updates

gotr00t0day · Sep 16, 2022 · 372a8f7 · 372a8f7
1 parent dcf02d1
commit 372a8f7
Show file tree

Hide file tree

Showing 3 changed files with 59 additions and 45 deletions.
diff --git a/gsec.py b/gsec.py
@@ -5,6 +5,7 @@
 from vuln_db import hostheader_injection, nuclei_vulns, corsmisconfig
 import argparse
 import os
+import asyncio
 
 ##################################################################################
 #                          Good Security Scanner
@@ -56,42 +57,48 @@
 if args.updatetemplates:
     scan.commands("nuclei -ut")
 
-
-if args.target:
-    if args.passive_recon:
-        passive_recon.whois_scan(args.target)
-        passive_recon.dns_info(args.target)
-        passive_recon.shodan_search(args.target)
-        passive_recon.waybackurls_scan(args.target)
-        passive_recon.certsh(args.target)
-    else:
-        fetch_requests.do_requests(args.target)
-        ip = urltoip.get_ip(args.target)
-        print(f"{Fore.MAGENTA}[+] {Fore.CYAN}-{Fore.WHITE} IP: {Fore.GREEN}{ip}")
-        if "https://" in args.target:
-            print(f"{Fore.MAGENTA}[+] {Fore.CYAN}-{Fore.WHITE} PROTOCOL: {Fore.GREEN}https")
-        if "http://" in args.target:
-            print(f"{Fore.MAGENTA}[+] {Fore.CYAN}-{Fore.WHITE} PROTOCOL: {Fore.GREEN}http")
-        optionscheck.Get_Options(args.target)
-        portscanner.portscanner(args.target)
-        fetch_requests.get_headers(args.target)
-        scan.commands(f"python3 {os.path.abspath(os.getcwd())}/utils/securityheaders.py --target {args.target} --headers X-XSS-Protection")
-        scan.commands(f"python3 {os.path.abspath(os.getcwd())}/utils/securityheaders.py --target {args.target} --headers Content-Security-Policy")
-        scan.commands(f"python3 {os.path.abspath(os.getcwd())}/utils/securityheaders.py --target {args.target} --headers Strict-Transport-Security")
-        scan.commands(f"python3 {os.path.abspath(os.getcwd())}/utils/securityheaders.py --target {args.target} --headers X-Content-Type-Options")
-        scan.commands(f"python3 {os.path.abspath(os.getcwd())}/utils/securityheaders.py --target {args.target} --headers X-Frame-Options")
-        cmsscanner.main(args.target)
-        phpcheck.php_ident(args.target)
-        techscanner.Tech(args.target)
-        robots.robots_scan(args.target)
-        auth_tokens.auth_tokens(args.target)
-        favicon.favicon_hash(args.target)
-        nuclei_vulns.nuclei_nginx_scan(args.target)
-        nuclei_vulns.nuclei_cve_scan(args.target)
-        nuclei_vulns.nuclei_headercommandinjection_scan(args.target)
-        shellshock.shellshock_scan(args.target)
-        corsmisconfig.cors_scan(args.target)
-        loginscanner.admin_list(args.target)
-        hostheader_injection.host_header_injection(args.target)
-        print("\n")
-        print(f"\t\t {Fore.MAGENTA} SCAN FINISHED{Fore.LIGHTMAGENTA_EX}!{Fore.MAGENTA}!{Fore.YELLOW}!{Fore.RESET}")
+async def main():
+    if args.target:
+        if args.passive_recon:
+            await asyncio.gather(
+                passive_recon.whois_scan(args.target),
+                passive_recon.dns_info(args.target),
+                passive_recon.shodan_search(args.target),
+                passive_recon.waybackurls_scan(args.target),
+                passive_recon.certsh(args.target),
+            )
+
+        else:
+            fetch_requests.do_requests(args.target)
+            ip = urltoip.get_ip(args.target)
+            print(f"{Fore.MAGENTA}[+] {Fore.CYAN}-{Fore.WHITE} IP: {Fore.GREEN}{ip}")
+            if "https://" in args.target:
+                print(f"{Fore.MAGENTA}[+] {Fore.CYAN}-{Fore.WHITE} PROTOCOL: {Fore.GREEN}https")
+            if "http://" in args.target:
+                print(f"{Fore.MAGENTA}[+] {Fore.CYAN}-{Fore.WHITE} PROTOCOL: {Fore.GREEN}http")
+            optionscheck.Get_Options(args.target)
+            portscanner.portscanner(args.target)
+            fetch_requests.get_headers(args.target)
+            scan.commands(f"python3 {os.path.abspath(os.getcwd())}/utils/securityheaders.py --target {args.target} --headers X-XSS-Protection")
+            scan.commands(f"python3 {os.path.abspath(os.getcwd())}/utils/securityheaders.py --target {args.target} --headers Content-Security-Policy")
+            scan.commands(f"python3 {os.path.abspath(os.getcwd())}/utils/securityheaders.py --target {args.target} --headers Strict-Transport-Security")
+            scan.commands(f"python3 {os.path.abspath(os.getcwd())}/utils/securityheaders.py --target {args.target} --headers X-Content-Type-Options")
+            scan.commands(f"python3 {os.path.abspath(os.getcwd())}/utils/securityheaders.py --target {args.target} --headers X-Frame-Options")
+            cmsscanner.main(args.target)
+            phpcheck.php_ident(args.target)
+            techscanner.Tech(args.target)
+            robots.robots_scan(args.target)
+            auth_tokens.auth_tokens(args.target)
+            favicon.favicon_hash(args.target)
+            nuclei_vulns.nuclei_nginx_scan(args.target)
+            nuclei_vulns.nuclei_cve_scan(args.target)
+            nuclei_vulns.nuclei_headercommandinjection_scan(args.target)
+            shellshock.shellshock_scan(args.target)
+            corsmisconfig.cors_scan(args.target)
+            loginscanner.admin_list(args.target)
+            hostheader_injection.host_header_injection(args.target)
+            print("\n")
+            print(f"\t\t {Fore.MAGENTA} SCAN FINISHED{Fore.LIGHTMAGENTA_EX}!{Fore.MAGENTA}!{Fore.YELLOW}!{Fore.RESET}")
+
+if __name__ == "__main__":
+    asyncio.run(main())
diff --git a/modules/scan.py b/modules/scan.py
@@ -0,0 +1,7 @@
+import subprocess
+
+def commands(cmd):
+    try:
+        subprocess.check_call(cmd, shell=True)
+    except:
+        pass
diff --git a/utils/passive_recon.py b/utils/passive_recon.py
@@ -13,14 +13,14 @@ def commands(cmd):
         pass
 
 
-def whois_scan(domain: str) -> str:
+async def whois_scan(domain: str) -> str:
     w = whois.whois(domain)
     name_servers = w.name_servers
     registrar = w.registrar
     print(f"{Fore.MAGENTA}[+] {Fore.CYAN}-{Fore.WHITE} Name Servers: {Fore.GREEN}{', '.join(map(str,name_servers))}")
     print(f"{Fore.MAGENTA}[+] {Fore.CYAN}-{Fore.WHITE} Registrar: {Fore.GREEN}{registrar}")
 
-def dns_info(domain: str) -> str:
+async def dns_info(domain: str) -> str:
     mx = []
     if "https://" in domain:
         domain = domain.replace("https://", "")
@@ -39,7 +39,7 @@ def dns_info(domain: str) -> str:
         print(f"{Fore.MAGENTA}[+] {Fore.CYAN}-{Fore.WHITE} SOA: {Fore.GREEN}{state_of_authority.to_text()}")
     print(f"{Fore.MAGENTA}[+] {Fore.CYAN}-{Fore.WHITE} MX: {Fore.GREEN}{', '.join(map(str,mx))}")
 
-def shodan_search(domain: str) -> str:
+async def shodan_search(domain: str) -> str:
     with open(f"core/.shodan", "r") as f:
         key = f.readlines()
         api = shodan.Shodan(key)
@@ -56,7 +56,7 @@ def shodan_search(domain: str) -> str:
         except socket.herror:
             pass
 
-def waybackurls_scan(domain: str) -> str:
+async def waybackurls_scan(domain: str) -> str:
     cmd = f"waybackpy --url {domain} --user_agent 'my-user-agent' --known_urls | head -10000"
     p = subprocess.Popen(cmd, shell=True, stdout=subprocess.PIPE, stderr=subprocess.STDOUT)
     check, err = p.communicate()
@@ -66,7 +66,7 @@ def waybackurls_scan(domain: str) -> str:
     print(f"{Fore.MAGENTA}[+] {Fore.CYAN}-{Fore.WHITE} Waybackurls: {Fore.GREEN} Saved to /output/waybackurls.txt")
 
 
-def certsh(site: str) -> str:
+async def certsh(site: str) -> str:
     if "https://" in site:
         site = site.replace("https://", "")
     if "http://" in site:
@@ -80,7 +80,7 @@ def certsh(site: str) -> str:
         f.writelines(out)
         print(f"{Fore.MAGENTA}[+] {Fore.CYAN}-{Fore.WHITE} Subdomains: {Fore.GREEN} Saved to /output/subdomains.txt")
 
-def rapiddns(site: str) -> str:
+async def rapiddns(site: str) -> str:
     if "https://" in site:
         site = site.replace("https://", "")
     if "http://" in site: