Skip to content

Latest commit

 

History

History
89 lines (72 loc) · 2.29 KB

README.md

File metadata and controls

89 lines (72 loc) · 2.29 KB

s1c0n

Python License

Terkey



	         ┏━┓╺┓ ┏━╸┏━┓┏┓╻
	         ┗━┓ ┃ ┃  ┃┃┃┃┗┫
	         ┗━┛╺┻╸┗━╸┗━┛╹ ╹ v1.8
                
                    Simple Recon
		    Coded by x0r
	https://github.com/x0rr-dan/s1c0n

	  [?] Usage example: sicon -u target.com

last update:

so far no errors, testing on arch linux 2024.07.01

About:

simple recon tool to help you searching vulnerability on web server. maybe xD

Features:

  1. Auto scan WAF
  2. Auto scan port
  3. Auto scan subdomain
  4. Auto scan dir on web server
  5. wordpress plugin enumeration
  6. Auto detect cms (wordpress, joomla. drupal, moodle)
  7. Auto detect technology (like the server are use, framework, javascript framework, etc. thanks to builtwith librarry :) )

Tested on:

  • Othros linux
  • Kali Linux
  • Debian Linux
  • Parrot Linux
  • Arch Linux

tools that must be installed:

well this tool have function to auto install if some tools is not installed, so just run it with sudo if u using debian based

nmap
wafw00f
sublist3r
subfinder
assetfinder
dirsearch
httprobe

How to install:

pip3 install -r requirements.txt

How to use:

python3 sicon.py -u <target>

screenshoot

241114_22h10m05s_screenshot 241114_22h10m15s_screenshot 241114_22h10m25s_screenshot

next features

general

  • make installer for all distro, so every distro can run

GUI

  • subdomain scanner
  • direcrory scanner
  • wafscan
  • portscan
  • save output scan
  • cms scanner

CLI

  • wordpress user enumeration
  • report scan in html or json output
  • option to use proxy
  • user agent customization (random)
  • custom scan option (maybe with argparse or just simple input)

need improvemenr

  • detection wordpress (its suck)