┏━┓╺┓ ┏━╸┏━┓┏┓╻
┗━┓ ┃ ┃ ┃┃┃┃┗┫
┗━┛╺┻╸┗━╸┗━┛╹ ╹ v1.8
Simple Recon
Coded by x0r
https://github.com/x0rr-dan/s1c0n
[?] Usage example: sicon -u target.com
so far no errors, testing on arch linux 2024.07.01
simple recon tool to help you searching vulnerability on web server. maybe xD
- Auto scan WAF
- Auto scan port
- Auto scan subdomain
- Auto scan dir on web server
- wordpress plugin enumeration
- Auto detect cms (wordpress, joomla. drupal, moodle)
- Auto detect technology (like the server are use, framework, javascript framework, etc. thanks to builtwith librarry :) )
- Othros linux
- Kali Linux
- Debian Linux
- Parrot Linux
- Arch Linux
well this tool have function to auto install if some tools is not installed, so just run it with sudo if u using debian based
nmap
wafw00f
sublist3r
subfinder
assetfinder
dirsearch
httprobe
pip3 install -r requirements.txt
python3 sicon.py -u <target>
- make installer for all distro, so every distro can run
- subdomain scanner
- direcrory scanner
- wafscan
- portscan
- save output scan
- cms scanner
- wordpress user enumeration
- report scan in html or json output
- option to use proxy
- user agent customization (random)
- custom scan option (maybe with argparse or just simple input)
- detection wordpress (its suck)