Below are all the tools that must be installed so install these https://github.com/mrco24/OK-VPS tools first and your terminal must be rooted otherwise it may be a problem to install the tools and script in add your Resolver path
- git clone https://github.com/mrco24/PH-Recon
- cd PH-Recon
- chmod +x PH-Recon.sh
- ./PH-Recon.sh sub.txt
- This script will collect all the subdomains using amass, assetfinder, subfinder, findomain, and crt.sh, riddler.io, jldc.me, nmap.bufferover.run
- Gather all the subdomains and put them in a single .txt file.
- Resolves all the subdomains using massdns
- Check http/https services on the given domains using httpx tool.
- All Active Subdomain Screenshot
- This script will collect all the urls using Waybackurl, Gau, gospider, ParamSpider, hakrawler.
- Gather all the urls and put them in a single .txt file.
- This script will Able to sort all the good Urals by filtering.
- FFUF is used in this script to find valid urls.
- Gf tool and its patterns installation and also will set their path automatically.
- It will check for the Following Vulnerablities:
- Subdomain takeover
- Http-Request-Smugglingr
- Open_Port_Find
- CloudFlare_Checker
- Nuclei scan All Active Subdomain
- Advance XSS Scanner
- Sqli Scan All urls
- LFI Scan All urls
- Open Redirect Scan All urls
- Fuzzing mass Subdomain
- Fuzzing All Urls Endpoint
- Subfinder
- Amass
- Assetfinder
- findomain
- crt.sh
- riddler.io
- bufferover.run
- jldc.me
- httprobe
- Nuclei
- Smuggle
- Naabu
- Gowitness
- Cf-Chack
- Nuclei
- Gospider
- Hakrawler
- ParamSpider
- gau
- waybackurls
- paramspider
- Using Bash Script
- sqli
- xss
- lfi
- Open Redirect
- csrf
- Etc
- sqlmap
- nuclei
- dalfox
- kxss
- Gxss
- Nuclei
- nuclei
- content discovery
- content discovery
React
Typescript
Django
Laravel
Facebook
Microsoft
Google
Alibaba
D3
Tencent