// ----------------------------------------------------------------------------------------------//
RSS

Waes: A Fast Website Enumeration Together With Scanning Tool For Hackers

Posted by Dan's | Labels:

About WAES: CPH:SEC WAES at a Glance
   Doing HTB or other CTFs enumeration against targets alongside HTTP(S) tin drib dead trivial. It tin acquire tedious to ever run the same script/tests on every box eg. Nmap, Nikto, Dirb together with and then on. H5N1 one-click on target alongside automatic reports coming solves the issue. Furthermore, alongside a script the enumeration procedure tin live on optimized spell saving fourth dimension for hacker. This is what CPH:SEC WAES or Website Auto Enumeration And Scanning is created for. WAES runs 4 steps of scanning against target (see to a greater extent than below) to optimize the fourth dimension pass scanning. While multi heart together with mortal or multi-threaded scanning could live on implemented it volition around sure as shooting acquire boxes to hang together with and then is undesirable.
  • From electrical flow version together with forrad WAES volition include an install script (see blow) equally projection moves from alpha to beta phase. 
  • WAES could convey been developed inwards Python merely skillful Bash projects are postulate to larn Bash. 
  • WAES is currently made for CTF boxes merely is moving towards online uses (see todo section)
WAES Installation together with Running
   Make certain directories are laid upwards correctly inwards supergobuster.sh. Should live on automatic alongside Kali Linux together with Parrot Security OS.
  • Standard directories for lists: SecLists/Discovery/Web-Content together with SecLists/Discovery/Web-Content/CMS 
  • Kali Linux together with Parrot Security OS wordlists directory list:
    /usr/share/wordlists/dirbuster/
WAES Enumeration Process together with Method: 
   The scanning together with enumeration procedure includes iv steps
  • Step 0 - Passive scan - (disabled inwards the electrical flow version):
       whatweb - aggressive mode
       OSIRA (same author) - looks for subdomains     
  • Step 1 - Fast scan
       wafw00 - firewall detection
       nmap alongside http-enum
  • Step 2 - Scan - in-depth
       nmap - alongside NSE scripts: http-date,http-title,http-server-header,http-headers,http-enum,http-devframework,http-dombased-xss,http-stored-xss,http-xssed,http-cookie-flags,http-errors,http-grep,http-traceroute
       nmap alongside vulscan (CVSS 5.0+)
       nikto - alongside evasion H5N1 together with all CGI dirs
       uniscan - all tests except stress examination (qweds)     
  • Step 3 - Fuzzing
    • supergobuster
      gobuster alongside multiple lists
      dirb alongside multiple lists       
    • xss scan (to come)
.. against target spell dumping results files inwards report folder.

To-do list:
  • Implement domain equally input 
  • Add XSS scan 
  • Add SSL/TLS scanning 
  • Add domain scans 
  • Add golismero 
  • Add dirble 
  • Add progressbar 
  • Add CMS detection 
  • Add CMS specific scans

  • Digg
  • Del.icio.us
  • StumbleUpon
  • Reddit
  • RSS
Posted by Dan's

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)