164 lines
5.5 KiB
Python
164 lines
5.5 KiB
Python
#!/usr/bin/python3
|
|
import requests,subprocess,os,threading,argparse,time
|
|
from rich.console import Console
|
|
from rich.panel import Panel
|
|
from rich.align import Align
|
|
from rich.text import Text
|
|
|
|
|
|
#set up arguments
|
|
parser = argparse.ArgumentParser(description="StrikeTeam Recon")
|
|
parser.add_argument("--domain", help="Target Domain")
|
|
parser.add_argument("--br", action="store_true",help="Run Basic Recon Function")
|
|
parser.add_argument("--monitor", action="store_true",help="Monitor Subdomains")
|
|
parser.add_argument("--dedup", action="store_true", help="Deduplicate Subdomains")
|
|
args = parser.parse_args()
|
|
#Variables as Needed
|
|
domain = args.domain
|
|
|
|
### colors
|
|
RED = "\033[31m"
|
|
GREEN = "\033[32m"
|
|
BLUE = "\033[34m"
|
|
PURPLE = "\033[35m"
|
|
RESET = "\033[0m"
|
|
|
|
def basic_recon():
|
|
#subfinder
|
|
# check if subfinder is installed
|
|
if os.path.exists("/usr/bin/subfinder") or os.path.exists("/bin/subfinder"):
|
|
#write subfinder output to .subdomain.md
|
|
with open(".subdomains.md", "w") as subdomain_file:
|
|
subprocess.run(["subfinder", "-d" , domain, " &"], stdout=subdomain_file, check=True)
|
|
else:
|
|
#if subfinder isn't installed, move on
|
|
print(f"{RED}Subfinder is not installed, please install it...\n{RESET}")
|
|
pass
|
|
|
|
|
|
#httpx
|
|
# check if httpx is installed
|
|
if os.path.exists("/usr/bin/httpx") or os.path.exists("/bin/httpx") or os.path.exists("/snap/bin/httpx"):
|
|
command = "cat .subdomains.md | httpx > .urls.md"
|
|
try:
|
|
subprocess.run(command, shell=True, check=True)
|
|
except subprocess.CalledProcessError as e:
|
|
print(f"{RED}Command failed with exit code {e.returncode}{RESET}")
|
|
|
|
else:
|
|
#if httpx isn't installed, move on
|
|
print(f"{RED}httpx is not installed, please install it...\n{RESET}")
|
|
pass
|
|
#wafw00f
|
|
#check if wafw00f is installed
|
|
if os.path.exists("/usr/bin/wafw00f") or os.path.exists("/bin/wafw00f"):
|
|
#write nuclei output to .nuclei.md
|
|
wafw00f_command = "wafw00f -i .urls.md -o .waf-check.md &"
|
|
subprocess.run(wafw00f_command, shell=True, check=True)
|
|
else:
|
|
#if nuclei isn't installed, move on
|
|
print(f"{RED}wafw00f is not installed, please install it...\n{RESET}")
|
|
pass
|
|
|
|
|
|
|
|
#nuclei
|
|
# check if nuclei is installed
|
|
if os.path.exists("/usr/bin/nuclei") or os.path.exists("/bin/nuclei"):
|
|
#write nuclei output to .nuclei.md
|
|
nuclei_command = "nuclei -l .urls.md -s critical,high,medium,low -o .nuclei.md &"
|
|
subprocess.run(nuclei_command, shell=True, check=True)
|
|
else:
|
|
#if nuclei isn't installed, move on
|
|
print(f"{RED}Nuclei is not installed, please install it...\n{RESET}")
|
|
pass
|
|
#subzy
|
|
# check if subzy is installed
|
|
|
|
if os.path.exists("/usr/bin/subzy") or os.path.exists("/bin/subzy"):
|
|
#write nuclei output to .nuclei.md
|
|
subzy_command = "subzy run --targets .sd.md > .sd_takeover.md &"
|
|
subprocess.run(subzy_command, shell=True, check=True)
|
|
else:
|
|
#if subzy isn't installed, move on
|
|
print(f"{RED}Subzy is not installed, please install it...\n{RESET}")
|
|
pass
|
|
|
|
|
|
|
|
|
|
|
|
def dedup(output_file=".new_subdomains.md"):
|
|
# deduplicate subdomain files
|
|
try:
|
|
# Read lines from both files into a set to automatically remove duplicates
|
|
file1 = input("File 1: ")
|
|
file2 = input("File 2: ")
|
|
with open(file1, 'r') as f1, open(file2, 'r') as f2:
|
|
unique_subdomains = set(line.strip() for line in f1 if line.strip())
|
|
unique_subdomains.update(line.strip() for line in f2 if line.strip())
|
|
|
|
# Write the unique subdomains to the output file
|
|
with open(output_file, 'w') as f_out:
|
|
for subdomain in sorted(unique_subdomains):
|
|
f_out.write(subdomain + '\n')
|
|
|
|
print(f"Successfully created {output_file} with {len(unique_subdomains)} unique subdomains.")
|
|
|
|
except FileNotFoundError as e:
|
|
print(f"Error: {e}")
|
|
|
|
|
|
|
|
def monitor_subdomains():
|
|
console = Console()
|
|
panel = Panel("MONITORING SUBDOMAINS", title="Monitor Mode", border_style="white")
|
|
console.print(panel)
|
|
|
|
|
|
while True:
|
|
# 1. Run subfinder to get current subdomains
|
|
# -silent removes banners, -d specifies domain
|
|
print(f"{BLUE}[*] Scanning...{RESET}")
|
|
result = subprocess.run(
|
|
["subfinder", "-d", domain, "-silent"],
|
|
capture_output=True,
|
|
text=True
|
|
)
|
|
current_subs = set(result.stdout.splitlines())
|
|
|
|
# 2. Load existing subdomains from file
|
|
if not os.path.exists(".subdomains.md"):
|
|
open(".subdomains.md", 'a').close() # Create file if it doesn't exist
|
|
|
|
with open(".subdomains.md", "r") as f:
|
|
existing_subs = set(line.strip() for line in f)
|
|
|
|
|
|
# 3. Compare and find NEW subdomains
|
|
new_subs = current_subs - existing_subs
|
|
|
|
# 4. If new ones found, append to file and print
|
|
if new_subs:
|
|
with open(".subdomain.md", "a") as f:
|
|
for sub in new_subs:
|
|
print(f"{RED}New Subdomain Found: {sub}{RESET}")
|
|
f.write(sub + "\n")
|
|
else:
|
|
print(f"{GREEN}[+] No new subdomains found this round.{RESET}")
|
|
|
|
# 5. Wait for 2 hours (7200 seconds)
|
|
print(f"{BLUE}[*] Sleeping for 2 hours...{RESET}")
|
|
time.sleep(7200)
|
|
|
|
|
|
if __name__ == "__main__":
|
|
|
|
if args.br:
|
|
basic_recon()
|
|
if args.monitor:
|
|
monitor_subdomains()
|
|
if args.dedup:
|
|
dedup()
|
|
|