Created By : EN-NIARI AMR
Framed By : EL Mostapha chakir
Inspired By : ReconFTW & Black-Dragon & SN1PER
NIRO automates the entire process of reconnaisance for you.
it is used in the phase of Footprinting & reconnaissance.
-
NIRO uses lot of tactiques for reconnaissance for example : subdomain enumeration and search directory and ports scanning which helps you getting the maximum and the most interesting subdomains and directory so that you be ahead of the competition.
-
NIRO also use NMAP, WHOIS, Enum4linux, Dmitry, Nikto, WafW00f and TheHarvester tools of linux in order to properly collect information.
-
NIRO is intended to be a speedy, massively parallel, modular, login brute-forcer.The goal is to support two services that allow remote authentication as possible :
- NIRO performs SSH brute force, because it is one of the most reliable ways to gain SSH access to servers is by brute-forcing credentials. that will ultimately lead to the discovery of valid login credentials.
- NIRO performs FTP brute force, because FTP (File Transfer Protocol ) is a network protocol used to transfer files, it is also the most way to gain access to FTP server for collectiong more informations.
So, what are you waiting for Go Go Go! 💥
Niro is a script of python3, so first of all you have to download python version > 3 :
sudo apt-get update
sudo apt-get install python3.6or
sudo apt-get install software-properties-common
sudo add-apt-repository ppa:deadsnakes/ppa
sudo apt-get update
sudo apt-get install python3.8depending on the version of the machine used
and then download the script with the command line linux :
Note: To use tools of niro you should to download them by requirement.py: python3 requirement.py
All in one:
git clone https://github.com/amr-en-niari/AutomatedScriptNIRO-.git
cd AutomatedScriptNIRO-/
python3 requirement.py
python3 niro.py <Target IP>and you can download also the wordlist of subdomains and directory by the command line linux for using them in the script or use another wordlist :
wget https://raw.githubusercontent.com/amr-en-niari/AutomatedScriptNIRO-/main/the%20Wordlists/Subdomain.txt
wget https://raw.githubusercontent.com/amr-en-niari/AutomatedScriptNIRO-/main/the%20Wordlists/directory-list-2.3-medium.txt
wget https://raw.githubusercontent.com/amr-en-niari/AutomatedScriptNIRO-/main/the%20Wordlists/ftp_wordlist.txt
wget https://raw.githubusercontent.com/amr-en-niari/AutomatedScriptNIRO-/main/the%20Wordlists/ssh_wordlist.txtand at the end to run the script you have to write the command line :
python3 niro.py <IP Target>- WHOIS
- NMAP for vulnerabilities scanning
- enum4linux
- Nikto
- Dmitry
- WafW00f detection
- The Harvester tool
- SUBDOMAINS
- SEARCH DIRECTORY ONLINE OF WEB
- PORT SCANNING
- PASSWORD SPRYING :
[+] SSH Brute Force.
[+] FTP Brute Force.
there's some pictures of NIRO :
- NMAP :
- NIKTO :
- Whois :
- WaW00f :
- enum4linux :
- Sub domain :
- Search Directory :
- Port Scanning :
- SSH Brute Force :
- FTP Brute Force :
