├── Gowitness ├── Script └── README.md ├── CRLFuzz ├── Script └── README.md ├── Dnsx ├── Script └── README.md ├── Nuclei ├── Script └── README.md ├── Zdns ├── Script └── README.md ├── Gau ├── Script └── README.md ├── Waybackurls ├── Script └── README.md ├── .gitignore ├── OneForAll ├── Script └── readme.md ├── Sublist3r ├── Script └── README.md ├── Amass ├── Script └── README.md ├── Puredns ├── Script └── readme.md ├── Subfinder ├── Script └── README.md ├── Shuffledns ├── Script └── README.md ├── Massdns ├── Script └── readme.md ├── Takeover ├── Script └── README.md ├── Findomain ├── Script └── README.md ├── GoBusterDns ├── Script └── README.md ├── Corsy ├── Script └── README.md ├── Ping ├── Script └── README.md ├── Httprobe ├── Script └── README.md ├── Naabu ├── Script └── README.md ├── Nmap ├── README.md └── Script ├── Ffuf ├── Script └── README.md ├── GoBusterDir ├── Script └── README.md ├── Dirsearch ├── Script └── README.md ├── Knockpy ├── Script └── README.md ├── LICENSE ├── README.md ├── Dockerfile ├── default-agents1.5.json ├── default-agents.json └── default-agents2.json /Gowitness/Script: -------------------------------------------------------------------------------- 1 | return new ReconNess.Core.Models.ScriptOutput(); 2 | -------------------------------------------------------------------------------- /CRLFuzz/Script: -------------------------------------------------------------------------------- 1 | return new ReconNess.Core.Models.ScriptOutput { Note = lineInput }; 2 | -------------------------------------------------------------------------------- /Dnsx/Script: -------------------------------------------------------------------------------- 1 | return new ReconNess.Core.Models.ScriptOutput { Note = lineInput }; 2 | -------------------------------------------------------------------------------- /Nuclei/Script: -------------------------------------------------------------------------------- 1 | return new ReconNess.Core.Models.ScriptOutput { Note = lineInput }; 2 | -------------------------------------------------------------------------------- /Zdns/Script: -------------------------------------------------------------------------------- 1 | return new ReconNess.Core.Models.ScriptOutput { Note = lineInput }; 2 | -------------------------------------------------------------------------------- /Gau/Script: -------------------------------------------------------------------------------- 1 | return new ReconNess.Core.Models.ScriptOutput { HttpDirectory = lineInput }; 2 | -------------------------------------------------------------------------------- /Waybackurls/Script: -------------------------------------------------------------------------------- 1 | return new ReconNess.Core.Models.ScriptOutput { HttpDirectory = lineInput }; 2 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | ################################################################################ 2 | # This .gitignore file was automatically created by Microsoft(R) Visual Studio. 3 | ################################################################################ 4 | 5 | /.vs/slnx.sqlite 6 | -------------------------------------------------------------------------------- /OneForAll/Script: -------------------------------------------------------------------------------- 1 | using ReconNess.Core.Models; 2 | 3 | var match = System.Text.RegularExpressions.Regex.Match(lineInput, @"([^\.\/]+)(\.[^\.\/]+)+(?:\/|$)"); 4 | if (match.Success) 5 | { 6 | return new ScriptOutput { Subdomain = match.Groups[0].Value }; 7 | } 8 | 9 | return new ScriptOutput(); -------------------------------------------------------------------------------- /Sublist3r/Script: -------------------------------------------------------------------------------- 1 | using ReconNess.Core.Models; 2 | 3 | if (lineInputCount < 23) 4 | { 5 | return new ScriptOutput(); 6 | } 7 | 8 | lineInput = lineInput.Replace("\u001b[92m", string.Empty).Replace("\u001b[0m", string.Empty); 9 | return new ScriptOutput { Subdomain = lineInput }; 10 | -------------------------------------------------------------------------------- /Amass/Script: -------------------------------------------------------------------------------- 1 | using ReconNess.Core.Models; 2 | 3 | var match = System.Text.RegularExpressions.Regex.Match(lineInput, @"([^\.\/]+)(\.[^\.\/]+)+(?:\/|$)"); 4 | if (match.Success) 5 | { 6 | return new ScriptOutput { Subdomain = match.Groups[0].Value }; 7 | } 8 | 9 | return new ScriptOutput(); 10 | -------------------------------------------------------------------------------- /Puredns/Script: -------------------------------------------------------------------------------- 1 | using ReconNess.Core.Models; 2 | 3 | var match = System.Text.RegularExpressions.Regex.Match(lineInput, @"([^\.\/]+)(\.[^\.\/]+)+(?:\/|$)"); 4 | if (match.Success) 5 | { 6 | return new ScriptOutput { Subdomain = match.Groups[0].Value }; 7 | } 8 | 9 | return new ScriptOutput(); 10 | -------------------------------------------------------------------------------- /Subfinder/Script: -------------------------------------------------------------------------------- 1 | using ReconNess.Core.Models; 2 | 3 | var match = System.Text.RegularExpressions.Regex.Match(lineInput, @"([^\.\/]+)(\.[^\.\/]+)+(?:\/|$)"); 4 | if (match.Success) 5 | { 6 | return new ScriptOutput { Subdomain = match.Groups[0].Value }; 7 | } 8 | 9 | return new ScriptOutput(); 10 | -------------------------------------------------------------------------------- /Shuffledns/Script: -------------------------------------------------------------------------------- 1 | using ReconNess.Core.Models; 2 | 3 | var match = System.Text.RegularExpressions.Regex.Match(lineInput, @"([^\.\/]+)(\.[^\.\/]+)+(?:\/|$)"); 4 | if (match.Success) 5 | { 6 | return new ScriptOutput { Subdomain = match.Groups[0].Value }; 7 | } 8 | 9 | return new ScriptOutput(); 10 | -------------------------------------------------------------------------------- /Massdns/Script: -------------------------------------------------------------------------------- 1 | using ReconNess.Core.Models; 2 | 3 | var match = System.Text.RegularExpressions.Regex.Match(lineInput, @"([a-z-_A-Z0-9.]+).\s.*\s([0-9.]+)"); 4 | if (match.Success) 5 | { 6 | return new ScriptOutput { Subdomain = match.Groups[1].Value, Ip = match.Groups[2].Value }; 7 | } 8 | 9 | return new ScriptOutput(); -------------------------------------------------------------------------------- /Takeover/Script: -------------------------------------------------------------------------------- 1 | using ReconNess.Core.Models; 2 | 3 | if (lineInputCount < 13) 4 | { 5 | return new ScriptOutput(); 6 | } 7 | 8 | if (lineInput.Contains("service found! Potential domain takeover found")) 9 | { 10 | return new ScriptOutput { Takeover = true, IsAlive = true }; 11 | } 12 | 13 | return new ScriptOutput(); 14 | -------------------------------------------------------------------------------- /Findomain/Script: -------------------------------------------------------------------------------- 1 | using ReconNess.Core.Models; 2 | 3 | if (lineInputCount < 13) 4 | { 5 | return new ScriptOutput(); 6 | } 7 | 8 | var match = System.Text.RegularExpressions.Regex.Match(lineInput, @"([^\.\/]+)(\.[^\.\/]+)+(?:\/|$)"); 9 | if (match.Success) 10 | { 11 | return new ScriptOutput { Subdomain = match.Groups[0].Value }; 12 | } 13 | 14 | return new ScriptOutput(); 15 | -------------------------------------------------------------------------------- /GoBusterDns/Script: -------------------------------------------------------------------------------- 1 | using ReconNess.Core.Models; 2 | 3 | if (lineInputCount < 13) 4 | { 5 | return new ScriptOutput(); 6 | } 7 | 8 | var match = System.Text.RegularExpressions.Regex.Match(lineInput, @"^Found:\s(.*)?"); 9 | if (match.Success && match.Groups.Count == 2) 10 | { 11 | return new ScriptOutput { Subdomain = match.Groups[1].Value.Trim() }; 12 | } 13 | 14 | return new ScriptOutput(); 15 | -------------------------------------------------------------------------------- /Corsy/Script: -------------------------------------------------------------------------------- 1 | using ReconNess.Core.Models; 2 | 3 | 4 | if (lineInput.Contains("Class:") || lineInput.Contains("Description:") || lineInput.Contains("Severity:") || 5 | lineInput.Contains("Exploitation:") || lineInput.Contains("ACAO Header:") || lineInput.Contains("ACAC Header:")) 6 | { 7 | return new ScriptOutput 8 | { 9 | Note = lineInput.Replace("-", "") 10 | }; 11 | } 12 | 13 | return new ScriptOutput(); 14 | -------------------------------------------------------------------------------- /Ping/Script: -------------------------------------------------------------------------------- 1 | using ReconNess.Core.Models; 2 | 3 | var match = System.Text.RegularExpressions.Regex.Match(lineInput, @"PING\s(.*?)\s\((.*?)\)"); 4 | if (match.Success && match.Groups.Count == 3) 5 | { 6 | return new ScriptOutput { Ip = match.Groups[2].Value, Subdomain = match.Groups[1].Value }; 7 | } 8 | 9 | if (lineInput.Contains("icmp_seq")) 10 | { 11 | return new ScriptOutput { IsAlive = true}; 12 | } 13 | 14 | return new ScriptOutput(); 15 | -------------------------------------------------------------------------------- /Httprobe/Script: -------------------------------------------------------------------------------- 1 | using ReconNess.Core.Models; 2 | 3 | if (string.IsNullOrEmpty(lineInput)) 4 | { 5 | return new ScriptOutput(); 6 | } 7 | 8 | if (lineInput.StartsWith("https")) 9 | { 10 | return new ScriptOutput { IsAlive = true, HasHttpOpen = true, Service = "https", Port = 443}; 11 | } 12 | 13 | if (lineInput.StartsWith("http")) 14 | { 15 | return new ScriptOutput { IsAlive = true, HasHttpOpen = true, Service = "http", Port = 80}; 16 | } 17 | 18 | return new ScriptOutput(); 19 | -------------------------------------------------------------------------------- /Naabu/Script: -------------------------------------------------------------------------------- 1 | using ReconNess.Core.Models; 2 | 3 | var match = System.Text.RegularExpressions.Regex.Match(lineInput, @":(\d{1,5})"); 4 | if (match.Success) 5 | { 6 | return new ScriptOutput 7 | { 8 | Service = match.Groups[1].Value, 9 | Port = int.Parse(match.Groups[1].Value), 10 | IsAlive = true, 11 | HasHttpOpen = "80".Equals(match.Groups[1].Value) || "443".Equals(match.Groups[1].Value) 12 | }; 13 | } 14 | 15 | return new ScriptOutput(); 16 | 17 | -------------------------------------------------------------------------------- /Nmap/README.md: -------------------------------------------------------------------------------- 1 | ## Nmap Command 2 | 3 | Using {{domain}} ReconNess replace {{domain}} for the subdomain. 4 | 5 | ``` 6 | nmap -T4 {{domain}} 7 | ``` 8 | 9 | ## Nmap Script 10 | 11 | Check [Script file](https://github.com/reconness/reconness-agents/blob/master/Nmap/Script) 12 | 13 | ## Nmap Dockerfile Entry 14 | 15 | ``` 16 | # -------- Agents dependencies -------- 17 | 18 | # To allow run nmap inside the docker 19 | 20 | RUN apt-get update && apt-get install -y nmap 21 | 22 | # -------- End Agents dependencies -------- 23 | ``` 24 | -------------------------------------------------------------------------------- /Ping/README.md: -------------------------------------------------------------------------------- 1 | ## Ping Command 2 | 3 | Using {{domain}} ReconNess replace {{domain}} for the subdomain. 4 | 5 | ``` 6 | ping {{domain}} -c 1 7 | ``` 8 | 9 | ## Ping Script 10 | 11 | Check [Script file](https://github.com/reconness/reconness-agents/blob/master/Ping/Script) 12 | 13 | ## Ping Dockerfile Entry 14 | 15 | ``` 16 | # -------- Agents dependencies -------- 17 | 18 | # To allow run ping inside the docker 19 | 20 | RUN apt-get update && apt-get install -y iputils-ping 21 | 22 | # -------- End Agents dependencies -------- 23 | ``` 24 | -------------------------------------------------------------------------------- /Ffuf/Script: -------------------------------------------------------------------------------- 1 | using ReconNess.Core.Models; 2 | 3 | lineInput = lineInput.Replace("",""); 4 | var match = System.Text.RegularExpressions.Regex.Match(lineInput, @"(.*?)\[Status: (.*?), Size: (.*?),"); 5 | if (match.Success && match.Groups.Count == 4) 6 | { 7 | return new ScriptOutput 8 | { 9 | HttpDirectory = match.Groups[1].Value, 10 | HttpDirectoryMethod = "GET", 11 | HttpDirectoryStatusCode = match.Groups[2].Value, 12 | HttpDirectorySize = match.Groups[3].Value, 13 | }; 14 | } 15 | 16 | return new ScriptOutput(); 17 | -------------------------------------------------------------------------------- /GoBusterDir/Script: -------------------------------------------------------------------------------- 1 | using ReconNess.Core.Models; 2 | 3 | if (lineInputCount < 15) 4 | { 5 | return new ScriptOutput(); 6 | } 7 | 8 | var match = System.Text.RegularExpressions.Regex.Match(lineInput, @"(.*?)\(Status: (.*?)\) \[Size: (.*?)\]"); 9 | if (match.Success && match.Groups.Count == 4) 10 | { 11 | return new ScriptOutput 12 | { 13 | HttpDirectory = match.Groups[1].Value, 14 | HttpDirectoryMethod = "GET", 15 | HttpDirectoryStatusCode = match.Groups[2].Value, 16 | HttpDirectorySize = match.Groups[3].Value, 17 | }; 18 | } 19 | 20 | return new ScriptOutput(); 21 | -------------------------------------------------------------------------------- /Dirsearch/Script: -------------------------------------------------------------------------------- 1 | using ReconNess.Core.Models; 2 | 3 | if (lineInputCount < 10) 4 | { 5 | return new ScriptOutput(); 6 | } 7 | 8 | var match = System.Text.RegularExpressions.Regex.Match(lineInput, @"](.*?) - (.*?) - (.*?) ->"); 9 | if (match.Success && match.Groups.Count == 4) 10 | { 11 | return new ScriptOutput 12 | { 13 | HttpDirectoryStatusCode = match.Groups[1].Value, 14 | HttpDirectoryMethod = "GET", 15 | HttpDirectorySize= match.Groups[2].Value, 16 | HttpDirectory= match.Groups[3].Value.Replace("[0m", "") 17 | }; 18 | } 19 | 20 | return new ScriptOutput(); 21 | -------------------------------------------------------------------------------- /Nmap/Script: -------------------------------------------------------------------------------- 1 | using ReconNess.Core.Models; 2 | 3 | if (lineInputCount < 5) 4 | { 5 | return new ScriptOutput(); 6 | } 7 | 8 | var match = System.Text.RegularExpressions.Regex.Match(lineInput, @"(.*?)\/tcp\s*open\s*(.*?)$"); 9 | if (match.Success && match.Groups.Count == 3) 10 | { 11 | var scriptOutput = new ScriptOutput { Service = match.Groups[2].Value, Port = int.Parse(match.Groups[1].Value), IsAlive = true }; 12 | if (scriptOutput.Service == "http" || scriptOutput.Service == "https") 13 | { 14 | scriptOutput.HasHttpOpen = true; 15 | } 16 | 17 | return scriptOutput; 18 | } 19 | 20 | return new ScriptOutput(); 21 | -------------------------------------------------------------------------------- /Knockpy/Script: -------------------------------------------------------------------------------- 1 | using ReconNess.Core.Models; 2 | 3 | if (lineInputCount < 17) 4 | { 5 | return new ScriptOutput(); 6 | } 7 | 8 | var match = System.Text.RegularExpressions.Regex.Match(lineInput, @"(\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})\s*(\d{1,3})?\s*([a-z]*)\s*(([a-zA-Z0-9][a-zA-Z0-9-_]*\.)*[a-zA-Z0-9]*[a-zA-Z0-9-_]*[[a-zA-Z0-9]+)"); 9 | if (match.Success && match.Groups.Count > 4) 10 | { 11 | return new ScriptOutput 12 | { 13 | Ip = match.Groups[1].Value, 14 | Subdomain = match.Groups.Count == 5 ? match.Groups[3].Value : match.Groups[4].Value, 15 | Note = lineInput 16 | }; 17 | } 18 | 19 | return new ScriptOutput(); 20 | -------------------------------------------------------------------------------- /Findomain/README.md: -------------------------------------------------------------------------------- 1 | ## Findomain Command 2 | 3 | Using {{domain}} ReconNess replace {{domain}} to the root domain, for example, yahoo.com if we define that as a root domain adding the Target. 4 | 5 | ``` 6 | ./findomain-linux -t {{domain}} -r 7 | ``` 8 | 9 | ## Findomain Script 10 | 11 | Check [Script file](https://github.com/reconness/reconness-agents/blob/master/Findomain/Script) 12 | 13 | ## Findomain Dockerfile Entry 14 | 15 | ``` 16 | # -------- Agents dependencies -------- 17 | 18 | # To allow run findomain inside the docker 19 | 20 | RUN apt-get update && apt-get install -y wget 21 | RUN wget https://github.com/Edu4rdSHL/findomain/releases/latest/download/findomain-linux 22 | RUN chmod +x findomain-linux 23 | 24 | # -------- End Agents dependencies -------- 25 | ``` 26 | -------------------------------------------------------------------------------- /Naabu/README.md: -------------------------------------------------------------------------------- 1 | ## Naabu Command 2 | 3 | Using {{domain}} ReconNess replace {{domain}} for the subdomain. 4 | 5 | ``` 6 | ./naabu -host {{domain}} -silent 7 | ``` 8 | 9 | ## Naabu for Docker 10 | 11 | ``` 12 | naabu -host {{domain}} -silent 13 | ``` 14 | 15 | ## Naabu Script 16 | 17 | Check [Script file](https://github.com/reconness/reconness-agents/blob/master/Naabu/Script) 18 | 19 | ## Naabu Dockerfile Entry 20 | 21 | ``` 22 | # -------- Agents dependencies -------- 23 | 24 | # To allow run naabu inside the docker 25 | 26 | RUN wget https://github.com/projectdiscovery/naabu/releases/download/v2.0.3/naabu-linux-amd64.tar.gz 27 | RUN tar -xvf naabu-linux-amd64.tar.gz 28 | RUN cp naabu-linux-amd64 /usr/local/bin/naabu 29 | 30 | # -------- End Agents dependencies -------- 31 | ``` 32 | -------------------------------------------------------------------------------- /Corsy/README.md: -------------------------------------------------------------------------------- 1 | ## Corsy Command 2 | 3 | Using {{domain}} ReconNess replace {{domain}} for the subdomain. 4 | 5 | ``` 6 | python3 corsy.py -u https://{{domain}} 7 | ``` 8 | 9 | ## Corsy Command for Docker 10 | 11 | ``` 12 | python3 /app/Corsy/corsy.py -u https://{{domain}} 13 | ``` 14 | 15 | ## Corsy Script 16 | 17 | Check [Script file](https://github.com/reconness/reconness-agents/blob/master/Corsy/Script) 18 | 19 | ## Corsy Dockerfile Entry 20 | 21 | ``` 22 | # -------- Agents dependencies -------- 23 | 24 | # To allow run corsy inside the docker 25 | 26 | RUN apt-get update && apt-get install -y git python3 python3-pip 27 | RUN git clone https://github.com/s0md3v/Corsy.git 28 | RUN cd Corsy && pip3 install -r requirements.txt 29 | 30 | # -------- End Agents dependencies -------- 31 | ``` 32 | -------------------------------------------------------------------------------- /Takeover/README.md: -------------------------------------------------------------------------------- 1 | ## Takeover Command 2 | 3 | Using {{domain}} ReconNess replace {{domain}} for the subdomain. 4 | 5 | ``` 6 | python3 takeover.py -d {{domain}} -v 7 | ``` 8 | 9 | ## Takeover Command for Docker 10 | 11 | ``` 12 | python3 /app/takeover/takeover.py -d {{domain}} -v 13 | ``` 14 | 15 | ## Takeover Script 16 | 17 | Check [Script file](https://github.com/reconness/reconness-agents/blob/master/Takeover/Script) 18 | 19 | ## Takeover Dockerfile Entry 20 | 21 | ``` 22 | # -------- Agents dependencies -------- 23 | 24 | # To allow run takeover inside the docker 25 | 26 | RUN apt-get update && apt-get install -y git python3 python3-pip wget 27 | RUN git clone https://github.com/m4ll0k/takeover.git 28 | RUN cd takeover && python3 setup.py install 29 | 30 | # -------- End Agents dependencies -------- 31 | ``` 32 | -------------------------------------------------------------------------------- /Dirsearch/README.md: -------------------------------------------------------------------------------- 1 | ## Dirsearch Command 2 | 3 | Using {{domain}} ReconNess replace {{domain}} for the subdomain. 4 | 5 | ``` 6 | python3 dirsearch.py -u {{domain}} -e php -r 7 | ``` 8 | ## Dirsearch Command for Docker 9 | 10 | ``` 11 | /app/dirsearch/dirsearch.py -u {{domain}} -e php -r 12 | ``` 13 | 14 | ## Dirsearch Script 15 | 16 | Check [Script file](https://github.com/reconness/reconness-agents/blob/master/Dirsearch/Script) 17 | 18 | ## Dirsearch Dockerfile Entry 19 | 20 | ``` 21 | # -------- Agents dependencies -------- 22 | 23 | # To allow run dirsearch inside the docker 24 | 25 | RUN apt-get update && apt-get install -y git python3 python3-pip 26 | RUN git clone https://github.com/maurosoria/dirsearch.git 27 | RUN cd dirsearch && pip3 install -r requirements.txt 28 | 29 | # -------- End Agents dependencies -------- 30 | ``` 31 | -------------------------------------------------------------------------------- /Amass/README.md: -------------------------------------------------------------------------------- 1 | ## Amass Command 2 | 3 | Using {{domain}} ReconNess replace {{domain}} to the root domain, for example, yahoo.com if we define that as a root domain adding the Target. 4 | 5 | ``` 6 | /bin/amass enum --passive -d {{domain}} 7 | ``` 8 | 9 | ## Amass Script 10 | 11 | Check [Script file](https://github.com/reconness/reconness-agents/blob/master/Amass/Script) 12 | 13 | ## Amass Dockerfile Entry 14 | 15 | ``` 16 | # -------- Agents dependencies -------- 17 | 18 | # To allow run amass inside the docker 19 | RUN apt-get update && apt-get install -y wget && apt-get install unzip -y 20 | RUN cd /tmp/ ; wget https://github.com/OWASP/Amass/releases/download/v3.4.2/amass_v3.4.2_linux_amd64.zip ; unzip amass_v3.4.2_linux_amd64.zip 21 | RUN mv /tmp/amass_v3.4.2_linux_amd64/amass /bin 22 | 23 | # -------- End Agents dependencies -------- 24 | ``` 25 | -------------------------------------------------------------------------------- /Sublist3r/README.md: -------------------------------------------------------------------------------- 1 | ## Sublist3r Command 2 | 3 | Using {{domain}} ReconNess replace {{domain}} to the root domain, for example, yahoo.com if we define that as a root domain adding the Target. 4 | 5 | If we have sublist3r in the folder /app/Sublist3r/ 6 | 7 | ``` 8 | python3 /app/Sublist3r/sublist3r.py -d {{domain}} 9 | ``` 10 | 11 | ## Sublist3r Script 12 | 13 | Check [Script file](https://github.com/reconness/reconness-agents/blob/master/Sublist3r/Script) 14 | 15 | ## Sublist3r Dockerfile Entry 16 | 17 | ``` 18 | # -------- Agents dependencies -------- 19 | 20 | # To allow run sublist3r inside the docker 21 | 22 | RUN apt-get update && apt-get install -y git python2.7 python-pip 23 | RUN git clone https://github.com/aboul3la/Sublist3r.git 24 | RUN cd Sublist3r && pip install -r requirements.txt 25 | 26 | # -------- End Agents dependencies -------- 27 | ``` 28 | -------------------------------------------------------------------------------- /Httprobe/README.md: -------------------------------------------------------------------------------- 1 | ## Httprobe Command 2 | 3 | Using {{domain}} ReconNess replace {{domain}} for the subdomain. 4 | 5 | ``` 6 | echo '{{domain}}' | httprobe 7 | ``` 8 | 9 | ## Httprobe Command for Docker 10 | 11 | ``` 12 | echo '{{domain}}' | /root/go/bin/httprobe 13 | ``` 14 | 15 | ## Httprobe Script 16 | 17 | Check [Script file](https://github.com/reconness/reconness-agents/blob/master/Httprobe/Script) 18 | 19 | ## Httprobe Dockerfile Entry 20 | 21 | ``` 22 | # -------- Agents dependencies -------- 23 | 24 | # To allow run httprobe inside the docker 25 | 26 | RUN apt-get update && apt-get install -y git wget 27 | RUN wget https://dl.google.com/go/go1.14.6.linux-amd64.tar.gz 28 | RUN tar -C /usr/local -xzf go1.14.6.linux-amd64.tar.gz 29 | RUN /usr/local/go/bin/go get github.com/tomnomnom/httprobe 30 | 31 | # -------- End Agents dependencies -------- 32 | ``` 33 | -------------------------------------------------------------------------------- /Gau/README.md: -------------------------------------------------------------------------------- 1 | ## Gau Command 2 | 3 | Using {{domain}} ReconNess replace {{domain}} for the subdomain. 4 | 5 | ``` 6 | echo '{{domain}}' | ./gau | grep "^https://{{domain}}" 7 | ``` 8 | 9 | ## Gau Command for Docker 10 | 11 | ``` 12 | echo '{{domain}}' | /root/go/bin/gau | grep "^https://{{domain}}" 13 | ``` 14 | 15 | ## Gau Script 16 | 17 | Check [Script file](https://github.com/reconness/reconness-agents/blob/master/Gau/Script) 18 | 19 | ## Gau Dockerfile Entry 20 | 21 | ``` 22 | # -------- Agents dependencies -------- 23 | 24 | # To allow run gau inside the docker 25 | 26 | RUN apt-get update && apt-get install -y git wget 27 | RUN wget https://dl.google.com/go/go1.14.6.linux-amd64.tar.gz 28 | RUN tar -C /usr/local -xzf go1.14.6.linux-amd64.tar.gz 29 | RUN /usr/local/go/bin/go get -u -v github.com/lc/gau 30 | 31 | # -------- End Agents dependencies -------- 32 | ``` 33 | -------------------------------------------------------------------------------- /CRLFuzz/README.md: -------------------------------------------------------------------------------- 1 | ## CRLFuzz Command 2 | 3 | Using {{domain}} ReconNess replace {{domain}} for the subdomain. 4 | 5 | 6 | ``` 7 | crlfuzz -u https://{{domain}} -s 8 | ``` 9 | 10 | ## CRLFuzz Command for Docker 11 | 12 | ``` 13 | /root/go/bin/crlfuzz -u https://{{domain}} -s 14 | ``` 15 | 16 | ## CRLFuzz Script 17 | 18 | Check [Script file](https://github.com/reconness/reconness-agents/blob/master/CRLFuzz/Script) 19 | 20 | ## CRLFuzz Dockerfile Entry 21 | 22 | ``` 23 | # -------- Agents dependencies -------- 24 | 25 | # To allow run CRLFuzz inside the docker 26 | 27 | RUN apt-get update && apt-get install -y git wget 28 | RUN wget https://dl.google.com/go/go1.14.6.linux-amd64.tar.gz 29 | RUN tar -C /usr/local -xzf go1.14.6.linux-amd64.tar.gz 30 | RUN /usr/local/go/bin/go get -v github.com/dwisiswant0/crlfuzz/cmd/crlfuzz 31 | 32 | # -------- End Agents dependencies -------- 33 | ``` 34 | -------------------------------------------------------------------------------- /Dnsx/README.md: -------------------------------------------------------------------------------- 1 | ## Dnsx Command 2 | 3 | Using {{domain}} ReconNess replace {{domain}} for the subdomain. 4 | 5 | ``` 6 | echo {{domain}} | ./dnsx -silent -a -resp 7 | ``` 8 | 9 | ## Dnsx Command for Docker 10 | 11 | ``` 12 | echo '{{domain}}' | /root/go/bin/dnsx -silent -a -resp 13 | ``` 14 | 15 | ## Dnsx Script 16 | 17 | Check [Script file](https://github.com/reconness/reconness-agents/blob/master/Dnsx/Script) 18 | 19 | ## Dnsx Dockerfile Entry 20 | 21 | ``` 22 | # -------- Agents dependencies -------- 23 | 24 | # To allow run dnsx inside the docker 25 | 26 | RUN wget https://golang.org/dl/go1.16.linux-amd64.tar.gz 27 | RUN tar -C /usr/local -xzf go1.16.linux-amd64.tar.gz 28 | RUN export GOPATH=$HOME/go 29 | RUN export PATH=$PATH:/usr/local/go/bin:$GOPATH/bin 30 | RUN GO111MODULE=on /usr/local/go/bin/go get -v github.com/projectdiscovery/dnsx/cmd/dnsx 31 | 32 | # -------- End Agents dependencies -------- 33 | ``` 34 | -------------------------------------------------------------------------------- /Zdns/README.md: -------------------------------------------------------------------------------- 1 | ## Zdns Command 2 | 3 | Using {{domain}} ReconNess replace {{domain}} for the subdomain. 4 | 5 | ``` 6 | echo "{{domain}},8.8.8.8" | go run zdns/main.go A 7 | ``` 8 | 9 | ## Zdns Command for Docker 10 | 11 | ``` 12 | cd /app/zdns/zdns && echo '{{domain}},8.8.8.8' | /usr/local/go/bin/go run main.go A 13 | ``` 14 | 15 | ## Zdns Script 16 | 17 | Check [Script file](https://github.com/reconness/reconness-agents/blob/master/Zdns/Script) 18 | 19 | ## Zdns Dockerfile Entry 20 | 21 | ``` 22 | # -------- Agents dependencies -------- 23 | 24 | # To allow run zdns inside the docker 25 | 26 | RUN apt-get update && apt-get install -y git wget 27 | RUN wget https://dl.google.com/go/go1.14.6.linux-amd64.tar.gz 28 | RUN tar -C /usr/local -xzf go1.14.6.linux-amd64.tar.gz 29 | RUN git clone https://github.com/zmap/zdns.git 30 | RUN cd zdns && /usr/local/go/bin/go build 31 | 32 | # -------- End Agents dependencies -------- 33 | ``` 34 | -------------------------------------------------------------------------------- /Waybackurls/README.md: -------------------------------------------------------------------------------- 1 | ## Waybackurls Command 2 | 3 | Using {{domain}} ReconNess replace {{domain}} for the subdomain. 4 | 5 | ``` 6 | echo '{{domain}}' | ./waybackurls | grep "^https://{{domain}}" 7 | ``` 8 | 9 | ## Waybackurls Command for Docker 10 | 11 | ``` 12 | echo '{{domain}}' | /root/go/bin/waybackurls | grep "^https://{{domain}}" 13 | ``` 14 | 15 | ## Waybackurls Script 16 | 17 | Check [Script file](https://github.com/reconness/reconness-agents/blob/master/Waybackurls/Script) 18 | 19 | ## Waybackurls Dockerfile Entry 20 | 21 | ``` 22 | # -------- Agents dependencies -------- 23 | 24 | # To allow run waybackurls inside the docker 25 | 26 | RUN apt-get update && apt-get install -y git wget 27 | RUN wget https://dl.google.com/go/go1.14.6.linux-amd64.tar.gz 28 | RUN tar -C /usr/local -xzf go1.14.6.linux-amd64.tar.gz 29 | RUN /usr/local/go/bin/go get github.com/tomnomnom/waybackurls 30 | 31 | # -------- End Agents dependencies -------- 32 | ``` 33 | -------------------------------------------------------------------------------- /Knockpy/README.md: -------------------------------------------------------------------------------- 1 | ## Knockpy Command 2 | 3 | Using {{domain}} ReconNess replace {{domain}} to the root domain or {{rootDomain}}, for example, yahoo.com if we define that as a root domain adding the Target. 4 | 5 | If we have knockpy in the folder /app/knock/ 6 | 7 | ``` 8 | python3 /app/knock/knockpy/knockpy.py {{rootDomain}} 9 | ``` 10 | 11 | ## Knockpy Command for Docker 12 | 13 | ``` 14 | python3 /app/knock/knockpy/knockpy.py {{rootDomain}} 15 | ``` 16 | 17 | ## Knockpy Script 18 | 19 | Check [Script file](https://github.com/reconness/reconness-agents/blob/master/Knockpy/Script) 20 | 21 | ## Knockpy Dockerfile Entry 22 | 23 | ``` 24 | # -------- Agents dependencies -------- 25 | 26 | # To allow run knockpy the docker 27 | 28 | RUN apt-get update && apt-get install -y git python2.7 python-pip python-dnspython 29 | RUN git clone https://github.com/guelfoweb/knock 30 | RUN cd knock && pip3 install -r requirements.txt 31 | 32 | # -------- End Agents dependencies -------- 33 | ``` 34 | -------------------------------------------------------------------------------- /Ffuf/README.md: -------------------------------------------------------------------------------- 1 | ## ffuf Command 2 | 3 | Using {{domain}} ReconNess replace {{domain}} for the subdomain. 4 | 5 | If we have the wordlist in ~/Desktop/tools/wordlist/directories.txt 6 | 7 | ``` 8 | ffuf -w ~/Desktop/tools/wordlist/directories.txt -u https://{{domain}}/FUZZ -mc 200,204 9 | ``` 10 | 11 | ## ffuf Command for Docker 12 | 13 | ``` 14 | /root/go/bin/ffuf -w /app/Content/wordlists/dir_enum/default.txt -u https://{{domain}}/FUZZ -mc 200,204 15 | ``` 16 | 17 | ## ffuf Script 18 | 19 | Check [Script file](https://github.com/reconness/reconness-agents/blob/master/Ffuf/Script) 20 | 21 | ## ffuf Dockerfile Entry 22 | 23 | ``` 24 | # -------- Agents dependencies -------- 25 | 26 | # To allow run ffuf inside the docker 27 | 28 | RUN apt-get update && apt-get install -y git wget 29 | RUN wget https://dl.google.com/go/go1.14.6.linux-amd64.tar.gz 30 | RUN tar -C /usr/local -xzf go1.14.6.linux-amd64.tar.gz 31 | RUN /usr/local/go/bin/go get github.com/ffuf/ffuf 32 | 33 | # -------- End Agents dependencies -------- 34 | ``` 35 | -------------------------------------------------------------------------------- /Nuclei/README.md: -------------------------------------------------------------------------------- 1 | ## Nuclei Command 2 | 3 | Using {{domain}} ReconNess replace {{domain}} for the subdomain. 4 | 5 | If we have the templates in /root/nuclei-templates 6 | 7 | ``` 8 | nuclei -u {{domain}} -t /root/nuclei-templates -silent 9 | ``` 10 | 11 | ## Nuclei Command for Docker 12 | 13 | ``` 14 | /root/go/bin/nuclei -u {{domain}} -t /root/nuclei-templates -silent 15 | ``` 16 | 17 | ## Nuclei Script 18 | 19 | Check [Script file](https://github.com/reconness/reconness-agents/blob/master/Nuclei/Script) 20 | 21 | ## Nuclei Dockerfile Entry 22 | 23 | ``` 24 | # -------- Agents dependencies -------- 25 | 26 | # To allow run nuclei inside the docker 27 | 28 | RUN apt-get update && apt-get install -y git wget 29 | RUN wget https://dl.google.com/go/go1.14.6.linux-amd64.tar.gz 30 | RUN tar -C /usr/local -xzf go1.14.6.linux-amd64.tar.gz 31 | RUN GO111MODULE=on /usr/local/go/bin/go get -v github.com/projectdiscovery/nuclei/v2/cmd/nuclei 32 | RUN /root/go/bin/nuclei -update-templates 33 | 34 | # -------- End Agents dependencies -------- 35 | ``` 36 | -------------------------------------------------------------------------------- /Subfinder/README.md: -------------------------------------------------------------------------------- 1 | ## Subfinder Command 2 | 3 | Using {{domain}} ReconNess replace {{domain}} to the root domain, for example, yahoo.com if we define that as a root domain adding the Target 4 | 5 | ``` 6 | subfinder -d '{{domain}} -silent' 7 | ``` 8 | 9 | ## Subfinder Command for Docker 10 | 11 | ``` 12 | subfinder -d {{rootDomain}} -silent 13 | ``` 14 | 15 | ## Subfinder Script 16 | 17 | Check [Script file](https://github.com/reconness/reconness-agents/blob/master/Subfinder/Script) 18 | 19 | ## Subfinder Dockerfile Entry 20 | 21 | ``` 22 | # -------- Agents dependencies -------- 23 | 24 | # To allow run subfinder inside the docker 25 | 26 | RUN apt-get update && apt-get install -y git wget 27 | RUN wget https://dl.google.com/go/go1.14.6.linux-amd64.tar.gz 28 | RUN tar -C /usr/local -xzf go1.14.6.linux-amd64.tar.gz 29 | RUN wget https://github.com/projectdiscovery/subfinder/releases/download/v2.4.5/subfinder_2.4.5_linux_amd64.tar.gz 30 | RUN tar -xzvf subfinder_2.4.5_linux_amd64.tar.gz 31 | RUN mv subfinder /usr/local/bin/ 32 | 33 | # -------- End Agents dependencies -------- 34 | ``` 35 | -------------------------------------------------------------------------------- /GoBusterDns/README.md: -------------------------------------------------------------------------------- 1 | ## GoBusterDns Command 2 | 3 | Using {{domain}} ReconNess replace {{domain}} to the root domain, for example, yahoo.com if we define that as a root domain adding the Target. 4 | 5 | If we have the wordlist in ~/Desktop/tools/wordlist/all.txt 6 | 7 | ``` 8 | gobuster dns -d {{domain}} -w ~/Desktop/tools/wordlist/all.txt --wildcard -z 9 | ``` 10 | 11 | ## GoBusterDns Command for Docker 12 | 13 | ``` 14 | /root/go/bin/gobuster dns -d {{domain}} -w /app/Content/wordlists/subdomain_enum/default.txt --wildcard -z 15 | ``` 16 | 17 | ## GoBusterDns Script 18 | 19 | Check [Script file](https://github.com/reconness/reconness-agents/blob/master/GoBusterDns/Script) 20 | 21 | ## GoBusterDns Dockerfile Entry 22 | 23 | ``` 24 | # -------- Agents dependencies -------- 25 | 26 | # To allow run gobuster inside the docker 27 | 28 | RUN apt-get update && apt-get install -y git wget 29 | RUN wget https://dl.google.com/go/go1.14.6.linux-amd64.tar.gz 30 | RUN tar -C /usr/local -xzf go1.14.6.linux-amd64.tar.gz 31 | RUN /usr/local/go/bin/go get github.com/OJ/gobuster 32 | 33 | # -------- End Agents dependencies -------- 34 | ``` 35 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | MIT License 2 | 3 | Copyright (c) 2019 reconness 4 | 5 | Permission is hereby granted, free of charge, to any person obtaining a copy 6 | of this software and associated documentation files (the "Software"), to deal 7 | in the Software without restriction, including without limitation the rights 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 9 | copies of the Software, and to permit persons to whom the Software is 10 | furnished to do so, subject to the following conditions: 11 | 12 | The above copyright notice and this permission notice shall be included in all 13 | copies or substantial portions of the Software. 14 | 15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 21 | SOFTWARE. 22 | -------------------------------------------------------------------------------- /GoBusterDir/README.md: -------------------------------------------------------------------------------- 1 | ## GoBusterDir Command 2 | 3 | Using {{domain}} ReconNess replace {{domain}} for the subdomain. 4 | 5 | If we have the wordlist in ~/Desktop/tools/wordlist/directories.txt 6 | 7 | ``` 8 | gobuster dir -u https://{{domain}} -w ~/Desktop/tools/wordlist/directories.txt -s 200,204 -z -k -r --wildcard 9 | ``` 10 | ## GoBusterDir Command for Docker 11 | 12 | ``` 13 | /root/go/bin/gobuster dir -u https://{{domain}} -w /app/Content/wordlists/dir_enum/default.txt -s 200,204 -z -k -r --wildcard 14 | ``` 15 | 16 | ## GoBusterDir Script 17 | 18 | Check [Script file](https://github.com/reconness/reconness-agents/blob/master/GoBusterDir/Script) 19 | 20 | ## GoBusterDir Dockerfile Entry 21 | 22 | ``` 23 | # -------- Agents dependencies -------- 24 | 25 | # To allow run gobuster inside the docker 26 | 27 | RUN wget https://golang.org/dl/go1.16.linux-amd64.tar.gz 28 | RUN tar -C /usr/local -xzf go1.16.linux-amd64.tar.gz 29 | RUN export GOPATH=$HOME/go 30 | RUN export PATH=$PATH:/usr/local/go/bin:$GOPATH/bin 31 | RUN /usr/local/go/bin/go install github.com/OJ/gobuster/v3@latest 32 | 33 | # -------- End Agents dependencies -------- 34 | ``` 35 | -------------------------------------------------------------------------------- /Gowitness/README.md: -------------------------------------------------------------------------------- 1 | ## Gowitness Command 2 | 3 | Using {{target}}, {{rootDomain}} and {{domain}} ReconNess replace {{target}} for the target name, {{rootDomain}} for the rootdomain name and {{domain}} for the subdomain. 4 | 5 | ``` 6 | gowitness single -o /Content/screenshots/{{target}}/{{rootDomain}}/{{domain}}.png https://{{domain}} 7 | ``` 8 | ## Gowitness Command for Docker 9 | 10 | ``` 11 | mkdir -p /app/Content/screenshots/{{target}}/{{rootDomain}}/ && /root/go/bin/gowitness single -o /app/Content/screenshots/{{target}}/{{rootDomain}}/{{domain}}.png https://{{domain}} 12 | ``` 13 | 14 | ## Gowitness Script 15 | 16 | Check [Script file](https://github.com/reconness/reconness-agents/blob/master/Gowitness/Script) 17 | 18 | ## Gowitness Dockerfile Entry 19 | 20 | ``` 21 | # -------- Agents dependencies -------- 22 | 23 | # To allow run gowitness inside the docker 24 | 25 | RUN wget https://golang.org/dl/go1.16.linux-amd64.tar.gz 26 | RUN tar -C /usr/local -xzf go1.16.linux-amd64.tar.gz 27 | RUN export GOPATH=$HOME/go 28 | RUN export PATH=$PATH:/usr/local/go/bin:$GOPATH/bin 29 | RUN GO111MODULE=on /usr/local/go/bin/go get -u github.com/sensepost/gowitness 30 | 31 | # -------- End Agents dependencies -------- 32 | ``` 33 | -------------------------------------------------------------------------------- /Puredns/readme.md: -------------------------------------------------------------------------------- 1 | ## Puredns command 2 | 3 | Using {{rootDomain}} ReconNess replace {{rootDomain}} to the root domain, for example, yahoo.com if we define that as a root domain adding the Target 4 | 5 | If we have massdns in the folder /app/massdns/bin/massdns 6 | 7 | ``` 8 | puredns bruteforce subdomains.txt {{rootDomain}} --resolvers resolvers.txt --bin /app/massdns/bin/massdns -q 9 | ``` 10 | 11 | ## Puredns Command for Docker 12 | 13 | ``` 14 | /root/go/bin/puredns bruteforce /app/Content/wordlists/subdomain_enum/default.txt {{rootDomain}} --resolvers /app/Content/wordlists/dns_resolver_enum/default.txt --bin /app/massdns/bin/massdns -q 15 | 16 | ``` 17 | 18 | ## Puredns Script 19 | 20 | Check [Script file](https://github.com/reconness/reconness-agents/blob/master/Puredns/Script) 21 | 22 | ## Puredns Dockerfile Entry 23 | 24 | # -------- Agents dependencies -------- 25 | 26 | ``` 27 | # To allow run Puredns inside the docker 28 | 29 | RUN apt-get update && apt-get install -y git build-essential wget 30 | RUN wget https://dl.google.com/go/go1.14.6.linux-amd64.tar.gz 31 | RUN tar -C /usr/local -xzf go1.14.6.linux-amd64.tar.gz 32 | RUN git clone https://github.com/blechschmidt/massdns.git && cd massdns && make 33 | RUN GO111MODULE=on /usr/local/go/bin/go get github.com/d3mondev/puredns/v2 34 | ``` 35 | 36 | # -------- End Agents dependencies -------- 37 | -------------------------------------------------------------------------------- /Shuffledns/README.md: -------------------------------------------------------------------------------- 1 | ## Shuffledns Command 2 | 3 | Using {{rootDomain}} ReconNess replace {{rootDomain}} for the root domain. 4 | To allow run this tool we need to have a resolvers.txt and massdns installed 5 | 6 | ``` 7 | shuffledns -d {{rootDomain}} -r ~/resolvers.txt -w /app/all.txt -massdns ~/massdns/bin/massdns -silent" 8 | ``` 9 | 10 | ## Shuffledns Command for Docker 11 | 12 | ``` 13 | /root/go/bin/shuffledns -d {{rootDomain}} -r /app/Content/wordlists/dns_resolver_enum/default.txt -w /app/Content/wordlists/subdomain_enum/default.txt -massdns /app/massdns/bin/massdns -silent 14 | ``` 15 | 16 | ## Shuffledns Script 17 | 18 | Check [Script file](https://github.com/reconness/reconness-agents/blob/master/Shuffledns/Script) 19 | 20 | ## Shuffledns Dockerfile Entry 21 | 22 | ``` 23 | # -------- Agents dependencies -------- 24 | 25 | # To allow run shuffledns inside the docker 26 | 27 | RUN apt-get update && apt-get install -y git wget 28 | RUN wget https://dl.google.com/go/go1.14.6.linux-amd64.tar.gz 29 | RUN tar -C /usr/local -xzf go1.14.6.linux-amd64.tar.gz 30 | RUN git clone https://github.com/blechschmidt/massdns.git && cd massdns && make 31 | RUN cd /app && wget https://raw.githubusercontent.com/reconness/reconness-agents/master/resolvers.txt 32 | RUN wget https://github.com/projectdiscovery/shuffledns/releases/download/v1.0.4/shuffledns_1.0.4_linux_amd64.tar.gz 33 | RUN tar -xzvf shuffledns_1.0.4_linux_amd64.tar.gz 34 | RUN mv shuffledns /usr/local/bin/ 35 | 36 | # -------- End Agents dependencies -------- 37 | ``` 38 | -------------------------------------------------------------------------------- /OneForAll/readme.md: -------------------------------------------------------------------------------- 1 | ## OneForAll Command 2 | 3 | This agent utilizes the [Reconness Unviersal Wrapper](https://github.com/hiddengearz/reconness-universal-wrapper) which must be installed for this agent to work. Using {{rootDomain}} ReconNess replace {{rootDomain}} for the root domain. Ex: yahoo.com 4 | 5 | If we have OneForAllWrapper in the folder ~/Desktop/OneForAllWrapper/ 6 | 7 | ``` 8 | cd ~/Desktop/OneForAllWrapper/ && ./reconness-universal-wrapper exec "python3 /app/OneForAll/oneforall.py --target {{rootDomain}} -path *outputDir/*.txt run" --silent 9 | ``` 10 | 11 | ## OneForAll Command for Docker 12 | 13 | ``` 14 | /root/go/bin/reconness-universal-wrapper exec "python3 /app/OneForAll/oneforall.py --target {{rootDomain}} -path *outputDir/*.txt run" --silent 15 | ``` 16 | 17 | ## OneForAll Script 18 | 19 | Check [Script file](add script file location) 20 | 21 | ## OneForAll Dockerfile Entry 22 | 23 | 24 | # -------- Agents dependencies -------- 25 | 26 | # To allow run OneForAll inside the docker 27 | 28 | ``` 29 | RUN apt-get update && apt-get install -y git wget python3 python3-pip 30 | RUN wget https://dl.google.com/go/go1.13.4.linux-amd64.tar.gz 31 | RUN tar -C /usr/local -xzf go1.13.4.linux-amd64.tar.gz 32 | RUN git clone https://github.com/shmilylty/OneForAll.git 33 | RUN python3 -m pip install -U pip setuptools wheel 34 | RUN pip3 install -r /app/OneForAll/requirements.txt 35 | RUN /usr/local/go/bin/go get -u github.com/hiddengearz/reconness-universal-wrapper 36 | RUN /root/go/bin/reconness-universal-wrapper setup -u -p -s 37 | ``` 38 | # -------- End Agents dependencies -------- 39 | -------------------------------------------------------------------------------- /Massdns/readme.md: -------------------------------------------------------------------------------- 1 | ## Massdns command 2 | 3 | This agent utilizes the [Reconness Unviersal Wrapper](https://github.com/hiddengearz/reconness-universal-wrapper) which must be installed for this agent to work. Using {{target}} ReconNess replaces {{target}} for the target and {{rootDomainName}} for the root domain. Ex: yahoo.com 4 | 5 | 6 | If we have MassdnsWrapper in the folder ~/Desktop/MassdnsWrapper/ 7 | 8 | ``` 9 | cd ~/Desktop/MassdnsWrapper/ && ./reconness-universal-wrapper exec "/app/massdns/bin/massdns -r /app/massdns/lists/resolvers.txt *subdomains -w *outputFile -o S" -a api/targets/exportSubdomains/{{target}}/{{rootDomain}} --silent 10 | ``` 11 | 12 | ## Massdns Command for Docker 13 | 14 | ``` 15 | /root/go/bin/reconness-universal-wrapper exec "/app/massdns/bin/massdns -r /app/massdns/lists/resolvers.txt *subdomains -w *outputFile -o S" -a api/targets/exportSubdomains/{{target}}/{{rootDomain}} --silent 16 | 17 | ``` 18 | 19 | ## Massdns Script 20 | 21 | Check [Script file](https://github.com/reconness/reconness-agents/blob/master/Massdns/Script) 22 | 23 | 24 | ## Massdns Dockerfile Entry 25 | 26 | 27 | # -------- Agents dependencies -------- 28 | 29 | ``` 30 | # To allow run Massdns inside the docker 31 | 32 | RUN apt-get update && apt-get install -y git build-essential wget 33 | RUN wget https://dl.google.com/go/go1.14.6.linux-amd64.tar.gz 34 | RUN tar -C /usr/local -xzf go1.14.6.linux-amd64.tar.gz 35 | RUN git clone https://github.com/blechschmidt/massdns.git && cd massdns && make 36 | RUN /usr/local/go/bin/go get -u github.com/hiddengearz/reconness-universal-wrapper 37 | RUN /root/go/bin/reconness-universal-wrapper setup -u -p -s 38 | ``` 39 | 40 | # -------- End Agents dependencies -------- 41 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # ReconNess Agents 2 | 3 | Here we are going to store the list of Agents tested running inside ReconNess Web App Tool using Docker and is going to be a default Agent repositories, but remember you can add inside ReconNess whatever Agent do you need. 4 | 5 | ## List of Agents 6 | 7 | These are the list of Agents tested inside the Docker 8 | 9 | ### Agents Subdomain Enum 10 | 11 | - [Subfinder](https://github.com/reconness/reconness-agents/tree/master/Subfinder) 12 | - [Amass](https://github.com/reconness/reconness-agents/blob/master/Amass) 13 | - [GoBusterDns](https://github.com/reconness/reconness-agents/tree/master/GoBusterDns) 14 | - [Sublist3r](https://github.com/reconness/reconness-agents/tree/master/Sublist3r) 15 | - [Findomain](https://github.com/reconness/reconness-agents/tree/master/Findomain) 16 | - [OneForAll](https://github.com/reconness/reconness-agents/tree/master/OneForAll) 17 | - [Knockpy](https://github.com/reconness/reconness-agents/tree/master/Knockpy) 18 | - [Massdns](https://github.com/reconness/reconness-agents/tree/master/Massdns) 19 | - [Shuffledns](https://github.com/reconness/reconness-agents/tree/master/Shuffledns) 20 | - [Puredns](https://github.com/reconness/reconness-agents/tree/master/Puredns) 21 | 22 | ### Agents Dir Discovery 23 | 24 | - [ffuf](https://github.com/reconness/reconness-agents/tree/master/Ffuf) 25 | - [GoBusterDir](https://github.com/reconness/reconness-agents/tree/master/GoBusterDir) 26 | - [Dirsearch](https://github.com/reconness/reconness-agents/tree/master/Dirsearch) 27 | - [Waybackurls](https://github.com/reconness/reconness-agents/tree/master/Waybackurls) 28 | - [Gau](https://github.com/reconness/reconness-agents/tree/master/Gau) 29 | 30 | ### Agents Scan 31 | 32 | - [Httprobe](https://github.com/reconness/reconness-agents/tree/master/Httprobe) 33 | - [Ping](https://github.com/reconness/reconness-agents/tree/master/Ping) 34 | - [Nmap](https://github.com/reconness/reconness-agents/tree/master/Nmap) 35 | - [Takeover](https://github.com/reconness/reconness-agents/tree/master/Takeover) 36 | - [Zdns](https://github.com/reconness/reconness-agents/tree/master/Zdns) 37 | - [Dnsx](https://github.com/reconness/reconness-agents/tree/master/Dnsx) 38 | - [Naabu](https://github.com/reconness/reconness-agents/tree/master/Naabu) 39 | - [Corsy](https://github.com/reconness/reconness-agents/tree/master/Corsy) 40 | - [Nuclei](https://github.com/reconness/reconness-agents/tree/master/Nuclei) 41 | - [CRLFuzz](https://github.com/reconness/reconness-agents/tree/master/CRLFuzz) 42 | 43 | ### Agents Screenshots 44 | 45 | - [Gowitness](https://github.com/reconness/reconness-agents/tree/master/Gowitness) 46 | 47 | ## Thanks 48 | [@hdbreaker](https://github.com/hdbreaker) 49 | 50 | [@maverickNerd](https://github.com/maverickNerd) 51 | 52 | [@hiddengearz](https://github.com/hiddengearz) 53 | 54 | [@d1pakda5](https://github.com/d1pakda5) 55 | -------------------------------------------------------------------------------- /Dockerfile: -------------------------------------------------------------------------------- 1 | FROM mcr.microsoft.com/dotnet/sdk:6.0.100-bullseye-slim AS build 2 | WORKDIR /app 3 | 4 | RUN curl -sL https://deb.nodesource.com/setup_14.x | bash - 5 | RUN apt-get install -y nodejs 6 | RUN npm install -g @vue/cli 7 | 8 | # copy csproj and restore as distinct layers 9 | COPY *.sln . 10 | COPY ["DAL/ReconNess.Data.Npgsql/ReconNess.Data.Npgsql.csproj", "DAL/ReconNess.Data.Npgsql/"] 11 | COPY ["ReconNess.Web/ReconNess.Web.csproj", "ReconNess.Web/"] 12 | COPY ["ReconNess.Entities/ReconNess.Entities.csproj", "ReconNess.Entities/"] 13 | COPY ["ReconNess.Core/ReconNess.Core.csproj", "ReconNess.Core/"] 14 | COPY ["ReconNess.Worker/ReconNess.Worker.csproj", "ReconNess.Worker/"] 15 | COPY ["ReconNess/ReconNess.csproj", "ReconNess/"] 16 | RUN dotnet restore "ReconNess.Web/ReconNess.Web.csproj" 17 | 18 | # copy everything else and build app 19 | COPY . ./ 20 | WORKDIR /app/ReconNess.Web 21 | RUN dotnet publish -c Release -o /dist 22 | 23 | FROM mcr.microsoft.com/dotnet/aspnet:6.0 AS runtime 24 | WORKDIR /app 25 | 26 | ##################################################################################################################### 27 | # If you want to generate your own certificate with different password 28 | # you can run 29 | # 30 | # dotnet dev-certs https -ep %USERPROFILE%\.aspnet\https\aspnetapp.pfx -p { password here } 31 | # dotnet dev-certs https --trust 32 | # 33 | # and replace `reconness\src\aspnetapp.pfx` with the file `%USERPROFILE%\.aspnet\https\aspnetapp.pfx` generated 34 | # and replace the password that you used `{ password here }` 35 | # ENV ASPNETCORE_Kestrel__Certificates__Default__Password="{ password here }" 36 | ##################################################################################################################### 37 | 38 | COPY aspnetapp.pfx . 39 | 40 | ENV ASPNETCORE_URLS http://+:5000;https://+:5001 41 | ENV ASPNETCORE_Kestrel__Certificates__Default__Password="password" 42 | ENV ASPNETCORE_Kestrel__Certificates__Default__Path="aspnetapp.pfx" 43 | EXPOSE 5000 44 | EXPOSE 5001 45 | 46 | COPY --from=build /dist ./ 47 | 48 | # -------- Agents dependencies -------- 49 | 50 | # To allow run the wrapper 51 | ################################################################################################################################################ 52 | # Change with your username, password and domain where reconness is running. 53 | # 54 | # Ex. 55 | # 56 | # RUN /root/go/bin/reconness-universal-wrapper setup -u myusername -p mypasssord -s http://mydomainorip.com 57 | ################################################################################################################################################# 58 | RUN apt-get update && apt-get install -y git wget unzip python2.7 python-pip python3 python3-pip python-dnspython build-essential 59 | # Install Golang 60 | RUN wget https://golang.org/dl/go1.17.linux-amd64.tar.gz 61 | RUN tar -C /usr/local -xzf go1.17.linux-amd64.tar.gz 62 | RUN export GOPATH=$HOME/go 63 | RUN export PATH=$PATH:/usr/local/go/bin:$GOPATH/bin 64 | 65 | # Enable Go modules support 66 | ENV GO111MODULE=on 67 | 68 | RUN /usr/local/go/bin/go get -u github.com/hiddengearz/reconness-universal-wrapper 69 | RUN /root/go/bin/reconness-universal-wrapper setup -u -p -s 70 | 71 | # To allow run subfinder inside the docker 72 | RUN /usr/local/go/bin/go install -v github.com/projectdiscovery/subfinder/v2/cmd/subfinder@latest 73 | 74 | # To allow run amass inside the docker 75 | RUN cd /tmp/ ; wget https://github.com/OWASP/Amass/releases/download/v3.7.4/amass_linux_amd64.zip ; unzip amass_linux_amd64.zip 76 | RUN mv /tmp/amass_linux_amd64/amass /bin 77 | 78 | # To allow run gobuster inside the docker 79 | RUN /usr/local/go/bin/go install github.com/OJ/gobuster/v3@latest 80 | 81 | # To allow run sublist3r inside the docker 82 | RUN git clone https://github.com/aboul3la/Sublist3r.git 83 | RUN cd Sublist3r && pip install -r requirements.txt 84 | 85 | # To allow run findomain inside the docker 86 | RUN wget https://github.com/Edu4rdSHL/findomain/releases/latest/download/findomain-linux 87 | RUN chmod +x findomain-linux 88 | 89 | # To allow run ffuf inside the docker 90 | RUN /usr/local/go/bin/go install github.com/ffuf/ffuf@latest 91 | 92 | # To allow run httprobe inside the docker 93 | RUN /usr/local/go/bin/go get github.com/tomnomnom/httprobe 94 | 95 | # To allow run ping inside the docker 96 | RUN apt-get install -y iputils-ping 97 | 98 | # To allow run nmap inside the docker 99 | RUN apt-get install -y nmap 100 | 101 | # To allow run takeover inside the docker 102 | RUN git clone https://github.com/m4ll0k/takeover.git 103 | RUN cd takeover && python3 setup.py install 104 | 105 | # To allow run OneForAll inside the docker 106 | RUN git clone https://github.com/shmilylty/OneForAll.git 107 | RUN python3 -m pip install -U pip setuptools wheel 108 | RUN pip3 install -r /app/OneForAll/requirements.txt 109 | 110 | # To allow run zdns inside the docker 111 | RUN git clone https://github.com/zmap/zdns.git 112 | RUN cd zdns && /usr/local/go/bin/go build 113 | 114 | # To allow run knockpy the docker 115 | RUN git clone https://github.com/guelfoweb/knock 116 | RUN cd knock && pip3 install -r requirements.txt 117 | 118 | # To allow run Massdns inside the docker 119 | RUN git clone https://github.com/blechschmidt/massdns.git && cd massdns && make 120 | 121 | # To allow run waybackurls inside the docker 122 | RUN /usr/local/go/bin/go install github.com/tomnomnom/waybackurls@latest 123 | 124 | # To allow run gau inside the docker 125 | RUN /usr/local/go/bin/go install github.com/lc/gau/v2/cmd/gau@latest 126 | 127 | # To allow run naabu inside the docker 128 | RUN wget https://github.com/projectdiscovery/naabu/releases/download/v2.0.3/naabu-linux-amd64.tar.gz 129 | RUN tar -xvf naabu-linux-amd64.tar.gz 130 | RUN cp naabu-linux-amd64 /usr/local/bin/naabu 131 | 132 | # To allow run shuffledns inside the docker 133 | RUN /usr/local/go/bin/go install -v github.com/projectdiscovery/shuffledns/cmd/shuffledns@latest 134 | 135 | # To allow run corsy inside the docker 136 | RUN git clone https://github.com/s0md3v/Corsy.git 137 | RUN cd Corsy && pip3 install -r requirements.txt 138 | 139 | # To allow run dirsearch inside the docker 140 | RUN git clone https://github.com/maurosoria/dirsearch.git 141 | RUN cd dirsearch && pip3 install -r requirements.txt 142 | 143 | # To allow run dnsx inside the docker 144 | RUN /usr/local/go/bin/go install -v github.com/projectdiscovery/dnsx/cmd/dnsx@latest 145 | 146 | # To allow run nuclei inside the docker 147 | RUN /usr/local/go/bin/go install -v github.com/projectdiscovery/nuclei/v2/cmd/nuclei@latest 148 | RUN /root/go/bin/nuclei -update-templates 149 | 150 | # To allow run crlfuzz inside the docker 151 | RUN /usr/local/go/bin/go install -v github.com/dwisiswant0/crlfuzz/cmd/crlfuzz@latest 152 | 153 | # To allow run puredns inside the docker 154 | RUN /usr/local/go/bin/go install -v github.com/d3mondev/puredns/v2@latest 155 | 156 | # To allow run gowitness inside the docker 157 | RUN /usr/local/go/bin/go install -v github.com/sensepost/gowitness@latest 158 | 159 | # -------- End Agents dependencies -------- 160 | 161 | ENTRYPOINT ["dotnet", "ReconNess.Web.dll"] 162 | -------------------------------------------------------------------------------- /default-agents1.5.json: -------------------------------------------------------------------------------- 1 | { 2 | "agents": [{ 3 | "name": "Subfinder", 4 | "category": "Agents Subdomain Enum", 5 | "command": "/root/go/bin/subfinder -d {{rootDomain}} -silent", 6 | "isByRootDomain": "true", 7 | "scriptUrl": "https://raw.githubusercontent.com/reconness/reconness-agents/master/Subfinder/Script", 8 | "repository": "https://github.com/projectdiscovery/subfinder" 9 | }, 10 | { 11 | "name": "Amass", 12 | "category": "Agents Subdomain Enum", 13 | "command": "/bin/amass enum -d {{rootDomain}}", 14 | "isByTarget": "false", 15 | "isByRootDomain": "true", 16 | "isBySubdomain": "false", 17 | "scriptUrl": "https://raw.githubusercontent.com/reconness/reconness-agents/master/Amass/Script", 18 | "repository": "https://github.com/OWASP/Amass" 19 | }, 20 | { 21 | "name": "GoBusterDns", 22 | "category": "Agents Subdomain Enum", 23 | "command": "/root/go/bin/gobuster dns -d {{domain}} -w /app/Content/wordlists/subdomain_enum/default.txt --wildcard -z", 24 | "isByRootDomain": "true", 25 | "scriptUrl": "https://raw.githubusercontent.com/reconness/reconness-agents/master/GoBusterDns/Script", 26 | "repository": "https://github.com/OJ/gobuster#dns-mode-help" 27 | }, 28 | { 29 | "name": "Sublist3r", 30 | "category": "Agents Subdomain Enum", 31 | "command": "python /app/Sublist3r/sublist3r.py -d {{rootDomain}}", 32 | "isByRootDomain": "true", 33 | "scriptUrl": "https://raw.githubusercontent.com/reconness/reconness-agents/master/Sublist3r/Script", 34 | "repository": "https://github.com/aboul3la/Sublist3r" 35 | }, 36 | { 37 | "name": "Findomain", 38 | "category": "Agents Subdomain Enum", 39 | "command": "./findomain-linux -t {{rootDomain}} -r", 40 | "isByRootDomain": "true", 41 | "scriptUrl": "https://raw.githubusercontent.com/reconness/reconness-agents/master/Findomain/Script", 42 | "repository": "https://github.com/Edu4rdSHL/findomain" 43 | }, 44 | { 45 | "name": "Massdns", 46 | "category": "Agents Subdomain Enum", 47 | "command": "/root/go/bin/reconness-universal-wrapper exec \"/app/massdns/bin/massdns -r /app/massdns/lists/resolvers.txt *subdomains -w *outputFile -o S\" -a api/targets/exportSubdomains/{{target}}/{{rootDomain}} --silent", 48 | "isByRootDomain": "true", 49 | "scriptUrl": "https://raw.githubusercontent.com/reconness/reconness-agents/master/Massdns/Script", 50 | "repository": "https://github.com/blechschmidt/massdns" 51 | }, 52 | { 53 | "name": "OneForAll", 54 | "category": "Agents Subdomain Enum", 55 | "command": "/root/go/bin/reconness-universal-wrapper exec \"python3 /app/OneForAll/oneforall.py --target {{rootDomain}} -path *outputDir/*.txt run\" --silent", 56 | "isByRootDomain": "true", 57 | "scriptUrl": "https://raw.githubusercontent.com/reconness/reconness-agents/master/OneForAll/Script", 58 | "repository": "https://github.com/shmilylty/OneForAll" 59 | }, 60 | { 61 | "name": "Knockpy", 62 | "category": "Agents Subdomain Enum", 63 | "command": "python /app/knock/knockpy/knockpy.py {{rootDomain}}", 64 | "isByRootDomain": "true", 65 | "scriptUrl": "https://raw.githubusercontent.com/reconness/reconness-agents/master/Knockpy/Script", 66 | "repository": "https://github.com/guelfoweb/knock" 67 | }, 68 | { 69 | "name": "Shuffledns", 70 | "category": "Agents Subdomain Enum", 71 | "command": "/root/go/bin/shuffledns -d {{rootDomain}} -r /app/Content/wordlists/dns_resolver_enum/default.txt -w /app/Content/wordlists/subdomain_enum/default.txt -massdns /app/massdns/bin/massdns -silent", 72 | "isByRootDomain": "true", 73 | "scriptUrl": "https://raw.githubusercontent.com/reconness/reconness-agents/master/Shuffledns/Script", 74 | "repository": "https://github.com/projectdiscovery/shuffledns" 75 | }, 76 | { 77 | "name": "Ffuf", 78 | "category": "Agents Dir Discovery", 79 | "command": "/root/go/bin/ffuf -w /app/Content/wordlists/dir_enum/default.txt -u https://{{domain}}/FUZZ -mc 200,204", 80 | "isBySubdomain": "true", 81 | "scriptUrl": "https://raw.githubusercontent.com/reconness/reconness-agents/master/Ffuf/Script", 82 | "repository": "https://github.com/ffuf/ffuf" 83 | }, 84 | { 85 | "name": "GoBusterDir", 86 | "category": "Agents Dir Discovery", 87 | "command": "/root/go/bin/gobuster dir -u https://{{domain}} -w /app/Content/wordlists/dir_enum/default.txt -s 200,204 -z -k -r --wildcard", 88 | "isBySubdomain": "true", 89 | "scriptUrl": "https://raw.githubusercontent.com/reconness/reconness-agents/master/GoBusterDir/Script", 90 | "repository": "https://github.com/OJ/gobuster#dir-mode-options" 91 | }, 92 | { 93 | "name": "Dirsearch", 94 | "category": "Agents Dir Discovery", 95 | "command": "/app/dirsearch/dirsearch.py -u {{domain}} -e php -r", 96 | "isBySubdomain": "true", 97 | "scriptUrl": "https://raw.githubusercontent.com/reconness/reconness-agents/master/Dirsearch/Script", 98 | "repository": "https://github.com/maurosoria/dirsearch" 99 | }, 100 | { 101 | "name": "Waybackurls", 102 | "category": "Agents Dir Discovery", 103 | "command": "echo '{{domain}}' | /root/go/bin/waybackurls | grep '^https://{{domain}}'", 104 | "isBySubdomain": "true", 105 | "scriptUrl": "https://raw.githubusercontent.com/reconness/reconness-agents/master/Waybackurls/Script", 106 | "repository": "https://github.com/tomnomnom/waybackurls" 107 | }, 108 | { 109 | "name": "Gau", 110 | "category": "Agents Dir Discovery", 111 | "command": "echo '{{domain}}' | /root/go/bin/gau | grep '^https://{{domain}}'", 112 | "isBySubdomain": "true", 113 | "scriptUrl": "https://raw.githubusercontent.com/reconness/reconness-agents/master/Gau/Script", 114 | "repository": "https://github.com/lc/gau" 115 | }, 116 | { 117 | "name": "Httprobe", 118 | "category": "Agents Scan", 119 | "command": "echo '{{domain}}' | /root/go/bin/httprobe", 120 | "isBySubdomain": "true", 121 | "scriptUrl": "https://raw.githubusercontent.com/reconness/reconness-agents/master/Httprobe/Script", 122 | "repository": "https://github.com/tomnomnom/httprobe" 123 | }, 124 | { 125 | "name": "Ping", 126 | "category": "Agents Scan", 127 | "command": "ping {{domain}} -c 1", 128 | "isBySubdomain": "true", 129 | "scriptUrl": "https://raw.githubusercontent.com/reconness/reconness-agents/master/Ping/Script" 130 | }, 131 | { 132 | "name": "Nmap", 133 | "category": "Agents Scan", 134 | "command": "nmap -T4 {{domain}}", 135 | "isBySubdomain": "true", 136 | "scriptUrl": "https://raw.githubusercontent.com/reconness/reconness-agents/master/Nmap/Script", 137 | "repository": "https://github.com/nmap/nmap" 138 | }, 139 | { 140 | "name": "Takeover", 141 | "category": "Agents Scan", 142 | "command": "python3 /app/takeover/takeover.py -d {{domain}} -v", 143 | "isBySubdomain": "true", 144 | "scriptUrl": "https://raw.githubusercontent.com/reconness/reconness-agents/master/Takeover/Script", 145 | "repository": "https://github.com/m4ll0k/takeover" 146 | }, 147 | { 148 | "name": "Zdns", 149 | "category": "Agents Scan", 150 | "command": "cd /app/zdns/zdns && echo '{{domain}},8.8.8.8' | /usr/local/go/bin/go run main.go A", 151 | "isBySubdomain": "true", 152 | "scriptUrl": "https://raw.githubusercontent.com/reconness/reconness-agents/master/Zdns/Script", 153 | "repository": "https://github.com/zmap/zdns" 154 | }, 155 | { 156 | "name": "Dnsx", 157 | "category": "Agents Scan", 158 | "command": "echo '{{domain}}' | /root/go/bin/dnsx -silent -a -resp", 159 | "isBySubdomain": "true", 160 | "scriptUrl": "https://raw.githubusercontent.com/reconness/reconness-agents/master/Dnsx/Script", 161 | "repository": "https://github.com/projectdiscovery/dnsx" 162 | }, 163 | { 164 | "name": "Naabu", 165 | "category": "Agents Scan", 166 | "command": "naabu -host {{domain}} -silent", 167 | "isBySubdomain": "true", 168 | "scriptUrl": "https://raw.githubusercontent.com/reconness/reconness-agents/master/Naabu/Script", 169 | "repository": "https://github.com/projectdiscovery/naabu" 170 | }, 171 | { 172 | "name": "Corsy", 173 | "category": "Agents Scan", 174 | "command": "python3 /app/Corsy/corsy.py -u https://{{domain}}", 175 | "isBySubdomain": "true", 176 | "scriptUrl": "https://raw.githubusercontent.com/reconness/reconness-agents/master/Corsy/Script", 177 | "repository": "https://github.com/s0md3v/Corsy" 178 | }, 179 | { 180 | "name": "Nuclei", 181 | "category": "Agents Scan", 182 | "command": "/root/go/bin/nuclei -u {{domain}} -t /root/nuclei-templates -silent", 183 | "isBySubdomain": "true", 184 | "scriptUrl": "https://raw.githubusercontent.com/reconness/reconness-agents/master/Nuclei/Script", 185 | "repository": "https://github.com/zmap/zdns" 186 | }, 187 | { 188 | "name": "CRLFuzz", 189 | "category": "Agents Scan", 190 | "command": "/root/go/bin/crlfuzz -u https://{{domain}} -s", 191 | "isBySubdomain": "true", 192 | "scriptUrl": "https://raw.githubusercontent.com/reconness/reconness-agents/master/CRLFuzz/Script", 193 | "repository": "https://github.com/dwisiswant0/crlfuzz" 194 | }, 195 | { 196 | "name": "Puredns", 197 | "category": "Agents Subdomain Enum", 198 | "command": "/root/go/bin/puredns bruteforce /app/Content/wordlists/subdomain_enum/default.txt {{rootDomain}} --resolvers /app/Content/wordlists/dns_resolver_enum/default.txt --bin /app/massdns/bin/massdns -q", 199 | "isByRootDomain": "true", 200 | "scriptUrl": "https://raw.githubusercontent.com/reconness/reconness-agents/master/Puredns/Script", 201 | "repository": "https://github.com/d3mondev/puredns" 202 | }, 203 | { 204 | "name": "Gowitness", 205 | "category": "Agents Screenshot", 206 | "command": "mkdir -p /app/Content/screenshots/{{target}}/{{rootDomain}}/ && /root/go/bin/gowitness single -o /app/Content/screenshots/{{target}}/{{rootDomain}}/{{domain}}.png https://{{domain}}", 207 | "isBySubdomain": "true", 208 | "scriptUrl": "https://raw.githubusercontent.com/reconness/reconness-agents/master/Gowitness/Script", 209 | "repository": "https://github.com/sensepost/gowitness" 210 | } 211 | ] 212 | } 213 | -------------------------------------------------------------------------------- /default-agents.json: -------------------------------------------------------------------------------- 1 | { 2 | "agents": [{ 3 | "name": "Subfinder", 4 | "category": "Agents Subdomain Enum", 5 | "command": "/root/go/bin/subfinder -d {{rootDomain}} -nW -silent", 6 | "isBySubdomain": "false", 7 | "onlyIfIsAlive": "false", 8 | "onlyIfHasHttpOpen": "false", 9 | "skipIfRanBefore": "false", 10 | "scriptUrl": "https://raw.githubusercontent.com/reconness/reconness-agents/master/Subfinder/Script", 11 | "repository": "https://github.com/projectdiscovery/subfinder" 12 | }, 13 | { 14 | "name": "Amass", 15 | "category": "Agents Subdomain Enum", 16 | "command": "/bin/amass enum -d {{rootDomain}}", 17 | "isBySubdomain": "false", 18 | "onlyIfIsAlive": "false", 19 | "onlyIfHasHttpOpen": "false", 20 | "skipIfRanBefore": "false", 21 | "scriptUrl": "https://raw.githubusercontent.com/reconness/reconness-agents/master/Amass/Script", 22 | "repository": "https://github.com/OWASP/Amass" 23 | }, 24 | { 25 | "name": "GoBusterDns", 26 | "category": "Agents Subdomain Enum", 27 | "command": "/root/go/bin/gobuster dns -d {{rootDomain}} -w /app/all.txt --wildcard -z", 28 | "isBySubdomain": "false", 29 | "onlyIfIsAlive": "false", 30 | "onlyIfHasHttpOpen": "false", 31 | "skipIfRanBefore": "false", 32 | "scriptUrl": "https://raw.githubusercontent.com/reconness/reconness-agents/master/GoBusterDns/Script", 33 | "repository": "https://github.com/OJ/gobuster#dns-mode-help" 34 | }, 35 | { 36 | "name": "Sublist3r", 37 | "category": "Agents Subdomain Enum", 38 | "command": "python /app/Sublist3r/sublist3r.py -d {{rootDomain}}", 39 | "isBySubdomain": "false", 40 | "onlyIfIsAlive": "false", 41 | "onlyIfHasHttpOpen": "false", 42 | "skipIfRanBefore": "false", 43 | "scriptUrl": "https://raw.githubusercontent.com/reconness/reconness-agents/master/Sublist3r/Script", 44 | "repository": "https://github.com/aboul3la/Sublist3r" 45 | }, 46 | { 47 | "name": "Findomain", 48 | "category": "Agents Subdomain Enum", 49 | "command": "./findomain-linux -t {{rootDomain}} -r", 50 | "isBySubdomain": "false", 51 | "onlyIfIsAlive": "false", 52 | "onlyIfHasHttpOpen": "false", 53 | "skipIfRanBefore": "false", 54 | "scriptUrl": "https://raw.githubusercontent.com/reconness/reconness-agents/master/Findomain/Script", 55 | "repository": "https://github.com/Edu4rdSHL/findomain" 56 | }, 57 | { 58 | "name": "Massdns", 59 | "category": "Agents Subdomain Enum", 60 | "command": "/root/go/bin/reconness-universal-wrapper exec \"/app/massdns/bin/massdns -r /app/massdns/lists/resolvers.txt *subdomains -w *outputFile -o S\" -a api/targets/exportSubdomains/{{target}}/{{rootDomain}} --silent", 61 | "isBySubdomain": "false", 62 | "onlyIfIsAlive": "false", 63 | "onlyIfHasHttpOpen": "false", 64 | "skipIfRanBefore": "false", 65 | "scriptUrl": "https://raw.githubusercontent.com/reconness/reconness-agents/master/Massdns/Script", 66 | "repository": "https://github.com/blechschmidt/massdns" 67 | }, 68 | { 69 | "name": "OneForAll", 70 | "category": "Agents Subdomain Enum", 71 | "command": "/root/go/bin/reconness-universal-wrapper exec \"python3 /app/OneForAll/oneforall.py --target {{rootDomain}} -path *outputDir/*.txt run\" --silent", 72 | "isBySubdomain": "false", 73 | "onlyIfIsAlive": "false", 74 | "onlyIfHasHttpOpen": "false", 75 | "skipIfRanBefore": "false", 76 | "scriptUrl": "https://raw.githubusercontent.com/reconness/reconness-agents/master/OneForAll/Script", 77 | "repository": "https://github.com/shmilylty/OneForAll" 78 | }, 79 | { 80 | "name": "Knockpy", 81 | "category": "Agents Subdomain Enum", 82 | "command": "python /app/knock/knockpy/knockpy.py {{rootDomain}}", 83 | "isBySubdomain": "false", 84 | "onlyIfIsAlive": "false", 85 | "onlyIfHasHttpOpen": "false", 86 | "skipIfRanBefore": "false", 87 | "scriptUrl": "https://raw.githubusercontent.com/reconness/reconness-agents/master/Knockpy/Script", 88 | "repository": "https://github.com/guelfoweb/knock" 89 | }, 90 | { 91 | "name": "Shuffledns", 92 | "category": "Agents Subdomain Enum", 93 | "command": "/root/go/bin/shuffledns -d {{rootDomain}} -r /app/resolvers.txt -w /app/all.txt -massdns /app/massdns/bin/massdns -silent", 94 | "isBySubdomain": "false", 95 | "onlyIfIsAlive": "false", 96 | "onlyIfHasHttpOpen": "false", 97 | "skipIfRanBefore": "false", 98 | "scriptUrl": "https://raw.githubusercontent.com/reconness/reconness-agents/master/Shuffledns/Script", 99 | "repository": "https://github.com/projectdiscovery/shuffledns" 100 | }, 101 | { 102 | "name": "Ffuf", 103 | "category": "Agents Dir Discovery", 104 | "command": "/root/go/bin/ffuf -w /app/content_discovery_all.txt -u https://{{domain}}/FUZZ", 105 | "isBySubdomain": "true", 106 | "onlyIfIsAlive": "true", 107 | "onlyIfHasHttpOpen": "true", 108 | "skipIfRanBefore": "true", 109 | "scriptUrl": "https://raw.githubusercontent.com/reconness/reconness-agents/master/Ffuf/Script", 110 | "repository": "https://github.com/ffuf/ffuf" 111 | }, 112 | { 113 | "name": "GoBusterDir", 114 | "category": "Agents Dir Discovery", 115 | "command": "/root/go/bin/gobuster dir -u https://{{domain}} -w /app/content_discovery_all.txt -z -k -l -r --wildcard", 116 | "isBySubdomain": "true", 117 | "onlyIfIsAlive": "true", 118 | "onlyIfHasHttpOpen": "true", 119 | "skipIfRanBefore": "true", 120 | "scriptUrl": "https://raw.githubusercontent.com/reconness/reconness-agents/master/GoBusterDir/Script", 121 | "repository": "https://github.com/OJ/gobuster#dir-mode-options" 122 | }, 123 | { 124 | "name": "Dirsearch", 125 | "category": "Agents Dir Discovery", 126 | "command": "/app/dirsearch/dirsearch.py -u {{domain}} -e php -r", 127 | "isBySubdomain": "true", 128 | "onlyIfIsAlive": "true", 129 | "onlyIfHasHttpOpen": "true", 130 | "skipIfRanBefore": "true", 131 | "scriptUrl": "https://raw.githubusercontent.com/reconness/reconness-agents/master/Dirsearch/Script", 132 | "repository": "https://github.com/maurosoria/dirsearch" 133 | }, 134 | { 135 | "name": "Waybackurls", 136 | "category": "Agents Dir Discovery", 137 | "command": "echo '{{domain}}' | /root/go/bin/waybackurls | grep '^https://{{domain}}'", 138 | "isBySubdomain": "true", 139 | "onlyIfIsAlive": "true", 140 | "onlyIfHasHttpOpen": "true", 141 | "skipIfRanBefore": "true", 142 | "scriptUrl": "https://raw.githubusercontent.com/reconness/reconness-agents/master/Waybackurls/Script", 143 | "repository": "https://github.com/tomnomnom/waybackurls" 144 | }, 145 | { 146 | "name": "Gau", 147 | "category": "Agents Dir Discovery", 148 | "command": "echo '{{domain}}' | /root/go/bin/gau | grep '^https://{{domain}}'", 149 | "isBySubdomain": "true", 150 | "onlyIfIsAlive": "true", 151 | "onlyIfHasHttpOpen": "true", 152 | "skipIfRanBefore": "true", 153 | "scriptUrl": "https://raw.githubusercontent.com/reconness/reconness-agents/master/Gau/Script", 154 | "repository": "https://github.com/lc/gau" 155 | }, 156 | { 157 | "name": "Httprobe", 158 | "category": "Agents Scan", 159 | "command": "echo '{{domain}}' | /root/go/bin/httprobe", 160 | "isBySubdomain": "true", 161 | "onlyIfIsAlive": "false", 162 | "onlyIfHasHttpOpen": "false", 163 | "skipIfRanBefore": "true", 164 | "scriptUrl": "https://raw.githubusercontent.com/reconness/reconness-agents/master/Httprobe/Script", 165 | "repository": "https://github.com/tomnomnom/httprobe" 166 | }, 167 | { 168 | "name": "Ping", 169 | "category": "Agents Scan", 170 | "command": "ping {{domain}} -c 1", 171 | "isBySubdomain": "true", 172 | "onlyIfIsAlive": "false", 173 | "onlyIfHasHttpOpen": "false", 174 | "skipIfRanBefore": "true", 175 | "scriptUrl": "https://raw.githubusercontent.com/reconness/reconness-agents/master/Ping/Script" 176 | }, 177 | { 178 | "name": "Nmap", 179 | "category": "Agents Scan", 180 | "command": "nmap -T4 {{domain}}", 181 | "isBySubdomain": "true", 182 | "onlyIfIsAlive": "true", 183 | "onlyIfHasHttpOpen": "false", 184 | "skipIfRanBefore": "true", 185 | "scriptUrl": "https://raw.githubusercontent.com/reconness/reconness-agents/master/Nmap/Script", 186 | "repository": "https://github.com/nmap/nmap" 187 | }, 188 | { 189 | "name": "Takeover", 190 | "category": "Agents Scan", 191 | "command": "python3 /app/takeover/takeover.py -d {{domain}} -v", 192 | "isBySubdomain": "true", 193 | "onlyIfIsAlive": "true", 194 | "onlyIfHasHttpOpen": "true", 195 | "skipIfRanBefore": "true", 196 | "scriptUrl": "https://raw.githubusercontent.com/reconness/reconness-agents/master/Takeover/Script", 197 | "repository": "https://github.com/m4ll0k/takeover" 198 | }, 199 | { 200 | "name": "Zdns", 201 | "category": "Agents Scan", 202 | "command": "cd /app/zdns/zdns && echo '{{domain}},8.8.8.8' | /usr/local/go/bin/go run main.go A", 203 | "isBySubdomain": "true", 204 | "onlyIfIsAlive": "false", 205 | "onlyIfHasHttpOpen": "false", 206 | "skipIfRanBefore": "true", 207 | "scriptUrl": "https://raw.githubusercontent.com/reconness/reconness-agents/master/Zdns/Script", 208 | "repository": "https://github.com/zmap/zdns" 209 | }, 210 | { 211 | "name": "Dnsprobe", 212 | "category": "Agents Scan", 213 | "command": "echo '{{domain}}' | /root/go/bin/dnsprobe -r A", 214 | "isBySubdomain": "true", 215 | "onlyIfIsAlive": "false", 216 | "onlyIfHasHttpOpen": "false", 217 | "skipIfRanBefore": "true", 218 | "scriptUrl": "https://raw.githubusercontent.com/reconness/reconness-agents/master/Dnsprobe/Script", 219 | "repository": "https://github.com/projectdiscovery/dnsprobe" 220 | }, 221 | { 222 | "name": "Naabu", 223 | "category": "Agents Scan", 224 | "command": "/root/go/bin/naabu -host {{domain}} -silent", 225 | "isBySubdomain": "true", 226 | "onlyIfIsAlive": "false", 227 | "onlyIfHasHttpOpen": "false", 228 | "skipIfRanBefore": "true", 229 | "scriptUrl": "https://raw.githubusercontent.com/reconness/reconness-agents/master/Naabu/Script", 230 | "repository": "https://github.com/projectdiscovery/naabu" 231 | }, 232 | { 233 | "name": "Corsy", 234 | "category": "Agents Scan", 235 | "command": "python3 /app/Corsy/corsy.py -u https://{{domain}}", 236 | "isBySubdomain": "true", 237 | "onlyIfIsAlive": "true", 238 | "onlyIfHasHttpOpen": "true", 239 | "skipIfRanBefore": "true", 240 | "scriptUrl": "https://raw.githubusercontent.com/reconness/reconness-agents/master/Corsy/Script", 241 | "repository": "https://github.com/s0md3v/Corsy" 242 | } 243 | ] 244 | } 245 | -------------------------------------------------------------------------------- /default-agents2.json: -------------------------------------------------------------------------------- 1 | { 2 | "agents": [{ 3 | "id": "f63b2fc9-4d2e-40a0-a161-ef9f05fb96a7", 4 | "name": "Subfinder", 5 | "category": "Agents Subdomain Enum", 6 | "command": "/root/go/bin/subfinder -d {{rootDomain}} -silent", 7 | "isByRootDomain": "true", 8 | "scriptUrl": "https://raw.githubusercontent.com/reconness/reconness-agents/master/Subfinder/Script", 9 | "repository": "https://github.com/projectdiscovery/subfinder" 10 | }, 11 | { 12 | "id": "e36ae031-926d-4522-b36e-f4a115c0d838", 13 | "name": "Amass", 14 | "category": "Agents Subdomain Enum", 15 | "command": "/bin/amass enum -d {{rootDomain}}", 16 | "isByTarget": "false", 17 | "isByRootDomain": "true", 18 | "isBySubdomain": "false", 19 | "scriptUrl": "https://raw.githubusercontent.com/reconness/reconness-agents/master/Amass/Script", 20 | "repository": "https://github.com/OWASP/Amass" 21 | }, 22 | { 23 | "id": "949b0548-3ee3-4ad2-9242-5081e7420409", 24 | "name": "GoBusterDns", 25 | "category": "Agents Subdomain Enum", 26 | "command": "/root/go/bin/gobuster dns -d {{domain}} -w /app/Content/wordlists/subdomain_enum/default.txt --wildcard -z", 27 | "isByRootDomain": "true", 28 | "scriptUrl": "https://raw.githubusercontent.com/reconness/reconness-agents/master/GoBusterDns/Script", 29 | "repository": "https://github.com/OJ/gobuster#dns-mode-help" 30 | }, 31 | { 32 | "id": "6caa9468-0ba3-462c-8b8f-67c849bd50ee", 33 | "name": "Sublist3r", 34 | "category": "Agents Subdomain Enum", 35 | "command": "python /app/Sublist3r/sublist3r.py -d {{rootDomain}}", 36 | "isByRootDomain": "true", 37 | "scriptUrl": "https://raw.githubusercontent.com/reconness/reconness-agents/master/Sublist3r/Script", 38 | "repository": "https://github.com/aboul3la/Sublist3r" 39 | }, 40 | { 41 | "id": "8c854ea6-73d2-4cc6-98dd-beb375da6ba9", 42 | "name": "Findomain", 43 | "category": "Agents Subdomain Enum", 44 | "command": "./findomain-linux -t {{rootDomain}} -r", 45 | "isByRootDomain": "true", 46 | "scriptUrl": "https://raw.githubusercontent.com/reconness/reconness-agents/master/Findomain/Script", 47 | "repository": "https://github.com/Edu4rdSHL/findomain" 48 | }, 49 | { 50 | "id": "1a7cb055-b6bd-475b-9a4a-04d3289b639e", 51 | "name": "Massdns", 52 | "category": "Agents Subdomain Enum", 53 | "command": "/root/go/bin/reconness-universal-wrapper exec \"/app/massdns/bin/massdns -r /app/massdns/lists/resolvers.txt *subdomains -w *outputFile -o S\" -a api/targets/exportSubdomains/{{target}}/{{rootDomain}} --silent", 54 | "isByRootDomain": "true", 55 | "scriptUrl": "https://raw.githubusercontent.com/reconness/reconness-agents/master/Massdns/Script", 56 | "repository": "https://github.com/blechschmidt/massdns" 57 | }, 58 | { 59 | "id": "3c9e6508-1ae3-4b7e-bf41-686a9cb3d69e", 60 | "name": "OneForAll", 61 | "category": "Agents Subdomain Enum", 62 | "command": "/root/go/bin/reconness-universal-wrapper exec \"python3 /app/OneForAll/oneforall.py --target {{rootDomain}} -path *outputDir/*.txt run\" --silent", 63 | "isByRootDomain": "true", 64 | "scriptUrl": "https://raw.githubusercontent.com/reconness/reconness-agents/master/OneForAll/Script", 65 | "repository": "https://github.com/shmilylty/OneForAll" 66 | }, 67 | { 68 | "id": "442f1d2b-3607-4d69-8add-389187e4a5e4", 69 | "name": "Knockpy", 70 | "category": "Agents Subdomain Enum", 71 | "command": "python /app/knock/knockpy/knockpy.py {{rootDomain}}", 72 | "isByRootDomain": "true", 73 | "scriptUrl": "https://raw.githubusercontent.com/reconness/reconness-agents/master/Knockpy/Script", 74 | "repository": "https://github.com/guelfoweb/knock" 75 | }, 76 | { 77 | "id": "7e4060ba-61ab-4606-b0dd-76f7e12f3040", 78 | "name": "Shuffledns", 79 | "category": "Agents Subdomain Enum", 80 | "command": "/root/go/bin/shuffledns -d {{rootDomain}} -r /app/Content/wordlists/dns_resolver_enum/default.txt -w /app/Content/wordlists/subdomain_enum/default.txt -massdns /app/massdns/bin/massdns -silent", 81 | "isByRootDomain": "true", 82 | "scriptUrl": "https://raw.githubusercontent.com/reconness/reconness-agents/master/Shuffledns/Script", 83 | "repository": "https://github.com/projectdiscovery/shuffledns" 84 | }, 85 | { 86 | "id": "1294172b-dfc1-4d81-af0e-4068e7aca63c", 87 | "name": "Ffuf", 88 | "category": "Agents Dir Discovery", 89 | "command": "/root/go/bin/ffuf -w /app/Content/wordlists/dir_enum/default.txt -u https://{{domain}}/FUZZ -mc 200,204", 90 | "isBySubdomain": "true", 91 | "scriptUrl": "https://raw.githubusercontent.com/reconness/reconness-agents/master/Ffuf/Script", 92 | "repository": "https://github.com/ffuf/ffuf" 93 | }, 94 | { 95 | "id": "ae613f77-2c02-410b-a680-d49f49de8e3d", 96 | "name": "GoBusterDir", 97 | "category": "Agents Dir Discovery", 98 | "command": "/root/go/bin/gobuster dir -u https://{{domain}} -w /app/Content/wordlists/dir_enum/default.txt -s 200,204 -z -k -r --wildcard", 99 | "isBySubdomain": "true", 100 | "scriptUrl": "https://raw.githubusercontent.com/reconness/reconness-agents/master/GoBusterDir/Script", 101 | "repository": "https://github.com/OJ/gobuster#dir-mode-options" 102 | }, 103 | { 104 | "id": "c501be1c-1869-45a4-adf6-4ad17c31ae32", 105 | "name": "Dirsearch", 106 | "category": "Agents Dir Discovery", 107 | "command": "/app/dirsearch/dirsearch.py -u {{domain}} -e php -r", 108 | "isBySubdomain": "true", 109 | "scriptUrl": "https://raw.githubusercontent.com/reconness/reconness-agents/master/Dirsearch/Script", 110 | "repository": "https://github.com/maurosoria/dirsearch" 111 | }, 112 | { 113 | "id": "67235bbd-7300-4363-a58e-4f9bf9e88aee", 114 | "name": "Waybackurls", 115 | "category": "Agents Dir Discovery", 116 | "command": "echo '{{domain}}' | /root/go/bin/waybackurls | grep '^https://{{domain}}'", 117 | "isBySubdomain": "true", 118 | "scriptUrl": "https://raw.githubusercontent.com/reconness/reconness-agents/master/Waybackurls/Script", 119 | "repository": "https://github.com/tomnomnom/waybackurls" 120 | }, 121 | { 122 | "id": "a3c6b596-4e6e-4561-b7cc-706b1e38a75f", 123 | "name": "Gau", 124 | "category": "Agents Dir Discovery", 125 | "command": "echo '{{domain}}' | /root/go/bin/gau | grep '^https://{{domain}}'", 126 | "isBySubdomain": "true", 127 | "scriptUrl": "https://raw.githubusercontent.com/reconness/reconness-agents/master/Gau/Script", 128 | "repository": "https://github.com/lc/gau" 129 | }, 130 | { 131 | "id": "b8148ffd-8a42-47c5-af43-a7070f3c897d", 132 | "name": "Httprobe", 133 | "category": "Agents Scan", 134 | "command": "echo '{{domain}}' | /root/go/bin/httprobe", 135 | "isBySubdomain": "true", 136 | "scriptUrl": "https://raw.githubusercontent.com/reconness/reconness-agents/master/Httprobe/Script", 137 | "repository": "https://github.com/tomnomnom/httprobe" 138 | }, 139 | { 140 | "id": "b3619edf-3b72-4f4e-b502-5e69cd550202", 141 | "name": "Ping", 142 | "category": "Agents Scan", 143 | "command": "ping {{domain}} -c 1", 144 | "isBySubdomain": "true", 145 | "scriptUrl": "https://raw.githubusercontent.com/reconness/reconness-agents/master/Ping/Script" 146 | }, 147 | { 148 | "id": "a547f6f4-4483-4416-854c-350d142d5cb9", 149 | "name": "Nmap", 150 | "category": "Agents Scan", 151 | "command": "nmap -T4 {{domain}}", 152 | "isBySubdomain": "true", 153 | "scriptUrl": "https://raw.githubusercontent.com/reconness/reconness-agents/master/Nmap/Script", 154 | "repository": "https://github.com/nmap/nmap" 155 | }, 156 | { 157 | "id": "5aa3e269-bd4c-49cd-9dff-09ed92031a85", 158 | "name": "Takeover", 159 | "category": "Agents Scan", 160 | "command": "python3 /app/takeover/takeover.py -d {{domain}} -v", 161 | "isBySubdomain": "true", 162 | "scriptUrl": "https://raw.githubusercontent.com/reconness/reconness-agents/master/Takeover/Script", 163 | "repository": "https://github.com/m4ll0k/takeover" 164 | }, 165 | { 166 | "id": "cbef6d66-5a76-4a17-9993-e6cc5fbeab60", 167 | "name": "Zdns", 168 | "category": "Agents Scan", 169 | "command": "cd /app/zdns/zdns && echo '{{domain}},8.8.8.8' | /usr/local/go/bin/go run main.go A", 170 | "isBySubdomain": "true", 171 | "scriptUrl": "https://raw.githubusercontent.com/reconness/reconness-agents/master/Zdns/Script", 172 | "repository": "https://github.com/zmap/zdns" 173 | }, 174 | { 175 | "id": "823d30d0-a4d6-4e84-b524-381de9fd64a7", 176 | "name": "Dnsx", 177 | "category": "Agents Scan", 178 | "command": "echo '{{domain}}' | /root/go/bin/dnsx -silent -a -resp", 179 | "isBySubdomain": "true", 180 | "scriptUrl": "https://raw.githubusercontent.com/reconness/reconness-agents/master/Dnsx/Script", 181 | "repository": "https://github.com/projectdiscovery/dnsx" 182 | }, 183 | { 184 | "id": "be8670fa-a64e-403f-8757-198de793f94f", 185 | "name": "Naabu", 186 | "category": "Agents Scan", 187 | "command": "naabu -host {{domain}} -silent", 188 | "isBySubdomain": "true", 189 | "scriptUrl": "https://raw.githubusercontent.com/reconness/reconness-agents/master/Naabu/Script", 190 | "repository": "https://github.com/projectdiscovery/naabu" 191 | }, 192 | { 193 | "id": "7311854c-fa8c-4094-a480-3d8eca3dea70", 194 | "name": "Corsy", 195 | "category": "Agents Scan", 196 | "command": "python3 /app/Corsy/corsy.py -u https://{{domain}}", 197 | "isBySubdomain": "true", 198 | "scriptUrl": "https://raw.githubusercontent.com/reconness/reconness-agents/master/Corsy/Script", 199 | "repository": "https://github.com/s0md3v/Corsy" 200 | }, 201 | { 202 | "id": "967bef60-f2b5-4f3c-a51f-6af1fc2078f1", 203 | "name": "Nuclei", 204 | "category": "Agents Scan", 205 | "command": "/root/go/bin/nuclei -u {{domain}} -t /root/nuclei-templates -silent", 206 | "isBySubdomain": "true", 207 | "scriptUrl": "https://raw.githubusercontent.com/reconness/reconness-agents/master/Nuclei/Script", 208 | "repository": "https://github.com/zmap/zdns" 209 | }, 210 | { 211 | "id": "da6dab5c-48e5-4a4b-b176-f77da5e4f6bc", 212 | "name": "CRLFuzz", 213 | "category": "Agents Scan", 214 | "command": "/root/go/bin/crlfuzz -u https://{{domain}} -s", 215 | "isBySubdomain": "true", 216 | "scriptUrl": "https://raw.githubusercontent.com/reconness/reconness-agents/master/CRLFuzz/Script", 217 | "repository": "https://github.com/dwisiswant0/crlfuzz" 218 | }, 219 | { 220 | "id": "4fa692ac-ec48-4fcb-9c71-c48576c86ee6", 221 | "name": "Puredns", 222 | "category": "Agents Subdomain Enum", 223 | "command": "/root/go/bin/puredns bruteforce /app/Content/wordlists/subdomain_enum/default.txt {{rootDomain}} --resolvers /app/Content/wordlists/dns_resolver_enum/default.txt --bin /app/massdns/bin/massdns -q", 224 | "isByRootDomain": "true", 225 | "scriptUrl": "https://raw.githubusercontent.com/reconness/reconness-agents/master/Puredns/Script", 226 | "repository": "https://github.com/d3mondev/puredns" 227 | }, 228 | { 229 | "id": "ac33cc0f-1ff7-48ed-b30b-85df93ecb923", 230 | "name": "Gowitness", 231 | "category": "Agents Screenshot", 232 | "command": "mkdir -p /app/Content/screenshots/{{target}}/{{rootDomain}}/ && /root/go/bin/gowitness single -o /app/Content/screenshots/{{target}}/{{rootDomain}}/{{domain}}.png https://{{domain}}", 233 | "isBySubdomain": "true", 234 | "scriptUrl": "https://raw.githubusercontent.com/reconness/reconness-agents/master/Gowitness/Script", 235 | "repository": "https://github.com/sensepost/gowitness" 236 | } 237 | ] 238 | } 239 | --------------------------------------------------------------------------------