├── .gitattributes ├── README.md ├── arsenal ├── Bheem.sh ├── autoxss.sh ├── bleed.sh ├── config_file.py ├── corser.sh ├── dirfuzz.sh ├── discord_bot.py ├── extractor.sh ├── faver.sh ├── gitter.sh ├── jscan.sh ├── large.sh ├── medium.sh ├── nuclear.sh ├── parameter.sh ├── params_loop.sh ├── pattern.sh ├── portscan.sh ├── portscan_single.sh ├── probe_single.sh ├── prober.sh ├── providers.json ├── requirements.txt ├── resolvers.txt ├── secrets.sh ├── small.sh ├── subbruter.sh ├── subdomain.sh ├── subdomains.txt └── takeover.sh └── install.sh /.gitattributes: -------------------------------------------------------------------------------- 1 | # Auto detect text files and perform LF normalization 2 | * text=auto 3 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # Project Bheem 2 | 3 | Project Bheem is a simple collection of small bash-scripts which runs iteratively to carry out various tools and recon process & store output in an organized way. This project was created initially for automation of Recon for personal usage and was never meant to be public as there is nothing fancy about it but due to request by community, Project Bheem is now Public. 4 | Please feel free to improve it in any way you can. There is no secret sauce involved and it's just a set of commands and existing tools written in bash-scripts for simple Recon Automation. 5 | 6 | Project Bheem Supports an approach of Recon from @harshbothra_'s Scope Based Recon Methodology. Currently this tools supports performing recon for: 7 | 8 | 1. Small Scope (single urls in scope) : Performs a limited recon & useful when only a few urls are provided in scope 9 | 2. Medium Scope (\*.target.com in scope) : Performs recon to enumerate more assets and give you more options to attack on. 10 | 3. Large Scope (Everything in Scope) : Performs almost every possible recon vector from subdomain enumeration to fuzzing. 11 | 12 | A few features like port scanning might not be working in the current build and some of the newly released tools might also be missed. we are working on upgrading the tool but feel free to fork, upgrade and make a pull request (Ensure that tool is not breaking). 13 | 14 | 15 | ### A big thanks to "Kathan Patel" for restructuring Project Bheem to Support Scope Based Recon. 16 | 17 | # Pre-Requisite 18 | 19 | 1. Make sure to have "Go" latest version is installed and paths are correctly set. 20 | 21 | # Installation 22 | 23 | 1. Clone the repository 24 | 2. Run the following script to install necessary tools: ``sh install.sh`` 25 | 3. The ``arsenal`` directory contains a set of small scripts used to automate Bheem. Give executable permissions to scripts in this directory. 26 | 4. Navigate to ``~/arsenal`` directory and Simply run following command to see all the supported options provided in Bheem: 27 | 28 | ``./Bheem.sh -h`` 29 | 30 | 31 | 5. To use it over vps for performing recon on larger set of targets perform following command: 32 | 33 | ``screen -S `` 34 | ``~/arsenal/Bheem.sh -h`` 35 | 36 | 6. This will keep ``Bheem`` running even if the SSH Connection is terminated or you turn off your local machine. 37 | 38 | # Docker Installation 39 | 40 | - If you are lazy like me and hate wasting time in setup don't worry,we have created the docker env. to use Bheem without any setup 41 | - we have integrate Bheem with [Hacktools](https://github.com/xavier9909/IIEC-RISE-DOCKER-1.0-HackTools) 42 | 43 | - ``docker pull xavier9909/hacktools_bheem`` 44 | - ``docker run -it xavier9909/hacktools_bheem`` 45 | - ``cd arsenal && ./Bheem.sh`` 46 | - ``or just simply type bheem from any directory`` 47 | - Simply interect with the terminal and hit the target 48 | - one liner image publishing soon 49 | 50 | 51 | # Sample Usage 52 | 53 | 1. Small Scope Recon : ``Bheem -t targetfile -S`` 54 | 2. Medium Scope Recon : ``Bheem -t targetfile -M`` 55 | 3. Large Scope Recon : ``Bheem -t targetfile -L`` 56 | 57 | ``targetfile`` contains list of domains to perform Recon. For example: `targettest.com` 58 | 59 | ### Exclude out-of-scope subdomains 60 | 61 | Bheem has a flag to remove out-of-scope subdomains from the scan. To do so you have to use "-e" flag with comma separated subdomains. 62 | 63 | ``Bheem -t targetfile -S -e sub.ex.com,sub1.ex.com`` 64 | 65 | # Side Notes 66 | 67 | 1. If you don't want to use specific module, just comment it out and it won't be used anymore. 68 | 2. Change the Blind XSS Payload in the following file `/Bheem/arsenal/autoxss.sh` to yours . Visit [XSS Hunter](https://xsshunter.com/) to get your Blind XSS Payload 69 | 70 | # Tools Used 71 | 72 | 1. Nuclei 73 | 2. HTTPX 74 | 3. GF & GF-Patterns 75 | 4. Secret Finder 76 | 5. Heartbleed Oneliner 77 | 6. AMASS 78 | 7. Subfinder 79 | 8. Assetfinder 80 | 9. JSScan 81 | 10. FavFreak 82 | 11. Waybackurls 83 | 12. Gau 84 | 13. Parallel 85 | 14. asnip 86 | 15. dirsearch 87 | 16. gowitness 88 | 17. subjack 89 | 18. CORS Scanner 90 | 19. git-hound 91 | 20. Shuffledns 92 | 21. Massdns 93 | 94 | ~ Other onliners and tools to be added. 95 | 96 | # PR Notes 97 | 98 | 1. If there is any GO Version/Path related issues, please do not create a PR for it. 99 | 2. Please create a PR for the Feature Request. 100 | 3. If there is any missing part in ``install.sh`` please create a PR for it. 101 | 4. For specific tool related issue such as installation for `X` tool used by Bheem is not successful, please do not create a PR for it. As this issue is required to be Raise to the specific Tool Owner. 102 | 103 | # Future Plans/Under Development 104 | 105 | 1. Adding Directory Enumeration_ 106 | 2. Adding Subdomain Bruteforcing_ 107 | 3. Adding HTTP Desync Scanner_ 108 | 4. Adding Vulnerable Software & Exploit Suggester 109 | 5. Adding Oneline Scanner for _CORS_, CRLF & Other Vectors 110 | 6. Adding Visual Recon 111 | 7. Adding Web Based Handling Of Results 112 | 113 | # Special Thanks 114 | 115 | Every single application security community member and tool developers. Special Thanks to: 116 | 117 | 1. Project Discovery (Httpx, Subfinder, chaos, nuclei) 118 | 2. OWASP (Amass) 119 | 3. Tomnomnom (Assetfinder, Waybackurls, GF) 120 | 4. Devansh (FavFreak) 121 | 5. Imran (Heartbleed oneliner) 122 | 6. M4ll0k (Secret Finder) 123 | 7. lc (gau) 124 | 8. tillson (git-hound) 125 | 9. ffuf (ffuf) 126 | 10. sensepost (gowitness) 127 | 11. defparam (smuggler) 128 | 12. haccer (subjack) 129 | 13. crt.sh (YashGoti) 130 | 131 | ### Please feel free to contribute. 132 | -------------------------------------------------------------------------------- /arsenal/Bheem.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | logo(){ 4 | echo ' '; 5 | echo -e '\e[38;5;88m______ _______ _______ _______ '; 6 | echo -e '\e[38;5;88m( ___ \ |\ /|( ____ \( ____ \( )'; 7 | echo -e '\e[38;5;215m| ( ) )| ) ( || ( \/| ( \/| () () |'; 8 | echo -e '\e[38;5;215m| (__/ / | (___) || (__ | (__ | || || |'; 9 | echo -e '\e[38;5;215m| __ ( | ___ || __) | __) | |(_)| |'; 10 | echo -e '\e[38;5;208m| ( \ \ | ( ) || ( | ( | | | |'; 11 | echo -e '\e[38;5;208m| )___) )| ) ( || (____/\| (____/\| ) ( |'; 12 | echo -e '\e[38;5;208m|/ \___/ |/ \|(_______/(_______/|/ \|'; 13 | echo -e '\e[38;5;208m '; 14 | 15 | echo -e '\e[38;5;208mAutomated with <3 by Harsh Bothra (@harshbothra_) & Kathan Patel (@KathanP19)\e[0m'; 16 | } 17 | 18 | logo 19 | 20 | red=`tput setaf 1` 21 | green=`tput setaf 2` 22 | reset=`tput sgr0` 23 | 24 | small_recon(){ 25 | echo '-----------------------------------------------------' 26 | echo "${red} Starting Small Scope Recon on : ${green} [$(echo $target)] ${reset}" 27 | echo '-----------------------------------------------------' 28 | 29 | bash ~/arsenal/small.sh $target 30 | 31 | echo '-----------------------------------------------------' 32 | echo "${red} Starting Small Scope Recon on : ${green} [$(echo $target)] ${reset}" 33 | echo '-----------------------------------------------------' 34 | 35 | } 36 | 37 | medium_recon(){ 38 | echo '-----------------------------------------------------' 39 | echo "${red} Starting Medium Scope Recon on : ${green} [$(echo $target)] ${reset}" 40 | echo '-----------------------------------------------------' 41 | 42 | bash ~/arsenal/medium.sh $target 43 | 44 | echo '-----------------------------------------------------' 45 | echo "${red} Starting Medium Scope Recon on : ${green} [$(echo $target)] ${reset}" 46 | echo '-----------------------------------------------------' 47 | 48 | } 49 | 50 | large_recon(){ 51 | echo '-----------------------------------------------------' 52 | echo "${red} Starting Large Scope Recon on : ${green} [$(echo $target)] ${reset}" 53 | echo '-----------------------------------------------------' 54 | 55 | bash ~/arsenal/large.sh $target 56 | 57 | echo '-----------------------------------------------------' 58 | echo "${red} Starting Large Scope Recon on : ${green} [$(echo $target)] ${reset}" 59 | echo '-----------------------------------------------------' 60 | 61 | } 62 | 63 | while getopts ":t:eSMLh" opt; do 64 | case ${opt} in 65 | t ) target=$OPTARG 66 | ;; 67 | e ) exclude=$OPTARG 68 | ;; 69 | S ) small_recon 70 | ;; 71 | M ) medium_recon 72 | ;; 73 | L ) large_recon 74 | ;; 75 | \? | h ) echo "Usage :"; 76 | echo " -t List of target"; 77 | echo " -e Exclude target.(eg: sub1.ex.com,sub2.ex.com)"; 78 | echo " -S Perform Small Recon"; 79 | echo " -M Perform Medium Recon"; 80 | echo " -L Perform Large Recon"; 81 | echo " -h Displays the usage details"; 82 | ;; 83 | : ) echo "Invalid Argument"; 84 | ;; 85 | esac 86 | done 87 | shift $((OPTIND -1)) 88 | -------------------------------------------------------------------------------- /arsenal/autoxss.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | dir=~/Recon/$1 4 | 5 | dalfox -b hahwul.xss.ht file $dir/$1_params > $dir/$1_xss; 6 | -------------------------------------------------------------------------------- /arsenal/bleed.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | dir=~/Recon/$1 3 | cat $dir/$1_probed | while read line ; do echo "QUIT"|openssl s_client -connect $line:443 2>&1|grep 'server extension "heartbeat" (id=15)' || echo $line: safe; done 4 | 5 | 6 | -------------------------------------------------------------------------------- /arsenal/config_file.py: -------------------------------------------------------------------------------- 1 | discord_url = "" 2 | # add your discord webhook to the variable. -------------------------------------------------------------------------------- /arsenal/corser.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | dir=~/Recon/$1 4 | 5 | #python ~/Tools/CORScanner/cors_scan.py -i $dir/$1_probed -t 200 > $dir/$1_cors; 6 | corscanner -i $dir/$1_probed -t 200 > $dir/$1_cors; 7 | -------------------------------------------------------------------------------- /arsenal/dirfuzz.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | dir=~/Recon/$1 4 | res=$dir/directoryEnum 5 | mkdir $res; 6 | 7 | python3 ~/Tools/dirsearch/dirsearch.py -l $dir/$1_probed -t 300 -i 200,201,202,203,204,301,302,303,304 -b; 8 | mv ~/Tools/dirsearch/reports/ $res; 9 | 10 | 11 | -------------------------------------------------------------------------------- /arsenal/discord_bot.py: -------------------------------------------------------------------------------- 1 | import requests 2 | import sys 3 | import config_file 4 | 5 | def DiscordWebHook(discordUrl): 6 | # rename your bot here 7 | botName = "Bheem Bot" 8 | 9 | message = f'```yaml\n [{sys.argv[1]}]: Finished Bheem Script for {sys.argv[2]}``` Results stored in **folder**: {sys.argv[3]}' 10 | data = { 11 | "content": message, 12 | "username": botName 13 | } 14 | 15 | response = requests.post(discordUrl, json=data) 16 | 17 | if (response.status_code == 204): 18 | print('Notified ') 19 | else: 20 | print('Some error occured.') 21 | 22 | 23 | def getHooks(): 24 | discordUrl = config_file.discord_url 25 | # space to grab more URLS 26 | 27 | 28 | if (discordUrl): 29 | DiscordWebHook(discordUrl) 30 | else: 31 | print("Please add a discord web Hook!") 32 | 33 | 34 | getHooks() -------------------------------------------------------------------------------- /arsenal/extractor.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | dir=~/Recon/$1 4 | 5 | waybackurls $1 > $dir/$1_extraction; 6 | gau $1 >> $dir/$1_extraction; cat $dir/$1_extraction | sort -u > $dir/$1_archive_extracts; 7 | -------------------------------------------------------------------------------- /arsenal/faver.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | dir=~/Recon/$1 4 | 5 | 6 | echo https://$1 | python3 ~/Tools/FavFreak/favfreak.py > $dir/$1_faver; 7 | 8 | cat $dir/$1_faver | grep 'h]' | cut -d ] -f2 | cut -d " " -f2 | tee $dir/$1_faviconhash; 9 | 10 | 11 | -------------------------------------------------------------------------------- /arsenal/gitter.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | dir=~/Recon/$1 3 | cat $dir/$1_probed | git-hound --dig-files --dig-commits > $dir/$1_gitrecon 4 | 5 | -------------------------------------------------------------------------------- /arsenal/jscan.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | dir=~/Recon/$1 3 | 4 | echo $1 | gau | grep -iE "\.js$" | uniq | sort >> $dir/$1_jsfile_links; 5 | echo $1 | subjs >> $dir/$1_jsfile_links; 6 | echo $1 | hakrawler -js -depth 2 -scope subs -plain >> $dir/$1_jsfile_links; 7 | 8 | cat $dir/$1_jsfile_links | httpx -follow-redirects -silent -status-code | grep "[200]" | cut -d ' ' -f1 | sort -u > $dir/$1_live_jsfile_links; 9 | 10 | python3 ~/Tools/LinkFinder/linkfinder.py -d -i $1 -o cli >> $dir/$1_JSEndpoints; 11 | 12 | cat $dir/$1_live_jsfile_links | python3 ~/Tools/getjswords.py | sort -u > $dir/$1_JSWords; 13 | 14 | cat $dir/$1_live_jsfile_links | while read url ; do bash ~/Tools/jsvar.sh $url | sort -u | tee $dir/$1_JSXSS ; done; 15 | -------------------------------------------------------------------------------- /arsenal/large.sh: -------------------------------------------------------------------------------- 1 | gpath=~/go/bin/ 2 | dir=~/arsenal 3 | results=~/Recon/$domain 4 | red=`tput setaf 1` 5 | green=`tput setaf 2` 6 | reset=`tput sgr0` 7 | script_name="Large_Recon" 8 | 9 | 10 | for domain in $(cat $1); do 11 | 12 | echo '-----------------------------------------------------' 13 | echo "${red} Testing : ${green} ${domain} ${reset}" 14 | echo '-----------------------------------------------------' 15 | # Performing Subdomain Enumeration 16 | echo '-----------------------------------------------------' 17 | echo "${red} Performing : ${green} Subdomain Enumeration ${reset}" 18 | echo '-----------------------------------------------------' 19 | $dir/subdomain.sh $domain; 20 | echo '-----------------------------------------------------' 21 | echo "${red} Finished : ${green} Results are saved in ${results} folder ${reset}" 22 | echo '-----------------------------------------------------' 23 | # Finished Subdomain Enumeration 24 | 25 | # Performing Subdomain Bruteforcing 26 | #echo '-----------------------------------------------------' 27 | #echo "${red} Performing : ${green} Subdomain Bruteforcing ${reset}" 28 | #echo '-----------------------------------------------------' 29 | #$dir/subbruter.sh $domain; 30 | #echo '-----------------------------------------------------' 31 | #echo "${red} Finished : ${green} Results are saved in ${results} folder ${reset}" 32 | #echo '-----------------------------------------------------' 33 | # Finished Subdomain Bruteforcing 34 | 35 | # Performing Probing 36 | echo '-----------------------------------------------------' 37 | echo "${red} Performing : ${green} Probing ${reset}" 38 | echo '-----------------------------------------------------' 39 | $dir/prober.sh $domain; 40 | echo '-----------------------------------------------------' 41 | echo "${red} Finished : ${green} Results are saved in ${results} folder ${reset}" 42 | echo '-----------------------------------------------------' 43 | # Finished Probing 44 | 45 | # Performing Subdomain Takeover 46 | echo '-----------------------------------------------------' 47 | echo "${red} Performing : ${green} Subdomain Takeover ${reset}" 48 | echo '-----------------------------------------------------' 49 | $dir/takeover.sh $domain; 50 | echo '-----------------------------------------------------' 51 | echo "${red} Finished : ${green} Results are saved in ${results} folder ${reset}" 52 | echo '-----------------------------------------------------' 53 | # Finished Subdomain Takeover 54 | 55 | 56 | # Performing Template Scanning with Nuclei 57 | echo '-----------------------------------------------------' 58 | echo "${red} Performing : ${green} Template Scanning with Nuclei ${reset}" 59 | echo '-----------------------------------------------------' 60 | $dir/nuclear.sh $domain; 61 | echo '-----------------------------------------------------' 62 | echo "${red} Finished : ${green} Results are saved in ${results} folder ${reset}" 63 | echo '-----------------------------------------------------' 64 | # Finished Template Scanning with Nuclei 65 | 66 | # Performing Port Scanning with Naabu 67 | echo '-----------------------------------------------------' 68 | echo "${red} Performing : ${green} Port Scanning with Naabu ${reset}" 69 | echo '-----------------------------------------------------' 70 | $dir/portscan.sh $domain; 71 | echo '-----------------------------------------------------' 72 | echo "${red} Finished : ${green} Results are saved in ${results} folder ${reset}" 73 | echo '-----------------------------------------------------' 74 | # Finished Port Scanning with Naabu 75 | 76 | # Performing URL Extraction 77 | echo '-----------------------------------------------------' 78 | echo "${red} Performing : ${green} URL Extraction ${reset}" 79 | echo '-----------------------------------------------------' 80 | $dir/extractor.sh $domain; 81 | echo '-----------------------------------------------------' 82 | echo "${red} Finished : ${green} Results are saved in ${results} folder ${reset}" 83 | echo '-----------------------------------------------------' 84 | # Finished URL Extraction 85 | 86 | # Performing Vulnerable Pattern Search 87 | echo '-----------------------------------------------------' 88 | echo "${red} Performing : ${green} Vulnerable Pattern Search ${reset}" 89 | echo '-----------------------------------------------------' 90 | $dir/pattern.sh $domain; 91 | echo '-----------------------------------------------------' 92 | echo "${red} Finished : ${green} Results are saved in ${results} folder ${reset}" 93 | echo '-----------------------------------------------------' 94 | # Finished Vulnerable Pattern Search 95 | 96 | # Performing Parameter Discovery 97 | echo '-----------------------------------------------------' 98 | echo "${red} Performing : ${green} Parameter Discovery ${reset}" 99 | echo '-----------------------------------------------------' 100 | $dir/parameter.sh $domain; 101 | echo '-----------------------------------------------------' 102 | echo "${red} Finished : ${green} Results are saved in ${results} folder ${reset}" 103 | echo '-----------------------------------------------------' 104 | # Finished Parameter Discovery 105 | 106 | # Performing XSS Automation 107 | echo '-----------------------------------------------------' 108 | echo "${red} Performing : ${green} XSS Automation ${reset}" 109 | echo '-----------------------------------------------------' 110 | $dir/autoxss.sh $domain; 111 | echo '-----------------------------------------------------' 112 | echo "${red} Finished : ${green} Results are saved in ${results} folder ${reset}" 113 | echo '-----------------------------------------------------' 114 | # Finished XSS Automation 115 | 116 | # Performing GitHub Scanning 117 | echo '-----------------------------------------------------' 118 | echo "${red} Performing : ${green} GitHub Scanning ${reset}" 119 | echo '-----------------------------------------------------' 120 | $dir/gitter.sh $domain; 121 | echo '-----------------------------------------------------' 122 | echo "${red} Finished : ${green} Results are saved in ${results} folder ${reset}" 123 | echo '-----------------------------------------------------' 124 | # Finished GitHub Scanning 125 | 126 | # Performing FavIcon Hash Extraction 127 | echo '-----------------------------------------------------' 128 | echo "${red} Performing : ${green} Performing FavIcon Hash Extraction ${reset}" 129 | echo '-----------------------------------------------------' 130 | $dir/faver.sh $domain; 131 | echo '-----------------------------------------------------' 132 | echo "${red} Finished : ${green} Results are saved in ${results} folder ${reset}" 133 | echo '-----------------------------------------------------' 134 | # Finished FavIcon Hash Extraction 135 | 136 | # Performing Javascript Scan 137 | echo '-----------------------------------------------------' 138 | echo "${red} Performing : ${green} Javascript Scan ${reset}" 139 | echo '-----------------------------------------------------' 140 | $dir/jscan.sh $domain; 141 | echo '-----------------------------------------------------' 142 | echo "${red} Finished : ${green} Results are saved in ${results} folder ${reset}" 143 | echo '-----------------------------------------------------' 144 | # Finished Javascript Scan 145 | 146 | 147 | # Performing Secret Finder 148 | echo '-----------------------------------------------------' 149 | echo "${red} Performing : ${green} Performing Secret Finder ${reset}" 150 | echo '-----------------------------------------------------' 151 | $dir/secrets.sh $domain; 152 | echo '-----------------------------------------------------' 153 | echo "${red} Finished : ${green} Results are saved in ${results} folder ${reset}" 154 | echo '-----------------------------------------------------' 155 | # Finished Secret Finder 156 | 157 | # Performing Directory Fuzzing 158 | echo '-----------------------------------------------------' 159 | echo "${red} Performing : ${green} Performing Directory Fuzzing ${reset}" 160 | echo '-----------------------------------------------------' 161 | $dir/dirfuzz.sh $domain; 162 | echo '-----------------------------------------------------' 163 | echo "${red} Finished : ${green} Results are saved in ${results} folder ${reset}" 164 | echo '-----------------------------------------------------' 165 | # Finished Directory Fuzzing 166 | 167 | # Performing CORS Scan 168 | echo '-----------------------------------------------------' 169 | echo "${red} Performing : ${green} Performing CORS Scan ${reset}" 170 | echo '-----------------------------------------------------' 171 | $dir/corser.sh $domain; 172 | echo '-----------------------------------------------------' 173 | echo "${red} Finished : ${green} Results are saved in ${results} folder ${reset}" 174 | echo '-----------------------------------------------------' 175 | # Finished CORS Scan 176 | 177 | # Performing HeartBleed Scan 178 | echo '-----------------------------------------------------' 179 | echo "${red} Performing : ${green} Performing HeartBleed Scan ${reset}" 180 | echo '-----------------------------------------------------' 181 | $dir/bleed.sh $domain; 182 | echo '-----------------------------------------------------' 183 | echo "${red} Finished : ${green} Results are saved in ${results} folder ${reset}" 184 | echo '-----------------------------------------------------' 185 | # Finished HeartBleed Scan 186 | 187 | # Finished Recon 188 | echo '-----------------------------------------------------' 189 | echo "${red} Finished Recon on: ${green} ${domain} ${reset}" 190 | echo '-----------------------------------------------------' 191 | 192 | done 193 | 194 | # Notify discord 195 | python3 $dir/discord_bot.py ${script_name} $1 ${results} 196 | -------------------------------------------------------------------------------- /arsenal/medium.sh: -------------------------------------------------------------------------------- 1 | gpath=~/go/bin/ 2 | dir=~/arsenal 3 | results=~/Recon/$domain 4 | red=`tput setaf 1` 5 | green=`tput setaf 2` 6 | reset=`tput sgr0` 7 | script_name="Medium_Recon" 8 | 9 | for domain in $(cat $1); do 10 | 11 | echo '-----------------------------------------------------' 12 | echo "${red} Testing : ${green} ${domain} ${reset}" 13 | echo '-----------------------------------------------------' 14 | # Performing Subdomain Enumeration 15 | echo '-----------------------------------------------------' 16 | echo "${red} Performing : ${green} Subdomain Enumeration ${reset}" 17 | echo '-----------------------------------------------------' 18 | $dir/subdomain.sh $domain; 19 | echo '-----------------------------------------------------' 20 | echo "${red} Finished : ${green} Results are saved in ${results} folder ${reset}" 21 | echo '-----------------------------------------------------' 22 | # Finished Subdomain Enumeration 23 | 24 | # Performing Subdomain Bruteforcing 25 | echo '-----------------------------------------------------' 26 | echo "${red} Performing : ${green} Subdomain Bruteforcing ${reset}" 27 | echo '-----------------------------------------------------' 28 | $dir/subbruter.sh $domain; 29 | echo '-----------------------------------------------------' 30 | echo "${red} Finished : ${green} Results are saved in ${results} folder ${reset}" 31 | echo '-----------------------------------------------------' 32 | # Finished Subdomain Bruteforcing 33 | 34 | # Performing Subdomain Takeover 35 | echo '-----------------------------------------------------' 36 | echo "${red} Performing : ${green} Subdomain Takeover ${reset}" 37 | echo '-----------------------------------------------------' 38 | $dir/takeover.sh $domain; 39 | echo '-----------------------------------------------------' 40 | echo "${red} Finished : ${green} Results are saved in ${results} folder ${reset}" 41 | echo '-----------------------------------------------------' 42 | # Finished Subdomain Takeover 43 | 44 | # Performing Probing 45 | echo '-----------------------------------------------------' 46 | echo "${red} Performing : ${green} Probing ${reset}" 47 | echo '-----------------------------------------------------' 48 | $dir/prober.sh $domain; 49 | echo '-----------------------------------------------------' 50 | echo "${red} Finished : ${green} Results are saved in ${results} folder ${reset}" 51 | echo '-----------------------------------------------------' 52 | # Finished Probing 53 | 54 | # Performing Template Scanning with Nuclei 55 | echo '-----------------------------------------------------' 56 | echo "${red} Performing : ${green} Template Scanning with Nuclei ${reset}" 57 | echo '-----------------------------------------------------' 58 | $dir/nuclear.sh $domain; 59 | echo '-----------------------------------------------------' 60 | echo "${red} Finished : ${green} Results are saved in ${results} folder ${reset}" 61 | echo '-----------------------------------------------------' 62 | # Finished Template Scanning with Nuclei 63 | 64 | # Performing Port Scanning with Naabu 65 | echo '-----------------------------------------------------' 66 | echo "${red} Performing : ${green} Port Scanning with Naabu ${reset}" 67 | echo '-----------------------------------------------------' 68 | $dir/portscan.sh $domain; 69 | echo '-----------------------------------------------------' 70 | echo "${red} Finished : ${green} Results are saved in ${results} folder ${reset}" 71 | echo '-----------------------------------------------------' 72 | # Finished Port Scanning with Naabu 73 | 74 | # Performing URL Extraction 75 | echo '-----------------------------------------------------' 76 | echo "${red} Performing : ${green} URL Extraction ${reset}" 77 | echo '-----------------------------------------------------' 78 | $dir/extractor.sh $domain; 79 | echo '-----------------------------------------------------' 80 | echo "${red} Finished : ${green} Results are saved in ${results} folder ${reset}" 81 | echo '-----------------------------------------------------' 82 | # Finished URL Extraction 83 | 84 | # Performing Vulnerable Pattern Search 85 | echo '-----------------------------------------------------' 86 | echo "${red} Performing : ${green} Vulnerable Pattern Search ${reset}" 87 | echo '-----------------------------------------------------' 88 | $dir/pattern.sh $domain; 89 | echo '-----------------------------------------------------' 90 | echo "${red} Finished : ${green} Results are saved in ${results} folder ${reset}" 91 | echo '-----------------------------------------------------' 92 | # Finished Vulnerable Pattern Search 93 | 94 | # Performing Javascript Scan 95 | echo '-----------------------------------------------------' 96 | echo "${red} Performing : ${green} Javascript Scan ${reset}" 97 | echo '-----------------------------------------------------' 98 | $dir/jscan.sh $domain; 99 | echo '-----------------------------------------------------' 100 | echo "${red} Finished : ${green} Results are saved in ${results} folder ${reset}" 101 | echo '-----------------------------------------------------' 102 | # Finished Javascript Scan 103 | 104 | # Performing Secret Finder 105 | echo '-----------------------------------------------------' 106 | echo "${red} Performing : ${green} Performing Secret Finder ${reset}" 107 | echo '-----------------------------------------------------' 108 | $dir/secrets.sh $domain; 109 | echo '-----------------------------------------------------' 110 | echo "${red} Finished : ${green} Results are saved in ${results} folder ${reset}" 111 | echo '-----------------------------------------------------' 112 | # Finished Secret Finder 113 | 114 | # Performing Directory Fuzzing 115 | echo '-----------------------------------------------------' 116 | echo "${red} Performing : ${green} Performing Directory Fuzzing ${reset}" 117 | echo '-----------------------------------------------------' 118 | $dir/dirfuzz.sh $domain; 119 | echo '-----------------------------------------------------' 120 | echo "${red} Finished : ${green} Results are saved in ${results} folder ${reset}" 121 | echo '-----------------------------------------------------' 122 | # Finished Directory Fuzzing 123 | 124 | # Performing CORS Scan 125 | echo '-----------------------------------------------------' 126 | echo "${red} Performing : ${green} Performing CORS Scan ${reset}" 127 | echo '-----------------------------------------------------' 128 | $dir/corser.sh $domain; 129 | echo '-----------------------------------------------------' 130 | echo "${red} Finished : ${green} Results are saved in ${results} folder ${reset}" 131 | echo '-----------------------------------------------------' 132 | # Finished CORS Scan 133 | 134 | # Performing HeartBleed Scan 135 | echo '-----------------------------------------------------' 136 | echo "${red} Performing : ${green} Performing HeartBleed Scan ${reset}" 137 | echo '-----------------------------------------------------' 138 | $dir/bleed.sh $domain; 139 | echo '-----------------------------------------------------' 140 | echo "${red} Finished : ${green} Results are saved in ${results} folder ${reset}" 141 | echo '-----------------------------------------------------' 142 | # Finished HeartBleed Scan 143 | 144 | # Finished Recon 145 | echo '-----------------------------------------------------' 146 | echo "${red} Finished Recon on: ${green} ${domain} ${reset}" 147 | echo '-----------------------------------------------------' 148 | 149 | done 150 | 151 | # Notify discord 152 | python3 $dir/discord_bot.py ${script_name} $1 ${results} 153 | -------------------------------------------------------------------------------- /arsenal/nuclear.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | dir=~/Recon/$1 4 | 5 | cat $dir/$1_probed | nuclei -c 500 -silent -t ~/nuclei-templates/ -o $dir/$1_nuclei; 6 | 7 | -------------------------------------------------------------------------------- /arsenal/parameter.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | dir=~/Recon/$1 4 | 5 | python3 ~/Tools/ParamSpider/paramspider.py -d $1 -l high -o $dir/$1_params --exclude woff,css,js,png,svg,php,jpg; 6 | -------------------------------------------------------------------------------- /arsenal/params_loop.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | dir=~/Recon/$1 3 | params=$dir/param; 4 | mkdir params; 5 | for sub in $(cat $dir/$1_subdomains); do 6 | 7 | python3 paramspider.py -d $sub -l high -o $params/$sub_param.txt --exclude woff,css,js,png,svg,php,jpg; 8 | 9 | done 10 | -------------------------------------------------------------------------------- /arsenal/pattern.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | dir=~/Recon/$1 3 | 4 | gf xss $dir/$1_archive_extracts | cut -d : -f3- | sort -u > $dir/$1_xss; 5 | gf ssti $dir/$1_archive_extracts | sort -u > $dir/$1_ssti; 6 | gf ssrf $dir/$1_archive_extracts | sort -u > $dir/$1_ssrf; 7 | gf sqli $dir/$1_archive_extracts | sort -u > $dir/$1_sqli; 8 | gf redirect $dir/$1_archive_extracts | cut -d : -f3- | sort -u > $dir/$1_redirect; 9 | gf rce $dir/$1_archive_extracts | sort -u > $dir/$1_rce; 10 | gf potential $dir/$1_archive_extracts| cut -d : -f3- | sort -u > $dir/$1_potential; 11 | gf lfi $dir/$1_archive_extracts | sort -u > $dir/$1_lfi; 12 | -------------------------------------------------------------------------------- /arsenal/portscan.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | dir=~/Recon/$1 4 | 5 | naabu -iL $dir/$1_subdomains > $dir/$1_portscan; 6 | 7 | -------------------------------------------------------------------------------- /arsenal/portscan_single.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | dir=~/Recon/$1 4 | 5 | naabu $1 > $dir/$1_portscan; 6 | 7 | -------------------------------------------------------------------------------- /arsenal/probe_single.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | dir=~/Recon/$1 4 | mkdir $dir 5 | 6 | echo $1 | httpx -follow-redirects -status-code -vhost -threads 300 -silent | sort -u | grep "[200]" | cut -d [ -f1 | sort -u | sed 's/[[:blank:]]*$//' >> $dir/$1_probed; 7 | -------------------------------------------------------------------------------- /arsenal/prober.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | dir=~/Recon/$1 4 | 5 | cat $dir/$1_subdomains | httpx -follow-redirects -status-code -vhost -threads 300 -silent | sort -u | grep "[200]" | cut -d [ -f1 | sort -u | sed 's/[[:blank:]]*$//' >> $dir/$1_probed 6 | 7 | -------------------------------------------------------------------------------- /arsenal/providers.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "name":"github", 4 | "cname":["github.io", "github.map.fastly.net"], 5 | "response":["There isn't a GitHub Pages site here.", "For root URLs (like http://example.com/) you must provide an index.html file"] 6 | }, 7 | { 8 | "name":"heroku", 9 | "cname":["herokudns.com", "herokussl.com", "herokuapp.com"], 10 | "response":["There's nothing here, yet.", "herokucdn.com/error-pages/no-such-app.html", "No such app"] 11 | }, 12 | { 13 | "name":"unbounce", 14 | "cname":["unbouncepages.com"], 15 | "response":["The requested URL / was not found on this server.", "The requested URL was not found on this server"] 16 | }, 17 | { 18 | "name":"tumblr", 19 | "cname":["tumblr.com"], 20 | "response":["There's nothing here.", "Whatever you were looking for doesn't currently exist at this address."] 21 | }, 22 | { 23 | "name":"shopify", 24 | "cname":["myshopify.com"], 25 | "response":["Sorry, this shop is currently unavailable.", "Only one step left!"] 26 | }, 27 | { 28 | "name":"instapage", 29 | "cname":["pageserve.co", "secure.pageserve.co", "https://instapage.com/"], 30 | "response":["You've Discovered A Missing Link. Our Apologies!"] 31 | }, 32 | { 33 | "name":"desk", 34 | "cname":["desk.com"], 35 | "response":["Please try again or try Desk.com free for 14 days.", "Sorry, We Couldn't Find That Page"] 36 | }, 37 | { 38 | "name":"tictail", 39 | "cname":["tictail.com", "domains.tictail.com"], 40 | "response":["Building a brand of your own?", "to target URL: Trying to access your account?"] 46 | }, 47 | { 48 | "name":"cargocollective", 49 | "cname":["cargocollective.com"], 50 | "response":["404 Not Found"] 51 | }, 52 | { 53 | "name":"statuspage", 54 | "cname":["statuspage.io"], 55 | "response":["Better Status Communication", "You are being redirected"] 56 | }, 57 | { 58 | "name":"amazonaws", 59 | "cname":["amazonaws.com"], 60 | "response":["NoSuchBucket", "The specified bucket does not exist"] 61 | }, 62 | { 63 | "name":"cloudfront", 64 | "cname":["cloudfront.net"], 65 | "response":["The request could not be satisfied", "ERROR: The request could not be satisfied"] 66 | }, 67 | { 68 | "name":"bitbucket", 69 | "cname":["bitbucket.org"], 70 | "response":["The page you have requested does not exist"] 71 | }, 72 | { 73 | "name":"smartling", 74 | "cname":["smartling.com"], 75 | "response":["Domain is not configured"] 76 | }, 77 | { 78 | "name":"acquia", 79 | "cname":["acquia.com"], 80 | "response":["If you are an Acquia Cloud customer and expect to see your site at this address"] 81 | }, 82 | { 83 | "name":"fastly", 84 | "cname":["fastly.net"], 85 | "response":["Please check that this domain has been added to a service", "Fastly error: unknown domain"] 86 | }, 87 | { 88 | "name":"pantheon", 89 | "cname":["pantheonsite.io"], 90 | "response":["The gods are wise", "The gods are wise, but do not know of the site which you seek."] 91 | }, 92 | { 93 | "name":"zendesk", 94 | "cname":["zendesk.com"], 95 | "response":["Help Center Closed | Zendesk", "Help Center Closed"] 96 | }, 97 | { 98 | "name":"uservoice", 99 | "cname":["uservoice.com"], 100 | "response":["This UserVoice subdomain is currently available!"] 101 | }, 102 | { 103 | "name":"ghost", 104 | "cname":["ghost.io"], 105 | "response":["The thing you were looking for is no longer here", "The thing you were looking for is no longer here, or never was"] 106 | }, 107 | { 108 | "name":"pingdom", 109 | "cname":["stats.pingdom.com"], 110 | "response":["pingdom"] 111 | }, 112 | { 113 | "name":"tilda", 114 | "cname":["tilda.ws"], 115 | "response":["Domain has been assigned"] 116 | }, 117 | { 118 | "name":"wordpress", 119 | "cname":["wordpress.com"], 120 | "response":["Do you want to register"] 121 | }, 122 | { 123 | "name":"teamwork", 124 | "cname":["teamwork.com"], 125 | "response":["Oops - We didn't find your site."] 126 | }, 127 | { 128 | "name":"helpjuice", 129 | "cname":["helpjuice.com"], 130 | "response":["We could not find what you're looking for."] 131 | }, 132 | { 133 | "name":"helpscout", 134 | "cname":["helpscoutdocs.com"], 135 | "response":["No settings were found for this company:"] 136 | }, 137 | { 138 | "name":"cargo", 139 | "cname":["cargocollective.com"], 140 | "response":["If you're moving your domain away from Cargo you must make this configuration through your registrar's DNS control panel."] 141 | }, 142 | { 143 | "name":"feedpress", 144 | "cname":["redirect.feedpress.me"], 145 | "response":["The feed has not been found."] 146 | }, 147 | { 148 | "name":"surge", 149 | "cname":["surge.sh"], 150 | "response":["project not found"] 151 | }, 152 | { 153 | "name":"surveygizmo", 154 | "cname":["privatedomain.sgizmo.com", "privatedomain.surveygizmo.eu", "privatedomain.sgizmoca.com"], 155 | "response":["data-html-name"] 156 | }, 157 | { 158 | "name":"mashery", 159 | "cname":["mashery.com"], 160 | "response":["Unrecognized domain "] 161 | }, 162 | { 163 | "name":"intercom", 164 | "cname":["custom.intercom.help"], 165 | "response":["This page is reserved for artistic dogs.","

Uh oh. That page doesn’t exist.

"] 166 | }, 167 | { 168 | "name":"webflow", 169 | "cname":["proxy.webflow.io"], 170 | "response":["

The page you are looking for doesn't exist or has been moved.

"] 171 | }, 172 | { 173 | "name":"kajabi", 174 | "cname":["endpoint.mykajabi.com"], 175 | "response":["

The page you were looking for doesn't exist.

"] 176 | }, 177 | { 178 | "name":"thinkific", 179 | "cname":["thinkific.com"], 180 | "response":["You may have mistyped the address or the page may have moved."] 181 | }, 182 | { 183 | "name":"tave", 184 | "cname":["clientaccess.tave.com"], 185 | "response":["

Error 404: Page Not Found

"] 186 | }, 187 | { 188 | "name":"wishpond", 189 | "cname":["wishpond.com"], 190 | "response":["https://www.wishpond.com/404?campaign=true"] 191 | }, 192 | { 193 | "name":"aftership", 194 | "cname":["aftership.com"], 195 | "response":["Oops.

The page you're looking for doesn't exist."] 196 | }, 197 | { 198 | "name":"aha", 199 | "cname":["ideas.aha.io"], 200 | "response":["There is no portal here ... sending you back to Aha!"] 201 | }, 202 | { 203 | "name":"brightcove", 204 | "cname":["brightcovegallery.com", "gallery.video", "bcvp0rtal.com"], 205 | "response":["

Error Code: 404

"] 206 | }, 207 | { 208 | "name":"bigcartel", 209 | "cname":["bigcartel.com"], 210 | "response":["

Oops! We couldn’t find that page.

"] 211 | }, 212 | { 213 | "name":"activecompaign", 214 | "cname":["activehosted.com"], 215 | "response":["alt=\"LIGHTTPD - fly light.\""] 216 | }, 217 | { 218 | "name":"compaignmonitor", 219 | "cname":["createsend.com"], 220 | "response":["Double check the URL or =2020.11.8 10 | chardet<3.1.0 11 | urllib3<=1.24.3 12 | cryptography>1.3.4 13 | PySocks<=1.6.8 -------------------------------------------------------------------------------- /arsenal/resolvers.txt: -------------------------------------------------------------------------------- 1 | 2 | 208.98.188.82 3 | 190.11.225.2 4 | 193.17.47.1 5 | 194.186.122.210 6 | 186.167.16.187 7 | 199.85.127.20 8 | 81.149.21.254 9 | 186.237.202.26 10 | 81.211.21.98 11 | 79.187.201.179 12 | 112.171.175.135 13 | 87.233.226.243 14 | 9.9.9.9 15 | 109.228.9.74 16 | 88.59.65.21 17 | 177.52.232.7 18 | 204.95.160.2 19 | 103.86.96.100 20 | 200.159.205.12 21 | 193.251.169.83 22 | 62.97.196.149 23 | 59.153.85.25 24 | 202.130.97.66 25 | 1.33.184.157 26 | 80.228.231.48 27 | 202.86.129.98 28 | 1.241.172.70 29 | 172.104.49.100 30 | 94.247.43.254 31 | 177.130.206.101 32 | 82.64.45.186 33 | 210.225.128.98 34 | 203.173.162.179 35 | 208.67.220.220 36 | 177.20.178.12 37 | 66.28.0.61 38 | 64.6.64.6 39 | 31.3.193.62 40 | 211.75.48.98 41 | 195.202.147.102 42 | 193.138.78.117 43 | 109.228.23.101 44 | 109.73.91.70 45 | 203.146.237.237 46 | 167.233.5.204 47 | 200.59.236.202 48 | 203.126.118.102 49 | 190.56.135.221 50 | 61.93.207.118 51 | 202.158.38.162 52 | 62.97.123.107 53 | 159.192.137.80 54 | 202.182.53.17 55 | 202.44.53.251 56 | 103.54.218.154 57 | 178.22.113.198 58 | 212.145.159.96 59 | 202.30.55.11 60 | 202.134.52.105 61 | 200.99.138.103 62 | 216.194.28.33 63 | 179.60.235.209 64 | 207.188.83.213 65 | 61.60.85.66 66 | 81.175.40.21 67 | 66.119.188.199 68 | 217.147.96.210 69 | 93.91.145.230 70 | 59.124.244.6 71 | 186.215.192.243 72 | 54.252.183.4 73 | 45.90.30.193 74 | 190.124.166.8 75 | 124.6.167.35 76 | 80.15.35.59 77 | 195.57.47.3 78 | 163.172.107.158 79 | 176.103.130.130 80 | 64.111.16.2 81 | 37.71.154.166 82 | 202.86.129.106 83 | 193.78.240.12 84 | 60.249.37.54 85 | 45.225.123.54 86 | 82.148.207.170 87 | 200.11.52.202 88 | 195.235.225.10 89 | 210.242.228.25 90 | 202.21.99.42 91 | 109.228.5.111 92 | 74.120.24.97 93 | 79.190.224.27 94 | 178.210.102.193 95 | 69.63.73.141 96 | 209.211.254.18 97 | 45.225.123.34 98 | 37.59.80.218 99 | 95.141.206.1 100 | 5.58.74.133 101 | 217.30.169.18 102 | 200.115.141.138 103 | 88.204.180.222 104 | 210.177.222.168 105 | 194.224.52.37 106 | 116.212.96.75 107 | 202.159.112.193 108 | 54.94.175.250 109 | 212.28.34.65 110 | 207.67.115.254 111 | 109.70.132.17 112 | 213.229.161.85 113 | 216.106.1.2 114 | 193.22.119.195 115 | 80.78.237.4 116 | 4.0.0.53 117 | 59.125.166.50 118 | 103.209.52.250 119 | 199.101.81.97 120 | 147.97.16.66 121 | 94.255.146.44 122 | 109.70.207.43 123 | 60.249.212.149 124 | 46.130.117.36 125 | 202.175.45.2 126 | 114.114.114.110 127 | 200.57.7.61 128 | 77.68.83.207 129 | 210.176.64.219 130 | 37.128.169.249 131 | 64.111.16.3 132 | 188.207.200.113 133 | 213.124.119.218 134 | 41.224.250.224 135 | 115.127.19.129 136 | 204.193.157.30 137 | 59.152.214.132 138 | 187.75.155.116 139 | 209.237.227.203 140 | 69.24.197.9 141 | 221.186.117.10 142 | 82.196.13.196 143 | 103.134.220.158 144 | 103.85.107.102 145 | 216.52.254.1 146 | 202.58.199.171 147 | 46.28.130.214 148 | 82.209.228.234 149 | 88.79.149.4 150 | 45.77.61.165 151 | 124.6.167.149 152 | 180.180.247.41 153 | 209.250.128.6 154 | 59.124.72.210 155 | 116.126.142.201 156 | 103.98.176.23 157 | 201.63.81.10 158 | 210.177.222.162 159 | 103.23.150.88 160 | 190.57.234.194 161 | 202.175.63.37 162 | 218.103.8.74 163 | 213.244.66.226 164 | 187.32.81.223 165 | 152.101.179.129 166 | 210.0.255.251 167 | 180.180.241.2 168 | 93.81.253.51 169 | 62.153.165.107 170 | 103.22.245.70 171 | 118.219.234.144 172 | 188.252.69.3 173 | 165.16.48.9 174 | 14.63.217.213 175 | 211.105.7.5 176 | 193.200.69.233 177 | 210.232.183.3 178 | 177.66.203.10 179 | 24.229.42.161 180 | 168.95.1.1 181 | 84.54.226.50 182 | 195.46.186.75 183 | 210.66.73.137 184 | 90.187.33.117 185 | 194.179.1.100 186 | 77.68.95.225 187 | 199.116.57.181 188 | 154.70.151.66 189 | 45.90.28.203 190 | 213.251.133.164 191 | 89.236.217.93 192 | 146.247.80.144 193 | 109.228.14.101 194 | 176.58.92.111 195 | 213.125.107.179 196 | 210.116.119.185 197 | 5.42.229.148 198 | 46.166.189.68 199 | 18.180.123.223 200 | 165.98.138.194 201 | 62.28.250.13 202 | 193.79.242.39 203 | 94.200.27.186 204 | 212.244.48.137 205 | 1.33.184.193 206 | 195.5.179.30 207 | 80.95.220.186 208 | 109.254.13.190 209 | 77.34.10.67 210 | 203.190.55.129 211 | 77.88.8.1 212 | 183.177.101.51 213 | 170.247.211.253 214 | 203.126.238.211 215 | 216.106.88.3 216 | 205.147.105.236 217 | 195.67.74.135 218 | 104.152.211.99 219 | 67.52.15.27 220 | 209.40.238.71 221 | 46.231.210.26 222 | 202.147.193.107 223 | 91.203.177.216 224 | 201.144.135.211 225 | 37.152.45.194 226 | 203.198.7.66 227 | 202.44.32.29 228 | 65.73.54.2 229 | 68.87.68.162 230 | 117.18.119.36 231 | 74.93.247.57 232 | 69.67.97.18 233 | 60.248.34.85 234 | 87.23.196.161 235 | 195.46.9.131 236 | 91.221.229.84 237 | 103.254.106.166 238 | 66.18.240.197 239 | 95.129.96.154 240 | 200.110.130.195 241 | 152.101.4.130 242 | 163.24.162.3 243 | 218.102.1.8 244 | 220.135.181.105 245 | 124.6.170.225 246 | 195.198.13.186 247 | 78.130.38.222 248 | 213.11.172.45 249 | 103.87.160.146 250 | 8.8.4.4 251 | 5.39.118.16 252 | 203.8.201.10 253 | 148.235.82.66 254 | 65.111.169.166 255 | 213.171.217.147 256 | 76.164.163.150 257 | 82.208.99.185 258 | 76.72.248.34 259 | 180.180.247.42 260 | 210.56.14.146 261 | 212.200.113.130 262 | 124.6.164.233 263 | 193.200.69.242 264 | 217.24.255.134 265 | 220.132.76.195 266 | 62.219.21.64 267 | 151.252.139.24 268 | 124.6.168.81 269 | 181.14.195.114 270 | 122.200.254.203 271 | 93.63.229.132 272 | 170.210.83.110 273 | 165.227.162.76 274 | 103.255.243.252 275 | 216.228.104.3 276 | 58.185.177.165 277 | 103.8.27.15 278 | 176.221.10.213 279 | 194.187.251.67 280 | 205.213.172.36 281 | 177.184.131.180 282 | 200.172.90.4 283 | 5.102.56.38 284 | 85.25.105.193 285 | 209.211.254.19 286 | 68.87.77.130 287 | 194.177.56.1 288 | 193.158.99.67 289 | 101.110.34.62 290 | 114.114.115.115 291 | 205.171.202.66 292 | 211.126.202.126 293 | 213.171.217.148 294 | 209.237.227.198 295 | 195.60.70.6 296 | 65.48.140.179 297 | 65.111.169.169 298 | 202.46.34.74 299 | 64.212.106.85 300 | 82.151.66.178 301 | 101.255.56.249 302 | 1.1.1.3 303 | 62.99.77.54 304 | 93.187.83.201 305 | 209.191.129.65 306 | 72.22.86.34 307 | 103.240.65.226 308 | 108.166.105.234 309 | 202.248.20.133 310 | 109.205.112.9 311 | 200.42.174.250 312 | 208.79.218.162 313 | 199.2.252.10 314 | 193.137.95.117 315 | 164.77.245.34 316 | 173.167.215.57 317 | 1.32.58.250 318 | 202.29.172.153 319 | 212.31.32.130 320 | 201.30.200.141 321 | 146.230.128.6 322 | 205.171.202.25 323 | 88.208.218.166 324 | 1.1.1.1 325 | 209.237.227.195 326 | 148.78.200.7 327 | 65.39.166.134 328 | 200.40.228.114 329 | 182.71.213.139 330 | 41.231.30.138 331 | 203.186.61.66 332 | 87.215.134.201 333 | 72.51.45.108 334 | 190.109.224.227 335 | 62.149.128.2 336 | 1.32.58.251 337 | 209.225.106.43 338 | 192.211.0.10 339 | 200.148.191.197 340 | 200.179.97.194 341 | 197.253.12.229 342 | 195.53.69.133 343 | 58.27.149.70 344 | 5.102.56.177 345 | 202.58.198.150 346 | 194.7.1.4 347 | 202.82.21.33 348 | 193.33.224.253 349 | 90.63.164.80 350 | 115.127.19.137 351 | 210.87.250.154 352 | 195.5.179.29 353 | 202.181.213.110 354 | 103.87.160.66 355 | 200.209.145.234 356 | 129.250.35.250 357 | 1.33.199.57 358 | 195.77.162.220 359 | 103.244.159.82 360 | 189.42.239.34 361 | 91.208.144.50 362 | 203.171.33.150 363 | 109.70.207.44 364 | 60.32.151.210 365 | 196.21.247.1 366 | 179.191.86.162 367 | 89.235.136.61 368 | 200.110.130.194 369 | 200.252.235.20 370 | 213.184.147.26 371 | 154.73.209.69 372 | 193.58.204.59 373 | 46.16.216.25 374 | 223.197.220.13 375 | 203.141.131.66 376 | 87.96.144.179 377 | 195.77.235.10 378 | 186.215.128.142 379 | 203.34.118.51 380 | 190.149.249.57 381 | 114.141.2.103 382 | 124.6.168.191 383 | 190.167.229.12 384 | 93.91.140.127 385 | 198.82.247.34 386 | 74.120.24.129 387 | 200.115.176.23 388 | 181.49.2.242 389 | 200.35.80.154 390 | 195.46.39.39 391 | 193.159.232.5 392 | 114.114.114.119 393 | 204.70.127.128 394 | 168.215.210.50 395 | 109.228.9.40 396 | 195.98.79.117 397 | 122.56.105.82 398 | 204.97.212.10 399 | 194.7.138.41 400 | 210.0.128.251 401 | 64.6.65.6 402 | 200.185.113.202 403 | 213.157.50.130 404 | 37.139.11.137 405 | 216.17.128.1 406 | 82.96.64.2 407 | 109.168.43.86 408 | 200.62.147.66 409 | 89.19.228.52 410 | 81.27.162.100 411 | 216.136.95.2 412 | 123.193.34.20 413 | 177.37.175.11 414 | 210.61.2.99 415 | 65.48.235.249 416 | 162.13.11.127 417 | 117.54.10.217 418 | 77.88.8.7 419 | 159.255.193.22 420 | 177.43.76.244 421 | 203.186.217.188 422 | 190.8.168.1 423 | 210.1.31.42 424 | 202.147.193.108 425 | 63.251.161.1 426 | 92.43.33.90 427 | 217.75.213.19 428 | 65.48.229.96 429 | 210.201.110.80 430 | 62.225.102.177 431 | 62.251.167.196 432 | 177.67.201.203 433 | 103.232.35.101 434 | 210.5.56.145 435 | 146.230.254.16 436 | 124.6.169.87 437 | 82.253.23.73 438 | 89.108.128.220 439 | 124.6.167.91 440 | 194.224.52.36 441 | 110.77.151.42 442 | 68.87.77.134 443 | 202.44.55.66 444 | 222.122.43.43 445 | 195.239.49.194 446 | 217.69.169.25 447 | 210.190.105.66 448 | 67.17.215.133 449 | 62.122.101.59 450 | 193.9.242.78 451 | 91.232.102.4 452 | 193.215.74.3 453 | 77.89.232.86 454 | 178.150.45.81 455 | 65.244.0.14 456 | 50.203.152.202 457 | 207.99.19.69 458 | 103.28.114.134 459 | 125.227.62.229 460 | 41.57.120.161 461 | 70.88.112.101 462 | 109.226.238.177 463 | 1.34.161.95 464 | 190.4.63.110 465 | 210.48.77.68 466 | 217.77.71.1 467 | 217.13.80.252 468 | 1.33.184.253 469 | 168.1.79.229 470 | 59.124.195.5 471 | 61.92.164.145 472 | 172.105.81.90 473 | 202.174.158.10 474 | 5.175.225.2 475 | 77.88.8.2 476 | 177.69.96.187 477 | 195.22.25.132 478 | 169.239.120.6 479 | 202.130.102.211 480 | 177.67.81.134 481 | 187.32.7.196 482 | 182.171.247.189 483 | 184.105.193.74 484 | 59.124.246.91 485 | 83.97.23.226 486 | 176.103.130.131 487 | 80.254.98.212 488 | 204.15.52.15 489 | 75.117.247.211 490 | 80.178.170.176 491 | 206.212.241.14 492 | 168.187.234.58 493 | 82.165.76.185 494 | 186.194.224.82 495 | 101.78.230.189 496 | 5.83.92.254 497 | 74.94.48.97 498 | 200.195.180.226 499 | 203.141.200.204 500 | 211.181.233.206 501 | 88.208.248.13 502 | 209.200.117.42 503 | 79.143.180.116 504 | 89.106.109.235 505 | 62.28.166.140 506 | 130.185.242.224 507 | 84.96.26.139 508 | 203.147.91.2 509 | 198.153.194.1 510 | 193.183.98.66 511 | 149.112.149.112 512 | 204.90.92.4 513 | 175.126.123.238 514 | 202.86.133.35 515 | 80.80.81.81 516 | 153.19.105.120 517 | 84.16.240.43 518 | 124.6.188.3 519 | 175.100.120.27 520 | 103.138.223.250 521 | 68.87.76.182 522 | 77.79.210.30 523 | 222.154.228.64 524 | 62.28.175.214 525 | 210.87.250.59 526 | 218.38.58.185 527 | 210.0.128.241 528 | 202.56.8.197 529 | 200.205.44.154 530 | 187.141.108.200 531 | 74.203.248.220 532 | 65.111.169.159 533 | 200.99.138.104 534 | 24.48.219.154 535 | 66.98.34.58 536 | 119.73.137.211 537 | 151.80.222.79 538 | 195.10.195.195 539 | 184.149.50.25 540 | 81.16.8.110 541 | 177.159.232.53 542 | 208.180.0.250 543 | 82.134.16.250 544 | 193.190.75.119 545 | 95.154.173.200 546 | 202.168.199.52 547 | 61.90.191.10 548 | 88.208.211.65 549 | 177.93.250.3 550 | 223.31.121.171 551 | 204.194.234.200 552 | 66.240.146.122 553 | 8.20.247.20 554 | 149.112.121.20 555 | 88.208.244.225 556 | 213.181.166.26 557 | 46.17.184.76 558 | 62.48.241.226 559 | 170.239.213.68 560 | 62.210.180.71 561 | 5.9.172.92 562 | 5.102.56.169 563 | 211.129.155.175 564 | 81.83.19.129 565 | 212.230.255.1 566 | 125.227.243.159 567 | 78.7.251.131 568 | 176.28.107.12 569 | 195.76.198.10 570 | 202.62.11.75 571 | 200.99.138.94 572 | 139.5.35.58 573 | 220.110.210.114 574 | 8.20.247.10 575 | 186.225.194.29 576 | 195.88.203.248 577 | 200.105.253.170 578 | 190.58.23.133 579 | 101.78.230.190 580 | 217.108.101.30 581 | 61.46.244.211 582 | 193.95.93.243 583 | 212.119.193.78 584 | 177.19.217.206 585 | 83.171.107.52 586 | 194.168.8.123 587 | 45.133.105.123 588 | 72.51.45.191 589 | 109.238.224.178 590 | 106.240.228.50 591 | 107.191.48.176 592 | 213.0.77.5 593 | 184.67.74.179 594 | 177.135.204.163 595 | 80.64.32.2 596 | 181.48.29.108 597 | 203.167.92.254 598 | 89.197.7.74 599 | 124.6.165.16 600 | 206.51.143.55 601 | 151.1.141.155 602 | 101.102.103.104 603 | 198.199.103.49 604 | 195.250.58.10 605 | 195.77.252.36 606 | 124.219.73.220 607 | 171.25.229.166 608 | 93.95.215.84 609 | 213.24.238.26 610 | 115.42.228.246 611 | 83.103.36.213 612 | 193.183.18.21 613 | 61.78.35.206 614 | 31.47.196.210 615 | 193.190.66.4 616 | 204.95.160.4 617 | 43.229.62.192 618 | 188.225.179.158 619 | 203.146.26.8 620 | 198.251.100.2 621 | 62.233.128.17 622 | 65.203.109.2 623 | 203.126.118.38 624 | 103.151.109.1 625 | 199.85.126.10 626 | 186.64.122.105 627 | 178.237.150.2 628 | 168.95.192.1 629 | 186.149.243.52 630 | 101.101.101.101 631 | 91.239.100.100 632 | 130.244.126.100 633 | 61.219.228.166 634 | 193.58.251.251 635 | 4.2.2.1 636 | 208.67.222.220 637 | 210.205.122.161 638 | 176.103.130.137 639 | 150.254.125.203 640 | 1.33.184.234 641 | 203.239.190.50 642 | 80.67.169.40 643 | 80.248.72.1 644 | 103.22.245.50 645 | 66.199.45.225 646 | 193.19.64.88 647 | 103.251.112.67 648 | 216.106.1.254 649 | 85.90.160.69 650 | 206.165.6.12 651 | 202.56.8.198 652 | 199.16.220.189 653 | 194.61.59.25 654 | 190.122.186.214 655 | 177.37.175.118 656 | 161.200.96.9 657 | 210.176.64.218 658 | 209.244.0.3 659 | 59.148.250.34 660 | 196.43.199.61 661 | 69.63.64.12 662 | 59.188.74.1 663 | 80.48.144.8 664 | 92.223.65.32 665 | 80.228.63.124 666 | 223.5.5.5 667 | 177.91.255.10 668 | 81.17.31.34 669 | 210.48.77.69 670 | 211.72.109.235 671 | 168.196.40.154 672 | 178.150.206.87 673 | 178.210.42.50 674 | 212.34.241.14 675 | 173.71.30.195 676 | 103.98.176.39 677 | 82.80.196.156 678 | 46.171.32.54 679 | 217.12.181.97 680 | 218.145.160.73 681 | 212.36.64.16 682 | 119.205.210.61 683 | 124.158.90.27 684 | 104.131.37.180 685 | 124.6.165.193 686 | 193.110.252.21 687 | 86.53.112.126 688 | 194.42.198.199 689 | 8.26.56.10 690 | 121.176.16.144 691 | 202.175.81.160 692 | 202.14.67.14 693 | 180.94.153.175 694 | 182.93.14.178 695 | 80.66.158.118 696 | 162.247.147.98 697 | 194.224.229.56 698 | 200.119.192.58 699 | 154.72.197.138 700 | 190.105.152.28 701 | 192.100.164.125 702 | 87.213.100.113 703 | 213.55.96.148 704 | 61.19.42.5 705 | 4.2.2.6 706 | 62.244.115.228 707 | 210.5.56.146 708 | 211.221.79.4 709 | 81.95.125.20 710 | 157.92.190.15 711 | 80.83.162.11 712 | 162.212.13.62 713 | 190.56.163.189 714 | 193.26.6.215 715 | 216.230.151.221 716 | 61.219.108.121 717 | 64.2.142.22 718 | 205.242.187.234 719 | 199.85.127.10 720 | 119.201.155.161 721 | 213.0.77.8 722 | 209.130.139.2 723 | 213.156.49.106 724 | 189.111.254.56 725 | 66.70.228.164 726 | 90.183.151.107 727 | 209.252.188.103 728 | 202.222.192.33 729 | 74.120.24.81 730 | 194.213.61.115 731 | 200.68.18.204 732 | 66.199.241.115 733 | 185.68.179.183 734 | 84.96.26.129 735 | 1.209.43.1 736 | 59.125.90.50 737 | 178.62.57.141 738 | 202.86.128.85 739 | 92.154.30.50 740 | 217.11.176.244 741 | 198.99.193.1 742 | 1.0.0.1 743 | 187.157.46.210 744 | 172.105.81.92 745 | 188.92.209.129 746 | 212.83.168.230 747 | 203.189.89.157 748 | 200.42.174.188 749 | 14.35.201.12 750 | 65.111.169.170 751 | 181.14.245.186 752 | 72.14.186.159 753 | 37.71.95.218 754 | 88.204.222.166 755 | 68.216.230.2 756 | 202.86.179.215 757 | 86.107.249.193 758 | 203.198.68.197 759 | 82.103.129.72 760 | 41.79.124.10 761 | 91.137.135.75 762 | 212.89.130.180 763 | 194.224.52.4 764 | 41.57.120.177 765 | 216.146.36.36 766 | 192.221.134.0 767 | 202.86.251.201 768 | 124.6.174.103 769 | 182.19.95.34 770 | 50.241.0.98 771 | 179.60.232.10 772 | 103.194.120.33 773 | 88.151.140.202 774 | 200.196.57.42 775 | 194.247.25.110 776 | 58.185.57.18 777 | 84.52.103.114 778 | 79.161.49.34 779 | 211.11.195.114 780 | 59.120.147.65 781 | 164.100.138.248 782 | 46.20.67.50 783 | 203.162.11.12 784 | 193.109.163.202 785 | 103.78.215.212 786 | 103.21.194.19 787 | 217.112.27.34 788 | 187.33.230.114 789 | 78.156.159.132 790 | 61.98.113.222 791 | 62.97.223.62 792 | 196.200.184.31 793 | 82.223.210.111 794 | 206.53.192.41 795 | 62.37.225.57 796 | 38.132.106.139 797 | 103.194.120.129 798 | 98.101.120.225 799 | 95.87.252.178 800 | 218.149.84.50 801 | 195.77.252.37 802 | 37.29.119.100 803 | 124.6.164.213 804 | 65.111.169.168 805 | 216.66.104.72 806 | 95.140.194.110 807 | 59.125.182.149 808 | 92.43.224.1 809 | 88.151.179.6 810 | 64.132.94.250 811 | 62.146.202.2 812 | 193.67.79.39 813 | 62.251.175.254 814 | 216.52.97.33 815 | 209.137.146.2 816 | 144.76.83.104 817 | 62.122.103.59 818 | 78.110.93.91 819 | 8.8.8.8 820 | 5.45.96.220 821 | 190.211.104.93 822 | 41.58.181.74 823 | 217.13.116.5 824 | 129.71.254.12 825 | 211.34.105.59 826 | 131.100.182.222 827 | 69.20.169.49 828 | 62.28.103.134 829 | 208.84.200.28 830 | 198.153.192.1 831 | 180.94.94.194 832 | 200.205.150.210 833 | 177.130.60.40 834 | 198.52.109.178 835 | 176.103.130.136 836 | 107.161.16.30 837 | 212.118.241.1 838 | 49.0.184.30 839 | 187.6.84.178 840 | 91.93.102.43 841 | 200.55.54.234 842 | 203.144.207.49 843 | 129.250.35.251 844 | 202.175.63.36 845 | 176.9.136.236 846 | 193.9.240.62 847 | 165.243.115.78 848 | 115.31.175.82 849 | 202.147.193.110 850 | 109.71.42.228 851 | 138.36.1.131 852 | 125.141.144.67 853 | 62.85.160.208 854 | 62.168.251.166 855 | 46.16.229.223 856 | 190.57.233.101 857 | 50.204.108.198 858 | 83.144.93.10 859 | 196.13.141.10 860 | 43.229.60.176 861 | 84.53.244.67 862 | 156.154.71.2 863 | 77.68.46.58 864 | 217.73.17.110 865 | 124.195.190.243 866 | 78.136.66.5 867 | 177.86.233.170 868 | 220.128.99.157 869 | 187.44.1.140 870 | 193.110.60.3 871 | 213.5.120.2 872 | 200.85.0.107 873 | 185.98.244.214 874 | 62.86.183.222 875 | 88.116.91.158 876 | 61.78.59.74 877 | 92.222.117.114 878 | 203.189.89.156 879 | 103.113.200.10 880 | 62.129.252.252 881 | 81.211.96.62 882 | 194.168.4.123 883 | 89.233.43.71 884 | 41.225.236.101 885 | 212.23.64.92 886 | 208.66.105.4 887 | 103.244.205.190 888 | 41.57.188.229 889 | 168.126.63.1 890 | 200.99.138.13 891 | 195.77.252.34 892 | 200.222.51.208 893 | 200.46.199.56 894 | 212.118.241.33 895 | 177.104.127.114 896 | 91.121.143.182 897 | 113.190.253.229 898 | 188.118.227.21 899 | 83.221.202.188 900 | 218.103.37.238 901 | 88.157.200.129 902 | 203.207.52.206 903 | 89.211.53.228 904 | 195.67.74.129 905 | 185.83.148.251 906 | 179.185.88.86 907 | 165.87.13.129 908 | 216.173.178.83 909 | 189.113.75.5 910 | 194.7.138.43 911 | 83.103.61.107 912 | 74.82.42.42 913 | 124.6.168.241 914 | 178.210.102.225 915 | 194.149.145.132 916 | 216.169.187.240 917 | 202.164.44.246 918 | 181.110.241.74 919 | 60.248.94.66 920 | 46.228.199.116 921 | 61.111.22.2 922 | 84.199.232.98 923 | 177.222.141.3 924 | 24.181.107.229 925 | 87.103.120.164 926 | 91.103.112.150 927 | 206.251.24.16 928 | 156.154.71.1 929 | 74.84.64.170 930 | 142.163.54.101 931 | 109.70.207.80 932 | 109.123.19.5 933 | 200.45.184.43 934 | 8.26.56.26 935 | 45.71.185.100 936 | 115.178.73.100 937 | 69.20.134.33 938 | 80.55.253.114 939 | 186.193.181.226 940 | 67.79.47.3 941 | 194.125.133.10 942 | 200.223.129.162 943 | 112.216.108.254 944 | 193.194.70.66 945 | 109.237.3.122 946 | 193.190.213.42 947 | 103.87.160.49 948 | 186.179.241.146 949 | 204.194.232.200 950 | 109.73.10.58 951 | 109.7.9.141 952 | 69.59.209.34 953 | 185.92.196.182 954 | 210.243.188.127 955 | 198.175.228.33 956 | 204.193.157.31 957 | 4.2.2.4 958 | 43.249.196.93 959 | 89.236.235.54 960 | 213.242.237.69 961 | 82.194.76.71 962 | 1.0.0.3 963 | 201.45.193.131 964 | 192.221.135.0 965 | 90.82.197.129 966 | 185.107.80.84 967 | 91.190.142.200 968 | 159.134.248.17 969 | 109.234.248.8 970 | 195.22.25.130 971 | 201.144.40.139 972 | 77.85.169.102 973 | 210.16.120.48 974 | 59.125.7.96 975 | 43.225.201.196 976 | 88.129.219.10 977 | 210.0.128.242 978 | 202.86.191.50 979 | 103.15.62.69 980 | 78.9.110.22 981 | 180.180.247.38 982 | 177.43.35.247 983 | 203.146.127.85 984 | 154.72.212.38 985 | 124.6.168.227 986 | 31.47.196.211 987 | 103.132.245.254 988 | 95.129.58.55 989 | 5.57.148.177 990 | 124.6.169.35 991 | 103.251.112.62 992 | 84.200.69.80 993 | 91.112.103.26 994 | 83.240.158.216 995 | 83.136.136.147 996 | 103.61.69.185 997 | 109.145.112.157 998 | 124.6.175.125 999 | 124.6.165.253 1000 | 213.229.188.142 1001 | 201.144.54.2 1002 | 185.30.211.154 1003 | 46.173.34.32 1004 | 12.150.25.218 1005 | 207.248.224.72 1006 | 162.221.207.228 1007 | 89.255.2.227 1008 | 195.189.130.1 1009 | 185.8.3.151 1010 | 177.36.152.171 1011 | 220.128.154.100 1012 | 212.75.208.170 1013 | 91.208.193.1 1014 | 88.149.193.46 1015 | 92.247.24.30 1016 | 212.45.25.202 1017 | 85.93.217.105 1018 | 89.171.68.66 1019 | 80.248.157.26 1020 | 92.111.212.210 1021 | 164.215.108.133 1022 | 5.135.215.51 1023 | 68.87.72.130 1024 | 92.38.152.163 1025 | 196.15.170.131 1026 | 180.76.76.76 1027 | 203.239.130.3 1028 | 66.249.150.51 1029 | 200.220.192.88 1030 | 194.209.157.109 1031 | 198.175.228.44 1032 | 103.29.44.1 1033 | 210.1.58.21 1034 | 83.223.44.125 1035 | 75.103.119.77 1036 | 1.1.1.2 1037 | 109.202.11.6 1038 | 195.26.152.19 1039 | 188.227.240.58 1040 | 209.244.0.4 1041 | 81.82.199.111 1042 | 108.162.46.243 1043 | 8.0.6.0 1044 | 180.180.247.37 1045 | 177.159.232.52 1046 | 195.243.214.4 1047 | 195.46.39.40 1048 | 103.78.73.171 1049 | 43.224.121.177 1050 | 217.13.116.4 1051 | 195.189.150.37 1052 | 88.208.229.248 1053 | 68.87.76.178 1054 | 210.1.58.22 1055 | 168.9.128.14 1056 | 216.187.93.250 1057 | 198.190.61.1 1058 | 87.229.187.110 1059 | 213.241.88.98 1060 | 177.131.114.86 1061 | 195.238.40.45 1062 | 216.237.114.148 1063 | 103.194.120.3 1064 | 190.149.251.173 1065 | 89.17.194.43 1066 | 195.162.81.150 1067 | 195.162.82.65 1068 | 195.8.8.2 1069 | 62.37.225.56 1070 | 64.128.251.228 1071 | 89.200.168.203 1072 | 80.80.80.80 1073 | 87.229.181.38 1074 | 109.233.144.52 1075 | 195.34.237.111 1076 | 212.100.143.211 1077 | 124.6.167.183 1078 | 203.201.60.12 1079 | 176.120.200.34 1080 | 80.254.5.142 1081 | 202.43.74.146 1082 | 221.119.13.154 1083 | 138.36.1.111 1084 | 92.60.50.40 1085 | 122.129.64.10 1086 | 62.225.66.19 1087 | 77.68.45.252 1088 | 68.87.68.166 1089 | 193.111.200.191 1090 | 62.28.183.147 1091 | 69.25.1.33 1092 | 83.236.183.211 1093 | 124.6.187.38 1094 | 156.154.70.1 1095 | 75.150.235.81 1096 | 113.196.55.130 1097 | 103.53.197.218 1098 | 83.218.176.140 1099 | 61.125.143.90 1100 | 59.127.13.183 1101 | 103.13.31.240 1102 | 201.44.177.131 1103 | 103.234.254.54 1104 | 165.87.201.244 1105 | 86.48.98.10 1106 | 193.95.93.77 1107 | 185.66.9.142 1108 | 90.183.151.106 1109 | 66.175.146.133 1110 | 65.49.37.195 1111 | 216.237.114.149 1112 | 213.125.105.234 1113 | 208.91.112.53 1114 | 213.184.225.37 1115 | 220.90.212.161 1116 | 200.87.195.70 1117 | 124.6.173.69 1118 | 202.175.89.60 1119 | 169.53.182.120 1120 | 88.208.245.220 1121 | 195.53.69.148 1122 | 185.51.61.101 1123 | 202.64.161.118 1124 | 122.56.107.86 1125 | 177.222.251.122 1126 | 217.170.128.27 1127 | 2.228.121.163 1128 | 202.155.222.251 1129 | 200.159.205.11 1130 | 121.152.231.196 1131 | 202.175.19.169 1132 | 221.154.98.205 1133 | 45.33.97.5 1134 | 195.88.203.251 1135 | 180.42.87.49 1136 | 165.16.6.43 1137 | 144.76.173.169 1138 | 201.116.184.131 1139 | 195.204.130.85 1140 | 92.46.49.13 1141 | 61.209.255.131 1142 | 195.76.233.2 1143 | 212.244.78.90 1144 | 116.66.197.183 1145 | 188.21.14.72 1146 | 201.220.136.186 1147 | 31.129.186.43 1148 | 200.115.141.136 1149 | 119.160.211.198 1150 | 212.19.106.134 1151 | 222.234.2.183 1152 | 200.169.8.1 1153 | 62.2.121.88 1154 | 62.134.17.82 1155 | 103.8.27.14 1156 | 186.215.225.243 1157 | 1.0.0.2 1158 | 50.194.130.97 1159 | 220.241.92.140 1160 | 193.226.61.1 1161 | 37.195.200.66 1162 | 158.43.240.4 1163 | 91.143.212.70 1164 | 89.26.249.19 1165 | 103.23.150.89 1166 | 195.228.219.226 1167 | 89.237.130.186 1168 | 121.202.228.25 1169 | 91.121.134.117 1170 | 216.185.64.6 1171 | 4.2.2.3 1172 | 188.122.90.219 1173 | 86.58.179.6 1174 | 209.252.188.104 1175 | 85.94.178.198 1176 | 169.38.73.5 1177 | 194.125.133.11 1178 | 164.77.214.132 1179 | 4.2.2.5 1180 | 213.24.237.210 1181 | 203.127.232.194 1182 | 124.6.164.175 1183 | 195.113.144.194 1184 | 202.180.161.1 1185 | 190.128.224.236 1186 | 59.15.69.82 1187 | 187.61.9.42 1188 | 89.23.192.109 1189 | 199.27.185.149 1190 | 84.18.156.85 1191 | 62.197.103.39 1192 | 103.198.192.43 1193 | 168.181.111.10 1194 | 121.128.168.1 1195 | 94.100.86.238 1196 | 64.247.161.186 1197 | 212.216.172.222 1198 | 202.51.74.97 1199 | 177.92.0.90 1200 | 46.246.29.69 1201 | 177.37.161.91 1202 | 83.233.135.188 1203 | 125.141.196.236 1204 | 209.213.232.32 1205 | 169.255.153.58 1206 | 165.16.68.1 1207 | 216.254.141.13 1208 | 168.126.93.10 1209 | 218.146.255.235 1210 | 117.122.125.106 1211 | 58.185.2.212 1212 | 62.212.113.125 1213 | 79.175.208.28 1214 | 187.60.128.69 1215 | 69.63.73.146 1216 | 125.206.220.10 1217 | 194.247.190.70 1218 | 101.78.189.210 1219 | 193.34.173.206 1220 | 195.53.69.132 1221 | 77.88.8.88 1222 | 61.78.35.202 1223 | 208.80.0.62 1224 | 83.69.120.1 1225 | 210.0.128.250 1226 | 40.86.216.160 1227 | 62.81.238.230 1228 | 203.81.75.37 1229 | 211.72.106.204 1230 | 94.236.218.254 1231 | 203.147.7.7 1232 | 194.7.15.70 1233 | 178.237.152.146 1234 | 208.67.220.222 1235 | 37.153.202.186 1236 | 170.56.58.53 1237 | 148.251.194.74 1238 | 88.80.64.8 1239 | 156.154.70.16 1240 | 124.6.167.167 1241 | 185.82.22.133 1242 | 211.188.11.201 1243 | 81.1.217.134 1244 | 148.251.92.241 1245 | 218.235.251.2 1246 | 124.6.165.95 1247 | 190.86.139.62 1248 | 114.114.115.110 1249 | 189.113.132.101 1250 | 167.233.5.203 1251 | 201.247.58.46 1252 | 185.51.204.10 1253 | 45.173.200.10 1254 | 193.15.1.54 1255 | 188.138.57.95 1256 | 149.112.112.10 1257 | 46.182.19.48 1258 | 87.247.10.22 1259 | 91.239.207.90 1260 | 217.174.240.99 1261 | 94.190.183.145 1262 | 41.221.186.250 1263 | 47.90.0.25 1264 | 37.235.70.59 1265 | 197.248.116.74 1266 | 65.111.169.164 1267 | 103.86.99.100 1268 | 210.59.209.19 1269 | 212.66.129.107 1270 | 94.245.40.116 1271 | 204.117.214.10 1272 | 124.6.164.69 1273 | 82.146.26.2 1274 | 202.43.162.100 1275 | 194.243.154.62 1276 | 149.112.112.12 1277 | 210.0.255.216 1278 | 201.134.115.36 1279 | 216.55.99.221 1280 | 202.158.49.187 1281 | 5.196.75.34 1282 | 209.244.0.53 1283 | 117.121.215.101 1284 | 189.4.130.159 1285 | 103.130.172.242 1286 | 62.48.241.227 1287 | 103.77.188.18 1288 | 187.141.85.108 1289 | 85.132.85.85 1290 | 181.143.35.154 1291 | 186.216.63.97 1292 | 189.55.193.173 1293 | 221.157.68.100 1294 | 217.115.40.123 1295 | 103.77.227.162 1296 | 59.124.69.205 1297 | 27.123.22.82 1298 | 212.124.226.242 1299 | 60.250.82.24 1300 | 175.45.61.220 1301 | 207.172.157.201 1302 | 84.124.52.46 1303 | 82.77.137.242 1304 | 61.90.191.14 1305 | 190.108.85.3 1306 | 37.235.1.177 1307 | 213.229.136.30 1308 | 158.132.187.187 1309 | 81.83.18.81 1310 | 202.39.210.77 1311 | 61.222.14.170 1312 | 185.228.169.9 1313 | 65.111.169.160 1314 | 158.193.86.29 1315 | 188.40.115.29 1316 | 178.248.160.140 1317 | 89.29.128.250 1318 | 177.104.118.42 1319 | 208.67.222.222 1320 | 207.47.132.29 1321 | 192.116.158.140 1322 | 158.43.128.72 1323 | 89.108.129.220 1324 | 91.122.77.189 1325 | 83.246.140.204 1326 | 103.77.188.19 1327 | 46.234.226.122 1328 | 202.181.242.131 1329 | 64.233.207.16 1330 | 62.40.32.33 1331 | 109.228.0.238 1332 | 103.245.147.201 1333 | 62.153.141.15 1334 | 62.152.66.26 1335 | 109.228.25.186 1336 | 172.104.237.57 1337 | 200.167.191.114 1338 | 69.70.21.150 1339 | 77.88.8.3 1340 | 177.184.131.54 1341 | 62.82.213.91 1342 | 199.88.158.1 1343 | 66.162.39.114 1344 | 45.55.147.169 1345 | 212.43.98.12 1346 | 141.0.102.202 1347 | 212.152.166.82 1348 | 88.198.37.146 1349 | 87.224.18.136 1350 | 216.146.35.35 1351 | 37.59.63.148 1352 | 124.6.167.115 1353 | 62.129.252.215 1354 | 61.93.221.46 1355 | 195.162.8.154 1356 | 213.163.127.229 1357 | 125.212.202.19 1358 | 109.70.207.146 1359 | 200.105.133.162 1360 | 103.11.98.187 1361 | 182.93.18.83 1362 | 202.77.0.1 1363 | 149.112.121.30 1364 | 195.234.239.130 1365 | 177.124.247.2 1366 | 217.6.131.248 1367 | 4.2.2.2 1368 | 164.160.147.21 1369 | 46.107.30.182 1370 | 203.126.107.195 1371 | 140.116.77.16 1372 | 80.250.60.241 1373 | 46.105.55.84 1374 | 210.0.255.250 1375 | 208.254.148.100 1376 | 77.68.41.48 1377 | 209.143.22.182 1378 | 218.102.23.228 1379 | 41.228.66.65 1380 | 24.229.250.113 1381 | 138.36.1.14 1382 | 27.54.122.105 1383 | 177.37.175.104 1384 | 160.119.209.148 1385 | 81.222.251.2 1386 | 177.12.230.174 1387 | 149.112.112.112 1388 | 80.14.133.244 1389 | 186.120.184.35 1390 | 83.19.241.2 1391 | 202.88.99.221 1392 | 202.92.168.47 1393 | 202.43.162.37 1394 | 212.19.96.2 1395 | 162.243.19.47 1396 | 69.60.134.50 1397 | 202.134.87.4 1398 | 200.115.141.140 1399 | 182.93.18.84 1400 | 221.143.46.198 1401 | 49.236.193.35 1402 | 101.110.50.106 1403 | 177.159.232.50 1404 | 62.196.16.66 -------------------------------------------------------------------------------- /arsenal/secrets.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | dir=~/Recon/$1 4 | 5 | cat $dir/$1_probed | xargs -I %% bash -c 'python3 ~/Tools/SecretFinder/SecretFinder.py -i %% -e -o cli' > $dir/$1_secretfinder; 6 | #interlace -tL $dir/$1_probed -threads 5 -c "python3 ~/Tools/SecretFinder/SecretFinder.py -i _target_ -o cli >> $dir/$1_secretfinder" -v 7 | cat $dir/$1_secretfinder | grep 'google_api' -B 1 | sort -u > $dir/$1_gmapapi; 8 | 9 | -------------------------------------------------------------------------------- /arsenal/small.sh: -------------------------------------------------------------------------------- 1 | gpath=~/go/bin/ 2 | dir=~/arsenal 3 | results=~/Recon/$domain 4 | red=`tput setaf 1` 5 | green=`tput setaf 2` 6 | reset=`tput sgr0` 7 | script_name="Small_Recon" 8 | 9 | for domain in $(cat $1); do 10 | echo '-----------------------------------------------------' 11 | echo "${red} Testing : ${green} ${domain} ${reset}" 12 | echo '-----------------------------------------------------' 13 | 14 | # Performing Probing 15 | echo '-----------------------------------------------------' 16 | echo "${red} Performing : ${green} Probing ${reset}" 17 | echo '-----------------------------------------------------' 18 | $dir/probe_single.sh $domain; 19 | echo '-----------------------------------------------------' 20 | echo "${red} Finished : ${green} Results are saved in ${results} folder ${reset}" 21 | echo '-----------------------------------------------------' 22 | # Finished Probing 23 | 24 | # Performing Template Scanning with Nuclei 25 | echo '-----------------------------------------------------' 26 | echo "${red} Performing : ${green} Template Scanning with Nuclei ${reset}" 27 | echo '-----------------------------------------------------' 28 | $dir/nuclear.sh $domain; 29 | echo '-----------------------------------------------------' 30 | echo "${red} Finished : ${green} Results are saved in ${results} folder ${reset}" 31 | echo '-----------------------------------------------------' 32 | # Finished Template Scanning with Nuclei 33 | 34 | # Performing Port Scanning with Naabu 35 | echo '-----------------------------------------------------' 36 | echo "${red} Performing : ${green} Port Scanning with Naabu ${reset}" 37 | echo '-----------------------------------------------------' 38 | $dir/portscan_single.sh $domain; 39 | echo '-----------------------------------------------------' 40 | echo "${red} Finished : ${green} Results are saved in ${results} folder ${reset}" 41 | echo '-----------------------------------------------------' 42 | # Finished Port Scanning with Naabu 43 | 44 | # Performing URL Extraction 45 | echo '-----------------------------------------------------' 46 | echo "${red} Performing : ${green} URL Extraction ${reset}" 47 | echo '-----------------------------------------------------' 48 | $dir/extractor.sh $domain; 49 | echo '-----------------------------------------------------' 50 | echo "${red} Finished : ${green} Results are saved in ${results} folder ${reset}" 51 | echo '-----------------------------------------------------' 52 | # Finished URL Extraction 53 | 54 | # Performing Vulnerable Pattern Search 55 | echo '-----------------------------------------------------' 56 | echo "${red} Performing : ${green} Vulnerable Pattern Search ${reset}" 57 | echo '-----------------------------------------------------' 58 | $dir/pattern.sh $domain; 59 | echo '-----------------------------------------------------' 60 | echo "${red} Finished : ${green} Results are saved in ${results} folder ${reset}" 61 | echo '-----------------------------------------------------' 62 | # Finished Vulnerable Pattern Search 63 | 64 | # Performing Parameter Discovery 65 | echo '-----------------------------------------------------' 66 | echo "${red} Performing : ${green} Parameter Discovery ${reset}" 67 | echo '-----------------------------------------------------' 68 | $dir/parameter.sh $domain; 69 | echo '-----------------------------------------------------' 70 | echo "${red} Finished : ${green} Results are saved in ${results} folder ${reset}" 71 | echo '-----------------------------------------------------' 72 | # Finished Parameter Discovery 73 | 74 | # Performing XSS Automation 75 | echo '-----------------------------------------------------' 76 | echo "${red} Performing : ${green} XSS Automation ${reset}" 77 | echo '-----------------------------------------------------' 78 | $dir/autoxss.sh $domain; 79 | echo '-----------------------------------------------------' 80 | echo "${red} Finished : ${green} Results are saved in ${results} folder ${reset}" 81 | echo '-----------------------------------------------------' 82 | # Finished XSS Automation 83 | 84 | # Performing Javascript Scan 85 | echo '-----------------------------------------------------' 86 | echo "${red} Performing : ${green} Javascript Scan ${reset}" 87 | echo '-----------------------------------------------------' 88 | $dir/jscan.sh $domain; 89 | echo '-----------------------------------------------------' 90 | echo "${red} Finished : ${green} Results are saved in ${results} folder ${reset}" 91 | echo '-----------------------------------------------------' 92 | # Finished Javascript Scan 93 | 94 | # Performing Secret Finder 95 | echo '-----------------------------------------------------' 96 | echo "${red} Performing : ${green} Performing Secret Finder ${reset}" 97 | echo '-----------------------------------------------------' 98 | $dir/secrets.sh $domain; 99 | echo '-----------------------------------------------------' 100 | echo "${red} Finished : ${green} Results are saved in ${results} folder ${reset}" 101 | echo '-----------------------------------------------------' 102 | # Finished Secret Finder 103 | 104 | # Performing Directory Fuzzing 105 | echo '-----------------------------------------------------' 106 | echo "${red} Performing : ${green} Performing Directory Fuzzing ${reset}" 107 | echo '-----------------------------------------------------' 108 | $dir/dirfuzz.sh $domain; 109 | echo '-----------------------------------------------------' 110 | echo "${red} Finished : ${green} Results are saved in ${results} folder ${reset}" 111 | echo '-----------------------------------------------------' 112 | # Finished Directory Fuzzing 113 | 114 | # Performing HeartBleed Scan 115 | echo '-----------------------------------------------------' 116 | echo "${red} Performing : ${green} Performing HeartBleed Scan ${reset}" 117 | echo '-----------------------------------------------------' 118 | $dir/bleed.sh $domain; 119 | echo '-----------------------------------------------------' 120 | echo "${red} Finished : ${green} Results are saved in ${results} folder ${reset}" 121 | echo '-----------------------------------------------------' 122 | # Finished HeartBleed Scan 123 | 124 | # Finished Recon 125 | echo '-----------------------------------------------------' 126 | echo "${red} Finished Recon on: ${green} ${domain} ${reset}" 127 | echo '-----------------------------------------------------' 128 | 129 | done 130 | 131 | # Notify discord 132 | python3 $dir/discord_bot.py ${script_name} $1 ${results} 133 | -------------------------------------------------------------------------------- /arsenal/subbruter.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | dir=~/Recon/$1 4 | 5 | echo $1 | shuffledns -w ~/arsenal/subdomains.txt -r ~/arsenal/resolvers.txt -v -o $1_brute; 6 | mv $1_brute $dir/$1_brute; 7 | cat $dir/$1_brute >> $dir/$1_unfilter_subdomains; 8 | cat $dir/$1_unfilter_subdomains | sort -u > $dir/$1_subdomains; 9 | 10 | -------------------------------------------------------------------------------- /arsenal/subdomain.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | dir=~/Recon/$1 4 | mkdir -p $dir 5 | 6 | subfinder -d $1 > $dir/$1_unfilter_subdomains; 7 | assetfinder --subs-only $1 >> $dir/$1_unfilter_subdomains; 8 | #amass enum -d $1 >> $dir/$1_unfilter_subdomains; 9 | 10 | if [ -z "$exclude" ] 11 | then 12 | cat $dir/$1_unfilter_subdomains | sort -u > $dir/$1_subdomains; 13 | else 14 | echo -e "\e[92m[~] Excluding domains..\e[00m" 15 | echo "${exclude[*]}" | cut -d',' --output-delimiter=$'\n' -f1- | tee -a $dir/"$1"_excluded.txt 16 | cat $dir/"$1"_unfilter_subdomains | sort -u | grep "\.$1" > $dir/tmp_Bunique.txt 17 | grep -vFf $dir/"$1"_excluded.txt $dir/tmp_Bunique.txt > $dir/$1_subdomains 18 | rm $dir/tmp_Bunique.txt 19 | fi 20 | -------------------------------------------------------------------------------- /arsenal/takeover.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | dir=~/Recon/$1 4 | 5 | SubOver -l $dir/$1_subdomains -o $dir/$1_takeover; 6 | -------------------------------------------------------------------------------- /install.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | sudo apt-get install python3; 4 | sudo apt-get install python3-pip; 5 | sudo apt-get install ruby; 6 | sudo apt-get install screen; 7 | sudo apt-get install git; 8 | mkdir ~/.gf 9 | mkdir ~/Tools; 10 | mkdir ~/Recon; 11 | dir=~/Tools; 12 | go get github.com/Ice3man543/SubOver; 13 | go get -u github.com/tomnomnom/gf; 14 | go get -u github.com/tomnomnom/assetfinder; 15 | go get -u -v github.com/projectdiscovery/naabu/v2/cmd/naabu; 16 | go get github.com/tomnomnom/hacks/waybackurls; 17 | go get -u -v github.com/lukasikic/subzy; 18 | go install -v github.com/lukasikic/subzy; 19 | go get -u -v github.com/projectdiscovery/nuclei/v2/cmd/nuclei; 20 | git clone https://github.com/projectdiscovery/nuclei-templates $dir/nuclei-templates; 21 | go get github.com/haccer/subjack; 22 | GO111MODULE=on go get -u -v github.com/projectdiscovery/subfinder/v2/cmd/subfinder 23 | GO111MODULE=on go get -v github.com/projectdiscovery/chaos-client/cmd/chaos; 24 | go get -u -v github.com/hahwul/dalfox; 25 | go get -u -v github.com/lc/gau; 26 | GO111MODULE=on go get -u -v github.com/lc/subjs 27 | go get github.com/hakluke/hakcheckurl; 28 | go get github.com/hakluke/hakrawler; 29 | go get github.com/hakluke/hakrevdns; 30 | go get -u -v github.com/projectdiscovery/httpx/cmd/httpx; 31 | git clone https://github.com/blechschmidt/massdns $dir/massdns; 32 | git clone https://github.com/devanshbatham/FavFreak $dir/FavFreak; 33 | git clone https://github.com/GerbenJavado/LinkFinder $dir/LinkFinder; 34 | git clone https://github.com/m4ll0k/SecretFinder $dir/SecretFinder; 35 | git clone https://github.com/devanshbatham/ParamSpider $dir/ParamSpider; 36 | go get -u -v github.com/projectdiscovery/dnsprobe; 37 | git clone https://github.com/maurosoria/dirsearch $dir/dirsearch; 38 | git clone https://github.com/ozguralp/gmapsapiscanner $dir/gmapsapiscanner; 39 | go get -u -v github.com/projectdiscovery/shuffledns/cmd/shuffledns; 40 | git clone https://github.com/1ndianl33t/Gf-Patterns $dir/Gf-Patterns; 41 | pip3 install corscanner 42 | pip3 install -r ~/Tools/*/requirements.txt; 43 | mv $dir/Gf-Patterns/*.json /root/.gf/; 44 | rm -r $dir/Gf-Patterns; 45 | git clone https://github.com/KathanP19/JSFScan.sh $dir/JSFScan.sh; 46 | mv arsenal ~/arsenal; 47 | cd ~/arsenal; 48 | chmod +x *.sh; 49 | cd $dir/massdns; make; 50 | cp $dir/massdns/bin/massdns /usr/bin/; 51 | cd ~/.gf; wget https://raw.githubusercontent.com/devanshbatham/ParamSpider/master/gf_profiles/potential.json; 52 | cd ~/go/bin; wget https://raw.githubusercontent.com/Ice3man543/SubOver/master/providers.json; 53 | cd ~/Tools; wget https://gist.githubusercontent.com/KathanP19/d2cda2f99c0b60d64b76ee6039b37e47/raw/eb105a4de06502b2732df9d682c61189c3703685/jsvar.sh; 54 | --------------------------------------------------------------------------------