GithubHelp home page GithubHelp logo

kidz0702 / frogy Goto Github PK

View Code? Open in Web Editor NEW

This project forked from iamthefrogy/frogy

0.0 1.0 0.0 1.1 MB

My subdomain enumeration script. It's unique in the way it is built upon.

Python 8.93% Shell 91.07%

frogy's Introduction

frogy

Using the combination of different subdomain enumeration tools and logic this script tries to identify more subdomains and root domains in recon.

Logic
Frogy

  • Requirements: Go Language, Python 3.+, jq

  • Tools used - You must need to install these tools and place them into /usr/bin folder to use this script

    You might require to install WHOIS and JQ depending upon your enviroment. You can install them using the following commands:

     apt install jq
 apt install whois

  • Installation

    git clone https://github.com/iamthefrogy/frogy.git
cd frogy
chmod +x frogy.sh
git clone https://github.com/aboul3la/Sublist3r.git
git clone https://github.com/rbsec/dnscan.git

  • Usage

    ./frogy.sh

  • Output

    Output will be saved within output/ORG/ORG.master file. 
If you give 'chintan frogy' as your organization input, then the script will automatically create the 'chintan_frogy' folder inside the 'output' directory.

Frogy

Frogy

TODO

  • ✅ Efficient folder structure management
  • Resolving subdomains using Massdns
  • ✅ Add dnscan for extened subdomain enum scope
  • ✅ Eliminate false positives. Currently around 2% to 4% false positives are there.
  • ✅ Bug Fixed, for false positive reporting of domains and subdomains.
  • ✅ Searching domains through crt.sh via registered organization name from WHOIS instead of domain name created some garbage data. Filtered result to only grab domains and nothing else.
  • ✅ Now finds live websites on all standard/non-standard ports.
  • ✅ Now finds all websites with login portals. It also checks websites home page that redirects to login page automatically upon opening.
  • ✅ Now finds live web application based on top 1000 shodan http/https ports through facet analysis. Uses Naabu for fast port scan followed by httpx. (Credit: @nbk_2000)
  • Generate CSV (Root domains, Subdomains, Live sites, Login Portals, Technologies used, etc.)

Thanks to the authors of the tools used in this script.

Initial repo created - A few weeks back below date.
Date - 4 March 2019, Open-sourced
Date - 19 March 2021, Major changes

Warning/Disclaimer: Read the detailed disclaimer at my blog - https://github.com/iamthefrogy/Disclaimer-Warning/blob/main/README.md
Logo credit - www.designevo.com

frogy's People

Contributors

iamthefrogy avatar

Watchers

avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.