April 6, 2020
  • 5:30 pm Kaboom – Automatic Pentest Bash Script
  • 8:26 pm Archery – A Security Tool
  • 2:51 pm Commix – Automated All-in-One OS command injection and exploitation tool
  • 12:28 pm RouterSploit – Exploitation Framework for Embedded Devices
  • 12:23 pm Dunkin Donuts Hacked & User Information Stolen

This script is intended to automate your reconnaissance process in an organized fashion by performing the following:
[*]Create a dated folder with recon notes
[*]Grab subdomains using Sublist3r and certspotter
[*]Grab a screenshot of responsive hosts
[*]Grab the response header
[*]Perform nmap
[*]Perform dirsearch
[*]Generate a HTML report with output from the tools above
[*]Color coding in report.html for easier reading
[*]Massdns subdomain discovery
[*]Massdns crt.sh subdomain discovery
[*]Find dead dns records
[*]Notify for possible NS Subdomain takeover
[*]Improved reporting and less output while doing the work
[*]Find ip address space of target company

This requires Bug Bounty Hunting Tools in order for the tools to work.
This requires Massdns installed in the root directory https://github.com/blechschmidt/massdns
Get Asnlookup tool from https://github.com/yassineaboukir/asnlookup and install it into ~/tools/
Make sure you download all.zip and unzip it before using the script the file all.txt is a huge wordlist used by massdns.


./lazyrecon.sh -d target.com

DOWNLOAD: https://github.com/plenumlab/lazyrecon