iamthefrogy / frogy Goto Github PK

My subdomain enumeration script. It's unique in the way it is built upon.

Python 6.55% Shell 93.45%

bugbounty infosec reconnaissance bug-bounty osint

frogy's Introduction

Made with ❤️ ❤️ ❤️ from

My goal is to create an open-source Attack Surface Management solution and make it capable to find all the IPs, domains, subdomains, live websites, login portals for one company.

How it can help a large company (Some usecases):

Vulnerability management team: Can use the result to feed into their known and unknown assets database to increase their vulnerability scanning coverage.
Threat intel team: Can use the result to feed into their intel DB to prioritize proactive monitoring for critical assets.
Asset inventory team: Can use the result to keep their asset inventory database up-to-date by adding new unknown assets facing Internet and finding contact information for the assets inside your organization.
SOC team: Can use the result to identify what all assets they are monitoring vs. not monitoring and then increase their coverage slowly.
Patch management team: Many large organizations are unaware of their legacy, abandoned assets facing the Internet; they can utilize this result to identify what assets need to be taken offline if they are not being used.

It has multiple use cases depending your organization's processes and technology landscpae.

Logic

Features

🐸 Horizontal subdomain enumeration
🐸 Vertical subdomain enumeration
🐸 Resolving subdomains to IP
🐸 Identifying live web applications
🐸 Identifying all the contextual properties of the web application such as title, content lenght, server, IP, cname, etc. (through httpx tool)

Requirements: Go Language, Python 3.+, jq

Installation

Login as root and run the below command.
bash install.sh

Usage
```
./frogy.sh
```
Demo Scenario 1 Use frogy.sh when you want to start discovery for any new target and you just have their one primary domain.

Output

Output file will be saved inside the output/company_name/webometry.csv folder. Where company_name is any company name which you give as an input to 'Organization Name' at the start of the script.

A very warm thanks to the authors of the tools used in this script.

Warning/Disclaimer: Read the detailed disclaimer at my blog - https://github.com/iamthefrogy/Disclaimer-Warning/blob/main/README.md
Logo credit - www.designevo.com

frogy's People

Contributors

Stargazers

Watchers

Forkers

trendingtechnology josemezavila optionalg kaipullas3c lijinta1984 47hunt alexvechirko cybersecops istoliving munjurhasan444 spiderhehehoho attacker-codeninja saltedgammafish polling-repo-continua billsam zc00l sleepyeinstein tk-t0n0y secfb gitplaya th3blackp3arl ananya-0306 leomatias dimkalin modulexcite hardik-rathod vishalvishw10 bbhunter qran253 zpaav jbrinksmeier kidz0702 kiplimor kaka77 nomaniqbal fabiopw slooppe dznet raystyle tor-0 sudoninja-noob gujjuboy10x00 renganathanofficial resenhacyber dileepkumarjagadabi rangersmyth74 jakre1234 notabombe glyptho yehgdotnet 1n1t6sh3ll fawadkhanfk gprime31 w3llr00t3d rudsarkar butong21 smbowen stmag 0x5a65726f4b65776c racthack quikilr aels cloudguardai dyelyel spongyb vijaysimha123 jimsonzhang araselmir bhishma14 whmsec lalkaltest scriptkkiddie mybrainisrewired rajasekher449 omicrono yakshavingcatherder gok26 mdsabbirkhan subflaw 0xryuk j1nw00-l gopika-subramanian r4vanan srand2 matt-h91 fostane sashka3076 omaramin17 shadowdevnotreal c0nqr0r xmardus elderofz1on rajivraj richard1230 tommalvoriddle dutchcyberguy akbruster waelahmed-dev sagardhakal-photon 0xgodson

frogy's Issues

Installing tools... install.sh: 15: Syntax error: "(" unexpected

Error

./frogy.sh.x
zsh: exec format error: ./frogy.sh.x

There is an invalid flag provided in httpx command:
<httpx -silent -l output/$cdir/$cdir.master -p $portlst -fr -include-chain -store-chain -sc -tech -server -title -cdn -cname -probe -srd output/$cdir/raw_http_responses -o output/$cdir/temp_live.txtls &> /dev/null>

replace with -td or -tech-detect

ports to scan with naabu

Hi, I see that you use 106 ports to scan with naabu, is those the most used ones ?

Pls, if you have any source that includes most used ports by web apps send it to me

Thanks.

I am getting this issue.

Importing a list of domains

Hello frogy,

Thank you for frogy.sh and it is great and had amazing results with it. Noticed that on wide-scope programs with wildcard domains. Frogy is lacking scaling capabilities, would it be possible to implement an argument specifying a list of hosts or modifyingt the existing interactive to accept a list. Example

bash ./frogy.sh -l domains.txt

Warm Regards,

getaddrinfo(whois.verisign-grs.com): Name or service not known

Scan stops in Dnscan

Enter the root domain name (eg: frogy.com):
google.com
Hold on! some house keeping tasks being done...
Creating google directory in the 'output' folder...
Identifying Subdomains
Is this program is in CHAOS dataset? (y/n)? n
connect: Connection refused
connect: Connection refused
Certificate search count: 315
Sublister count: 0
Findomain count: 56846
cat: output/google/dnstemp.txtls: No such file or directory
rm: cannot remove 'output/google/dnstemp.txtls': No such file or directory
Dnscan: 0

It stops in Dnscan:0 and stays there no progress sign

findomain -t $domain_name -q >> output/$org/findomain.txtls

Error:

Findomain count: 152
cat: output/domain/dnstemp.txtls: No such file or directory
rm: cannot remove 'output/domain/dnstemp.txtls': No such file or directory

Looking forward to hearing from you

Image uploaded

Installation script

Does the installation script downloads all required tools or it should be installed manually?