-
-
Notifications
You must be signed in to change notification settings - Fork 208
/
Copy pathNucleiFuzzer.sh
201 lines (170 loc) · 6.33 KB
/
NucleiFuzzer.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
#!/bin/bash
# ANSI color codes
RED='\033[91m'
GREEN='\033[92m'
RESET='\033[0m'
# ASCII art
echo -e "${RED}"
cat << "EOF"
__ _ ____
____ __ _______/ /__ (_) __/_ __________ ___ _____
/ __ \/ / / / ___/ / _ \/ / /_/ / / /_ /_ / / _ \/ ___/
/ / / / /_/ / /__/ / __/ / __/ /_/ / / /_/ /_/ __/ /
/_/ /_/\__,_/\___/_/\___/_/_/ \__,_/ /___/___/\___/_/ v2.4.0
Made by Satya Prakash (0xKayala)
EOF
echo -e "${RESET}"
# Help menu
display_help() {
echo -e "NucleiFuzzer: A Powerful Automation Tool for Web Vulnerability Scanning\n"
echo -e "Usage: $0 [options]\n"
echo "Options:"
echo " -h, --help Display help information"
echo " -d, --domain <domain> Single domain to scan for vulnerabilities"
echo " -f, --file <filename> File containing multiple domains/URLs to scan"
echo " -o, --output <folder> Specify output folder for scan results (default: ./output)"
exit 0
}
# Default output folder
output_folder="./output"
# Get the current user's home directory
home_dir=$(eval echo ~"$USER")
# Excluded extensions
excluded_extensions="png,jpg,gif,jpeg,swf,woff,svg,pdf,json,css,js,webp,woff,woff2,eot,ttf,otf,mp4,txt"
# Check prerequisites
check_prerequisite() {
local tool=$1
local install_command=$2
if ! command -v "$tool" &> /dev/null; then
echo "Installing $tool..."
eval "$install_command"
fi
}
check_prerequisite "nuclei" "go install -v github.com/projectdiscovery/nuclei/v3/cmd/nuclei@latest"
check_prerequisite "httpx" "go install -v github.com/projectdiscovery/httpx/cmd/httpx@latest"
check_prerequisite "uro" "pip3 install uro"
check_prerequisite "katana" "go install -v github.com/projectdiscovery/katana/cmd/katana@latest"
check_prerequisite "waybackurls" "go install github.com/tomnomnom/waybackurls@latest"
check_prerequisite "gauplus" "go install github.com/bp0lr/gauplus@latest"
check_prerequisite "hakrawler" "go install github.com/hakluke/hakrawler@latest"
# Clone repositories if not present
clone_repo() {
local repo_url=$1
local target_dir=$2
if [ ! -d "$target_dir" ]; then
echo "Cloning $repo_url..."
git clone "$repo_url" "$target_dir"
fi
}
clone_repo "https://github.com/0xKayala/ParamSpider" "$home_dir/ParamSpider"
clone_repo "https://github.com/projectdiscovery/nuclei-templates.git" "$home_dir/nuclei-templates"
# Parse command line arguments
while [[ $# -gt 0 ]]; do
key="$1"
case $key in
-h|--help)
display_help
;;
-d|--domain)
domain="$2"
shift
shift
;;
-f|--file)
filename="$2"
shift
shift
;;
-o|--output)
output_folder="$2"
shift
shift
;;
*)
echo "Unknown option: $key"
display_help
;;
esac
done
# Validate input
if [ -z "$domain" ] && [ -z "$filename" ]; then
echo -e "${RED}Error: Please provide a domain (-d) or a file (-f).${RESET}"
display_help
fi
# Ensure output folder exists
mkdir -p "$output_folder"
# Function to validate URLs
validate_input() {
local input=$1
if [[ "$input" =~ ^https?:// ]]; then
echo "$input"
elif [[ "$input" =~ ^[a-zA-Z0-9.-]+$ ]]; then
echo "http://$input" # Add http:// if it's a domain
else
echo -e "${RED}Invalid input: $input${RESET}" >&2
fi
}
# Pre-check input file
validate_file() {
local file=$1
awk '{if ($0 ~ /^[a-zA-Z0-9.-]+$/ || $0 ~ /^https?:\/\//) print $0}' "$file" > "${file}_validated"
echo "${file}_validated"
}
# Step 1: Run URL collection tools
collect_urls() {
local target=$1
local output_file=$2
validated_target=$(validate_input "$target")
if [ -n "$validated_target" ]; then
echo -e "${GREEN}Collecting URLs for $validated_target...${RESET} using ParamSpider"
python3 "$home_dir/ParamSpider/paramspider.py" -d "$target" --exclude "$excluded_extensions" --level high --quiet -o "$output_file"
echo -e "${GREEN}Collecting URLs for $validated_target...${RESET} using Waybackurls"
echo "$validated_target" | waybackurls >> "$output_file"
echo -e "${GREEN}Collecting URLs for $validated_target...${RESET} using Gauplus"
echo "$validated_target" | gauplus -subs -b $excluded_extensions >> "$output_file"
echo -e "${GREEN}Collecting URLs for $validated_target...${RESET} using Hakrawler"
echo "$validated_target" | hakrawler -d 3 -subs -u >> "$output_file"
echo -e "${GREEN}Collecting URLs for $validated_target...${RESET} using Katana"
echo "$validated_target" | katana -d 3 -silent >> "$output_file"
else
echo -e "${RED}Skipping invalid target: $target${RESET}"
fi
}
if [ -n "$domain" ]; then
collect_urls "$domain" "$output_folder/$domain_raw.txt"
elif [ -n "$filename" ]; then
validated_file=$(validate_file "$filename")
while IFS= read -r line; do
collect_urls "$line" "$output_folder/${line}_raw.txt"
cat "$output_folder/${line}_raw.txt" >> "$output_folder/all_raw.txt"
done < "$validated_file"
fi
# Step 2: Validate and deduplicate URLs
validate_urls() {
local input_file=$1
local validated_file=$2
if [ ! -s "$input_file" ]; then
echo -e "${RED}Error: No URLs found in $input_file. Exiting...${RESET}"
exit 1
fi
sort "$input_file" | uro > "$validated_file"
}
if [ -n "$domain" ]; then
validate_urls "$output_folder/$domain_raw.txt" "$output_folder/${domain}_validated.txt"
elif [ -n "$filename" ]; then
validate_urls "$output_folder/all_raw.txt" "$output_folder/all_validated.txt"
fi
# Step 3: Run Nuclei templates
run_nuclei() {
local url_file=$1
echo -e "${GREEN}Running Nuclei on URLs from $url_file...${RESET}"
httpx -silent -mc 200,204,301,302,401,403,405,500,502,503,504 -l "$url_file" \
| nuclei -t "$home_dir/nuclei-templates" -dast -rl 50 -o "$output_folder/nuclei_results.txt"
}
if [ -n "$domain" ]; then
run_nuclei "$output_folder/${domain}_validated.txt"
elif [ -n "$filename" ]; then
run_nuclei "$output_folder/all_validated.txt"
fi
# Step 4: Completion message
echo -e "${RED}Scanning completed. Results are saved in $output_folder.${RESET}"