Skip to content

My subdomain enumeration script. It's unique in the way it is built upon.

Notifications You must be signed in to change notification settings

Fawadkhanfk/frogy

 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

frogy

Made with ❤️ ❤️ ❤️ from frogy

Using the combination of different subdomain enumeration tools and logic this script tries to identify more subdomains and root domains in recon.

Logic
Frogy

  • Requirements: Go Language, Python 3.+, jq

  • Tools used in this script - Below tools are covered in the installation process already.

  • Installation

    chmod +x install.sh
    ./install.sh
  • Usage

    ./frogy.sh
  • Demo

    demo

  • Output

    Output will be saved within output/ORG/ORG.master file. 
    If you give 'chintan frogy' as your organization input, then the script will automatically create the 'chintan_frogy' folder inside the 'output' directory.
    

Frogy

TODO

  • ✅ Efficient folder structure management
  • Resolving subdomains using Massdns
  • ✅ Add dnscan for extened subdomain enum scope
  • ✅ Eliminate false positives. Currently around 2% to 4% false positives are there.
  • ✅ Bug Fixed, for false positive reporting of domains and subdomains.
  • ✅ Searching domains through crt.sh via registered organization name from WHOIS instead of domain name created some garbage data. Filtered result to only grab domains and nothing else.
  • ✅ Now finds live websites on all standard/non-standard ports.
  • ✅ Now finds all websites with login portals. It also checks websites home page that redirects to login page automatically upon opening.
  • ✅ Now finds live web application based on top 1000 shodan http/https ports through facet analysis. Uses Naabu for fast port scan followed by httpx. (Credit: @nbk_2000)
  • ✅ Generate CSV (Root domains, Subdomains, Live sites, Login Portals)
  • ✅ Now provides output for resolved subdomains
  • ✅ Added WayBackEngine support from another project
  • ✅ Added BufferOver support from another project.
  • ✅ Added Amass coverage.

Thanks to the authors of the tools used in this script.

Initial repo created - A few weeks back below date.
Date - 4 March 2019, Open-sourced
Date - 19 March 2021, Major changes

Warning/Disclaimer: Read the detailed disclaimer at my blog - https://github.com/iamthefrogy/Disclaimer-Warning/blob/main/README.md
Logo credit - www.designevo.com

About

My subdomain enumeration script. It's unique in the way it is built upon.

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages

  • Shell 93.2%
  • Python 6.8%