology fingerprints alongside custom wordlists tailored to each detected technologies |
46 | | uncover |uncover is a go wrapper using APIs of well known search engines to quickly discover exposed hosts on the internet. It is built with automation in mind, so you can query it and utilize the results with your current pipeline tools |
47 | | wpscan | WordPress Security Scanner |
48 | | GraphQLmap| GraphQLmap is a scripting engine to interact with a graphql endpoint for pentesting purposes |
49 | | dalfox | DalFox is an powerful open source XSS scanning tool and parameter analyzer and utility that fast the process of detecting and verify XSS flaws. It comes with a powerful testing engine, many niche features for the cool hacker!|
50 | |http request smuggling | HTTP Request Smuggling Detection Tool|
51 | |commix|Commix (short for [comm]and [i]njection e[x]ploiter) is an open source penetration testing tool, written by Anastasios Stasinopoulos (@ancst), that automates the detection and exploitation of command injection vulnerabilities|
52 | | GoLinkFinder | A minimal JS endpoint extractor |
53 | | JWT Toolkit v2 | JWT Tookkit is a toolkit for validating, forging, scanning and tampering JWTs (JSON Web Tokens) |
54 | | GitLeaks | check git repos for secrets and keys |
55 | | csprecon | Discover new target domains using Content Security Policy |
56 | | WhatWeb | Next generation web scanner |
57 | | Arjun | Arjun can find query parameters for URL endpoints. If you don't get what that means, it's okay, read along |
58 | | Hakrawler| Fast golang web crawler for gathering URLs and JavaScript file locations. This is basically a simple implementation of the awesome Gocolly library |
59 | | Katana | A next-generation crawling and spidering framework |
60 | | GetJS |getJS is a tool to extract all the javascript files from a set of given urls |
61 | | Gotator | Gotator is a tool to generate DNS wordlists through permutations |
62 | | Osemdeus |Osmedeus - A Workflow Engine for Offensive Security |
63 | | socialhunter | it's tool to test borken link hijaked Crawls the given URL and finds broken social media links that can be hijacked. Broken social links may allow an attacker to conduct phishing attacks. It also can cost a loss of the company's reputation. Broken social media hijack issues are usually accepted on the bug bounty programs. |
64 | | mapCIDR | mapCIDR is developed to ease load distribution for mass scanning operations, it can be used both as a library and as independent CLI tool. |
65 | | shuffleDNS | shuffleDNS is a wrapper around massdns, written in go, that allows you to enumerate valid subdomains using active bruteforce, as well as resolve subdomains with wildcard handling and easy input-output support. |
66 | | jsleak | ommand-line tool designed to uncover secrets and links in JavaScript files or source code. The jsleak was inspired by Linkfinder and regexes are collected from multiple sources.|
67 | | asnmap | Go CLI and Library for quickly mapping organization network ranges using ASN information.|
68 |
69 |
70 |
71 | ----
72 | ## Requirements in Arsenal:heavy_check_mark:
73 |
74 | - Python3
75 | - Git
76 | - Ruby
77 | - Wget
78 | - GO-Lang
79 | - Rust
80 |
81 | ----
82 | ## Go-lang installation (Manual)
83 | sudo apt-get remove -y golang-go
84 | sudo rm -rf /usr/local/go
85 | wget go.dev/dl/go1.20.4.linux-amd64.tar.gz
86 | sudo tar -xvf go1.20.4.linux-amd64.tar.gz
87 | sudo mv go /usr/local
88 | nano /etc/profile or .profile
89 | export GOPATH=$HOME/go
90 | export PATH=$PATH:/usr/local/go/bin
91 | export PATH=$PATH:$GOPATH/bin
92 | source /etc/profile #to update you shell dont worry
93 | ----
94 | ## How to install
95 |
96 | git clone https://github.com/Micro0x00/Arsenal.git
97 | cd Arsenal
98 | sudo chmod +x Arsenal.sh
99 | sudo ./Arsenal.sh
100 |
101 |
102 |
103 | 
104 |
105 |
106 |
107 |
108 | Support:
109 | 
110 |
--------------------------------------------------------------------------------
/Arsenal.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 |
3 | #colors
4 | END="\e[1m"
5 | Red="\e[31m"
6 | GREEN="\e[32m"
7 | BOLDGREEN="\e[1;${GREEN}"
8 | YELLOW="\033[0;33m"
9 | Cyan="\e[0;36m"
10 | white="\e[0;37m"
11 | #check you are root or not
12 | if [ $EUID -ne 0 ]
13 | then echo -e "${Red}Please run as a root${END}"
14 | exit
15 | fi
16 | #banner for Script to look cool
17 |
18 | echo -e "
19 | ${Red}
20 | █████╗ ██████╗ ███████╗███████╗███╗ ██╗ █████╗ ██╗
21 | ██╔══██╗██╔══██╗██╔════╝██╔════╝████╗ ██║██╔══██╗██║
22 | ███████║██████╔╝███████╗█████╗ ██╔██╗ ██║███████║██║
23 | ██╔══██║██╔══██╗╚════██║██╔══╝ ██║╚██╗██║██╔══██║██║
24 | ██║ ██║██║ ██║███████║███████╗██║ ╚████║██║ ██║███████╗
25 | ╚═╝ ╚═╝╚═╝ ╚═╝╚══════╝╚══════╝╚═╝ ╚═══╝╚═╝ ╚═╝╚══════╝ v2
26 |
27 | "
28 |
29 | # create a dir to your arsenal
30 | mkdir Arsenal &> /dev/null
31 | cd Arsenal
32 | requirements(){
33 | # check go
34 | go_v=$(go version) 2> /dev/null
35 | if ! command -v go &> /dev/null
36 | then
37 | echo "go is not installed"
38 | echo "installing go now "
39 | sudo apt remove -y golang-go &>/dev/null
40 | sudo rm -rf /usr/local/go &>/dev/null
41 | wget https://go.dev/dl/go1.22.3.linux-amd64.tar.gz &>/dev/null
42 | sudo tar -xvf go1.22.3.linux-amd64.tar.gz -C /usr/local/ &>/dev/null
43 | export GOPATH=$HOME/go
44 | export PATH=$PATH:/usr/local/go/bin
45 | export PATH=$PATH:$GOPATH/bin
46 | source /etc/profile #to update you shell don't worry
47 | else
48 | echo -e "${Cyan}Go is already installed and your version is: ${go_v:13}${END}"
49 | fi
50 | if ! command -v go &> /dev/null
51 | then
52 | echo "If you get this message, run 'source /etc/profile' to update your shell and run again. #golang is installed, have a good day!"
53 | exit
54 | fi
55 | apt install build-essential -y &> /dev/null
56 |
57 | # Check For The requirements
58 | if ! command -v git ruby rustc python3 &> /dev/null
59 | then
60 | echo "Git, Ruby, Rust, or Python is not installed. We will install them for you now."
61 | echo "Installing Git"
62 | apt install git -y &> /dev/null
63 | echo "Installing Ruby"
64 | apt install ruby-full -y &
65 | echo "Installing Rust"
66 | curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh &> /dev/null
67 | echo "Installing Python"
68 | apt install python3 -y &> /dev/null
69 | apt install python3-pip -y &> /dev/null
70 | else
71 | echo -e "${BOLDGREEN}All requirements are already installed.${END}"
72 | fi
73 | }
74 | #Tools Time
75 | Tools(){
76 | # Check if httpx installed or not
77 | if ! command -v httpx -h &> /dev/null
78 | then
79 | echo "installing httpx now"
80 | go install -v github.com/projectdiscovery/httpx/cmd/httpx@latest &> /dev/null
81 | echo "httpx has been installed"
82 | else
83 | echo "httpx is already installed"
84 | fi
85 |
86 | # Check if httprobe installed or not
87 | if ! command -v httprobe &> /dev/null
88 | then
89 | echo "installing httprobe now"
90 | go install github.com/tomnomnom/httprobe@latest
91 | sudo cp $HOME/go/bin/httprobe /usr/local/bin
92 | echo "httprobe has been installed"
93 | else
94 | echo "httprobe is already installed"
95 | fi
96 |
97 | # Check if amass installed or not
98 | if ! command -v amass &> /dev/null
99 | then
100 | echo "Installing amass now"
101 | go install -v github.com/OWASP/Amass/v3/...@master &> /dev/null
102 | sudo cp $HOME/go/bin/amass /usr/local/bin
103 | echo "amass has been installed"
104 | else
105 | echo "amass is already installed"
106 | fi
107 |
108 | # Check if gobuster installed or not
109 | if ! command -v gobuster &> /dev/null
110 | then
111 | echo "Installing gobuster now"
112 | go install github.com/OJ/gobuster/v3@latest &> /dev/null
113 | sudo cp $HOME/go/bin/gobuster /usr/local/bin
114 | echo "GoBuster has been installed"
115 | else
116 | echo "Gobuster is already installed"
117 | fi
118 |
119 | # Check if nuclei installed or not
120 | if ! command -v nuclei &> /dev/null
121 | then
122 | echo "Installing nuclei now"
123 | go install -v github.com/projectdiscovery/nuclei/v2/cmd/nuclei@latest &> /dev/null
124 | sudo cp $HOME/go/bin/nuclei /usr/local/bin
125 | echo "nuclei installation is done"
126 | else
127 | echo "nuclei is already installed"
128 | fi
129 |
130 | # Check if subfinder installed or not
131 | if ! command -v subfinder &> /dev/null
132 | then
133 | echo "Installing subfinder now"
134 | go install -v github.com/projectdiscovery/subfinder/v2/cmd/subfinder@latest &> /dev/null
135 | sudo cp $HOME/go/bin/subfinder /usr/local/bin
136 | echo "subfinder installation is done"
137 | else
138 | echo "subfinder is already installed"
139 | fi
140 |
141 | # Check if assetfinder is installed or not
142 | if ! command -v assetfinder &> /dev/null
143 | then
144 | echo "installing assetfinder now"
145 | go install github.com/tomnomnom/assetfinder@latest &> /dev/null
146 | echo "assetfinder has been installed"
147 | else
148 | echo "assetfinder is already installed"
149 | fi
150 |
151 | # Check if ffuf installed or not
152 | if ! command -v ffuf &> /dev/null
153 | then
154 | echo "Installing ffuf now"
155 | go install github.com/ffuf/ffuf@latest
156 | cp $HOME/go/bin/ffuf /usr/local/bin
157 | echo "ffuf has been installed"
158 | else
159 | echo "ffuf is already installed"
160 | fi
161 |
162 | # Check if gf installed or not
163 | if ! command -v gf &> /dev/null
164 | then
165 | echo "installing gf now"
166 | go install github.com/tomnomnom/gf@latest &> /dev/null
167 | cp $HOME/go/bin/gf /usr/local/bin
168 | echo "gf has been installed"
169 | else
170 | echo "gf is already installed"
171 | fi
172 |
173 | # Check if meg installed or not
174 | if ! command -v meg &> /dev/null
175 | then
176 | echo "Instaliing meg now"
177 | go install github.com/tomnomnom/meg@latest &> /dev/null
178 | cp $HOME/go/bin/meg /usr/local/bin
179 | echo "meg has been installed"
180 | else
181 | echo "meg is already installed"
182 | fi
183 |
184 | # Check if waybackurls installed or not
185 | if ! command -v waybackurls &> /dev/null
186 | then
187 | echo "installing waybackurls now"
188 | go install github.com/tomnomnom/waybackurls@latest &> /dev/null
189 | cp $HOME/go/bin/waybackurls /usr/local/bin
190 | echo "waybackurls has been installed"
191 |
192 | else
193 | echo "waybackurls is already installed"
194 | fi
195 |
196 | if ! command -v subzy &> /dev/null
197 | then
198 |
199 | go install -v github.com/LukaSikic/subzy@latest &> /dev/null
200 | echo "installing subzy now "
201 | sudo cp $HOME/go/bin/subzy /usr/local/bin
202 | echo "subzy has been installed"
203 |
204 |
205 |
206 | else
207 | echo "subzy already installed"
208 |
209 |
210 | fi
211 | if ! command -v asnmap -h &> /dev/null
212 | then
213 | echo "installing asnmap now "
214 | go install github.com/projectdiscovery/asnmap/cmd/asnmap@latest &> /dev/null
215 | echo "asnmap has been installed"
216 |
217 | else
218 | echo "asnmap is already installed"
219 |
220 | fi
221 |
222 | if ! command -v jsleak -h &> /dev/null
223 | then
224 | echo "installing jsleak now "
225 | go install github.com/channyein1337/jsleak@latest &> /dev/null
226 | echo "jsleak has been installed"
227 |
228 | else
229 | echo "jsleak is already installed"
230 |
231 | fi
232 |
233 |
234 | if ! command -v mapcidr -h &> /dev/null
235 | then
236 | echo "installing mapcidr now "
237 | go install -v github.com/projectdiscovery/mapcidr/cmd/mapcidr@latest &> /dev/null
238 | echo "mapcidr has been installed"
239 |
240 | else
241 | echo "mapcidr is already installed"
242 |
243 | fi
244 |
245 | if ! command -v dnsx &> /dev/null
246 | then
247 | echo "installing dnsx now "
248 | go install -v github.com/projectdiscovery/dnsx/cmd/dnsx@latest &> /dev/null
249 | sudo cp $HOME/go/bin/dnsx /usr/local/bin
250 | echo "dnsx has been installed"
251 |
252 | else
253 | echo "dnsx is already installed"
254 |
255 | fi
256 | if ! command -v gospider &> /dev/null
257 | then
258 |
259 | echo "installing gospider now "
260 | go install github.com/jaeles-project/gospider@latest &> /dev/null
261 | sudo cp $HOME/go/bin/gospider /usr/local/bin
262 | echo "gospider has been installed"
263 |
264 |
265 | else
266 | echo "gospider is already installed"
267 | fi
268 | if ! command -v wpscan &> /dev/null
269 | then
270 |
271 | echo "installing wpscan now "
272 | gem install wpscan &> /dev/null
273 | if command -v wpscan -h
274 | then
275 | echo "wpscan has been installed"
276 | fi
277 |
278 |
279 | else
280 | echo "wpscan already installed"
281 |
282 |
283 | fi
284 | if ! command -v CRLFuzz &> /dev/null
285 | then
286 | echo "installing CRLFuzz now "
287 | go install github.com/dwisiswant0/crlfuzz/cmd/crlfuzz@latest &> /dev/null
288 | sudo cp $HOME/go/bin/crlfuzz /usr/local/bin
289 |
290 | #CRLFuzz
291 | else
292 | echo " CRLFuzz has been installed"
293 | fi
294 |
295 |
296 | echo "installing dontgo403 now "
297 | git clone https://github.com/devploit/dontgo403 &> /dev/null
298 | cd dontgo403
299 | go get &> /dev/null
300 | go build &> /dev/null
301 | echo " Try ./dontgo403 -h to run "
302 | cd - &> /dev/null
303 |
304 |
305 | if ! command -v katana -h &> /dev/null
306 | then
307 |
308 | echo "installing katana now "
309 | go install github.com/projectdiscovery/katana/cmd/katana@latest
310 | sudo cp $HOME/go/bin/katana /usr/local/bin
311 | echo "Katana has been installed"
312 |
313 |
314 |
315 | else
316 | echo "katana is already installed"
317 | fi
318 |
319 |
320 | if ! command -v uncover &> /dev/null
321 | then
322 |
323 | echo "installing uncover now "
324 | go install -v github.com/projectdiscovery/uncover/cmd/uncover@latest &> /dev/null
325 | sudo cp $HOME/go/bin/uncover /usr/local/bin
326 | echo "uncover has been installed"
327 |
328 |
329 |
330 | else
331 | echo "uncover is already installed"
332 | fi
333 | if ! command -v dalfox &> /dev/null
334 | then
335 |
336 | echo "installing Dalfox now "
337 | go install github.com/hahwul/dalfox/v2@latest &> /dev/null
338 | cp $HOME/go/bin/dalfox /usr/local/bin
339 | echo "dalfox has been installed"
340 |
341 | else
342 | echo "dalfox is already installed"
343 |
344 |
345 | fi
346 |
347 | if ! command -v GoLinkFinder &> /dev/null
348 | then
349 |
350 | echo "installing GoLinkFinder now "
351 | go install github.com/0xsha/GoLinkFinder@latest &> /dev/null
352 | cp $HOME/go/bin/GoLinkFinder /usr/local/bin
353 | echo "GoLinkFinder has been installed"
354 |
355 |
356 | else
357 | echo "GoLinkFinder is already installed"
358 |
359 | fi
360 | if ! command -v hakrawler &> /dev/null
361 | then
362 | echo "installing hakrawler now "
363 |
364 | go install github.com/hakluke/hakrawler@latest &> /dev/null
365 | cp $HOME/go/bin/hakrawler /usr/local/bin
366 | echo "Hakrawler has been installed"
367 |
368 |
369 | else
370 | echo "hakrawler is already installed"
371 |
372 | fi
373 |
374 | if ! command -v csprecon &> /dev/null
375 | then
376 | echo "installing csprecon now "
377 |
378 | go install github.com/edoardottt/csprecon/cmd/csprecon@latest &> /dev/null
379 | echo "csprecon has been installed"
380 |
381 |
382 | else
383 | echo "csprecon is already installed"
384 |
385 | fi
386 |
387 | if ! command -v gotator &> /dev/null
388 | then
389 | echo "installing gotator now "
390 |
391 | `go env -w GO111MODULE="auto"`
392 | go install github.com/Josue87/gotator@latest &> /dev/null
393 | echo "gotator has been installed"
394 |
395 | else
396 | echo "gotator is already installed"
397 |
398 | fi
399 | if ! command -v osmedeus &> /dev/null
400 | then
401 | echo "installing osmedeus now "
402 |
403 | go install -v github.com/j3ssie/osmedeus@latest &> /dev/null
404 | echo "osmedeus has been installed"
405 |
406 |
407 | else
408 | echo "osmedeus is already installed"
409 |
410 | fi
411 |
412 | if ! command -v shuffledns &> /dev/null
413 | then
414 | echo "Installing shuffledns Now"
415 | go install -v github.com/projectdiscovery/shuffledns/cmd/shuffledns@latest &> /dev/null
416 | echo "shuffledns has been installed"
417 |
418 |
419 | else
420 | echo "shuffledns is already installed"
421 |
422 | fi
423 |
424 | if ! command -v socialhunter -h &> /dev/null
425 | then
426 |
427 | go install github.com/utkusen/socialhunter@latest &> /dev/null
428 | echo "socialhunter has been installed"
429 |
430 |
431 | else
432 | echo "socialhunter is already installed"
433 |
434 | fi
435 |
436 | if ! command -v getJS &> /dev/null
437 | then
438 | echo "installing getJS"
439 | go install github.com/003random/getJS@latest &> /dev/null
440 | echo "getJS has been installed"
441 |
442 |
443 |
444 | else
445 | echo "getJS is already installed"
446 |
447 | fi
448 |
449 | echo "Time to install some python Tools"
450 | sleep 3s
451 |
452 | echo -e "installing knockpy"
453 | git clone https://github.com/guelfoweb/knock.git &> /dev/null
454 | cd knock || exit
455 | pip3 install -r requirements.txt &> /dev/null
456 | cd -
457 |
458 | read -p "Do You want install XSStrike (Y/n) " choice
459 | case $choice in
460 | no | No | NO | n)
461 | ;;
462 | yes| YES | Yes | y | Y )
463 | echo -e "installing XSStrike"
464 | git clone https://github.com/s0md3v/XSStrike &> /dev/null
465 | cd XSStrike || exit
466 | pip3 install -r requirements.txt
467 | echo -e "XSStrike has been installed"
468 | ;;
469 | esac
470 | cd - &> /dev/null
471 |
472 | read -p "Do You want install Logsensor (Y/n) " choice
473 | case $choice in
474 | no | No | NO | n)
475 | ;;
476 | yes| YES | Yes | y | Y)
477 | echo -e "installing Logsensor"
478 | git clone https://github.com/Mr-Robert0/Logsensor.git &> /dev/null
479 | cd Logsensor
480 | chmod +x logsensor.py
481 | chmod +x install.sh
482 | pip install -r requirements.txt
483 | ./install.sh &> /dev/null
484 | echo "Logsensor has been installed"
485 | ;;
486 | esac
487 | cd - &> /dev/null || exit
488 |
489 | read -p "Do You want install Altdns (Y/n) " choice
490 | case $choice in
491 | no | No | NO | n)
492 | ;;
493 | yes| YES | Yes | y | Y)
494 | echo -e "installing Altdns"
495 | git clone https://github.com/infosec-au/altdns.git &> /dev/null
496 | cd altdns || exit
497 | pip3 install -r requirements.txt
498 | echo "Altdns has been installed"
499 | echo "to run try python3 altdns --help"
500 | ;;
501 | esac
502 | cd - &> /dev/null || exit
503 |
504 |
505 |
506 | read -p "Do You want install xnLinkFinder (Y/n) " choice
507 | case $choice in
508 | no | No | NO | n)
509 | ;;
510 | yes| YES | Yes | y | Y)
511 | git clone https://github.com/xnl-h4ck3r/xnLinkFinder.git &> /dev/null
512 | cd xnLinkFinder || exit
513 | python3 setup.py install
514 | echo "xnLinkFinder has been installed"
515 | ;;
516 | esac
517 | cd - || exit
518 |
519 | read -p "Do You want install ParamSpider (Y/n) " choice
520 | case $choice in
521 | no | No | NO | n)
522 | ;;
523 | yes| YES | Yes | y | Y )
524 | git clone https://github.com/devanshbatham/ParamSpider &> /dev/null
525 | cd ParamSpider || exit
526 | pip3 install -r requirements.txt
527 | echo "ParamSpider has been installed"
528 | echo "To use try python3 paramspider.py --domain target.com"
529 | ;;
530 | esac
531 | cd - &> /dev/null
532 |
533 | read -p "Do You want install NoSQLMap (Y/n) " choice
534 | case $choice in
535 | no | No | NO | n)
536 | ;;
537 | yes| YES | Yes | y |Y )
538 | git clone https://github.com/codingo/NoSQLMap.git &> /dev/null
539 | cd NoSQLMap
540 | python3 setup.py install /dev/null
541 |
542 | echo "NoSQLMap has been installed"
543 | ;;
544 | esac
545 | cd - &> /dev/null || exit
546 |
547 |
548 |
549 |
550 | read -p "Do You want install chameleon (Y/n) " choice
551 | case $choice in
552 | no | No | NO | n)
553 | ;;
554 | yes| YES | Yes | y | Y)
555 | curl -sL https://raw.githubusercontent.com/iustin24/chameleon/master/install.sh | bash
556 |
557 | echo "Chameleon has been installed"
558 | ;;
559 | esac
560 | cd -
561 |
562 |
563 |
564 | read -p "Do You want install GraphQLmap (Y/n) " choice
565 | case $choice in
566 | no | No | NO | n)
567 | ;;
568 | yes| YES | Yes | y | Y)
569 | git clone https://github.com/swisskyrepo/GraphQLmap
570 | cd GraphQLmap/ || exit
571 | python3 setup.py install
572 | echo "GraphQLmap has been installed"
573 | ;;
574 | esac
575 | cd -
576 |
577 |
578 | read -p "Do You want install WhatWeb (Y/n) " choice
579 | case $choice in
580 | no | No | NO | n)
581 | ;;
582 | yes| YES | Yes | y | Y)
583 | git clone https://github.com/urbanadventurer/WhatWeb.git
584 | cd WhatWeb/
585 | gem install bundler
586 | bundle update
587 | bundle install
588 | echo "WhatWeb has been installed"
589 | ;;
590 | esac
591 | cd -
592 |
593 |
594 | read -p "Do You want install http request smuggling (Y/n) : " choice
595 | case $choice in
596 | no | No | NO | n | N)
597 | ;;
598 | yes| YES | Yes | y | Y)
599 | git clone https://github.com/anshumanpattnaik/http-request-smuggling.git
600 | cd http-request-smuggling || exit
601 | pip3 install -r requirements.txt
602 | echo "http request smuggling has been installed"
603 | ;;
604 | esac
605 | cd -
606 |
607 |
608 |
609 |
610 | read -p "Do You want install commix (Y/n) : " choice
611 | case $choice in
612 | no | No | NO | n)
613 | ;;
614 | yes| YES | Yes | y | Y)
615 | git clone https://github.com/commixproject/commix.git commix
616 | cd commix || exit
617 | echo "commix has been installed"
618 | ;;
619 | esac
620 | cd -
621 |
622 |
623 |
624 | read -p "Do You want install JWT_TOOL (Y/n) : " choice
625 | case $choice in
626 | no | No | NO | n)
627 | ;;
628 | yes| YES | Yes | y | Y)
629 | git clone https://github.com/ticarpi/jwt_tool
630 | cd jwt_tool || exit
631 | python3 -m pip install termcolor cprint pycryptodomex requests
632 | chmod +x jwt_tool.py
633 | echo "JWT_TOOL has been installed"
634 | ;;
635 | esac
636 | cd -
637 |
638 |
639 |
640 |
641 | read -p "Do You want install Arjun (Y/n) : " choice
642 | case $choice in
643 | no | No | NO | n)
644 | ;;
645 | yes| YES | Yes | y | Y)
646 | git clone https://github.com/s0md3v/Arjun
647 | cd Arjun || exit
648 | python3 setup.py install
649 | echo "Arjun has been installed"
650 | ;;
651 | esac
652 | cd -
653 |
654 |
655 | read -p "Do You want install Gitleaks (Y/n) : " choice
656 | case $choice in
657 | no | No | NO | n)
658 | ;;
659 | yes| YES | Yes | y | Y)
660 | git clone https://github.com/zricethezav/gitleaks.git
661 | cd gitleaks || exit
662 | make build
663 | mv gitleaks /usr/local/bin
664 | ;;
665 | esac
666 | cd - || exit
667 |
668 |
669 |
670 | }
671 |
672 |
673 | requirements
674 | Tools
675 |
--------------------------------------------------------------------------------