Skip to content
/ s1c0n Public

simple recon tool to help you for searching vulnerability on web server

License

Notifications You must be signed in to change notification settings

x0rr-dan/s1c0n

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

93 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

s1c0n

Python License

Terkey



	         ┏━┓╺┓ ┏━╸┏━┓┏┓╻
	         ┗━┓ ┃ ┃  ┃┃┃┃┗┫
	         ┗━┛╺┻╸┗━╸┗━┛╹ ╹ v1.8
                
                    Simple Recon
		    Coded by x0r
	https://github.com/x0rr-dan/s1c0n

	  [?] Usage example: sicon -u target.com

last update:

so far no errors, testing on arch linux 2024.07.01

About:

simple recon tool to help you searching vulnerability on web server. maybe xD

Features:

  1. Auto scan WAF
  2. Auto scan port
  3. Auto scan subdomain
  4. Auto scan dir on web server
  5. wordpress plugin enumeration
  6. Auto detect cms (wordpress, joomla. drupal, moodle)
  7. Auto detect technology (like the server are use, framework, javascript framework, etc. thanks to builtwith librarry :) )

Tested on:

  • Othros linux
  • Kali Linux
  • Debian Linux
  • Parrot Linux
  • Arch Linux

tools that must be installed:

well this tool have function to auto install if some tools is not installed, so just run it with sudo if u using debian based

nmap
wafw00f
sublist3r
subfinder
assetfinder
dirsearch
httprobe

How to install:

pip3 install -r requirements.txt

How to use:

python3 sicon.py -u <target>

screenshoot

241114_22h10m05s_screenshot 241114_22h10m15s_screenshot 241114_22h10m25s_screenshot

next features

general

  • make installer for all distro, so every distro can run

GUI

  • subdomain scanner
  • direcrory scanner
  • wafscan
  • portscan
  • save output scan
  • cms scanner

CLI

  • wordpress user enumeration
  • report scan in html or json output
  • option to use proxy
  • user agent customization (random)
  • custom scan option (maybe with argparse or just simple input)

need improvemenr

  • detection wordpress (its suck)

About

simple recon tool to help you for searching vulnerability on web server

Topics

Resources

License

Stars

Watchers

Forks

Packages

No packages published

Contributors 4

  •  
  •  
  •  
  •  

Languages