Suite of tools to automate the boring parts of pentesting. Leverages CLI tools from many other creators.
Automatically scans endpoints, parses results and runs basic cli tools against applicable hosts
Needs:
- scope - a txt file of each IP/domain in the scope of your engagement. nmap -iL format
- Dehashed User::API - Your Dehashed Username and API token
Takes sslscan output and parses it into a CSV that I can copy/paste into my writeups.
Needs:
- ssl.xml - the xml output of sslscan. This is automatically generated by recon.sh
- Complete Vulns for SSLXML parsing (currently only common ones)
- OSINT/Scraping for emails (CrossLinked etc.)