An Advanced Automation Tool For Web-Recon Developed For Linux Systems
It’s A Tool To Automate The Web Reconnaissance Proccess, Which Make It Easier To Gather Informations About Your Target. This Tool Will Help You In Your Bug Hunting Or Web Penetration Testing Operation Because It Not Only Gather Informations About The Target, But Also It Arranges All These Information In A Structed Way Which Makes You Analyse The Data In A Good Way.
This Tool Works In Linux Systems, Specially In Debian & Debian Based Systems.
Tested On:
- Kali Linux
- Parrot OS
- Back Box
And Other Debian Based Linux Distro’s
What Is The Best Use For This Tool ?
This Is An Automated Tool, So Simply You Give It A Target Then Simply The Tool Took All The Information & And Save The Results In Ordered Directories & Files, But When You Do The Recon You Just Use This Tool, But Also You Should Do Some Manual Activity, This Mindmap Shows The Whole Operation Of BlackDragon Recon Methodology:
So Any Tool Based Recon In This Methodology, I Put It Here In This Automation Tool, But I Prefer To Do So Recon Manually, So First You Should Search Deeply In The IOT Search Engines Like:
Also You Should Search In Some FTP Search Engines Like:
When You Wanna Make A Powerfull Recon, You Should Also Look At:
- Hunter.io -> For Target Email Searching
- Public-WWW -> For String Searching In Public Source Codes
What Did This Tool D
Subdomain-Gathering Using:
- Subfinder
- Sublist3r
- Amass
- Enum:
- Active Recon
- Passive Recon
- Intel:
- Active Recon
- Enum:
- Assetfinder
- Knockpy
- github-subdomains
Getting The Whole Subdomain Gathered Then Filter The Unique Domains And Extract The Only Live Subdomain Using:
- httpx
Fuzzing The Application Target Based Using:
- Gobuster
- Dirsearch
- Dirb
Endpoints Gathering Using:
- Waybackurls
- github-endpoints
DNS Information Gathering Using:
- DNSMap
- DNSEnum
- MassDNS
- Gobuster
Port Scanning
- rustscan
What’s New In This Version [2.0]
- Bug Fixes
- Amass Enum Passive & Active Recon
- Amass Intel Passive & Active Recon
- Domains Ports Discovery & Screen Shootig
- Vulnerability Scanning:
- CVE Scanning
- Workflow Scanning
- Default-Logins Scanning
- Takeovers Scanning
- Exposed Panels Scanning
- IoT Search Engine Recon [Shodan]:
- Domain Info Gathering
- Host Info Gathering
- Honeypot Checker
- HTTP & HTTPS Filtering
- Smarter Functionalities
Installation
Be Sure To Delete The Previous Version The Install The New
First Delete The Previous Version If Exists:
rm -rf BlackDragon
Then Simply After Cloning The Repository By Typing :
git clone https://github.com/Cyber-Guy1/BlackDragon.git
Then Open Up The BlackDragon Directory:
cd BlackDragon/
After That Give The Execution Permission To The Installation Script And The Tool Script:
chmod +x install; chmod +x Black-Dragon
Finally Run The Installation Script:
./install
Tool Using Syntax:
Simply:
./Black-Dragon example.com
Tool Output Example
cyber-guy@Security:~/BlackDragon$ ./Black-Dragon google.com
`.-:/+oosssoo+/::-.
`:oydmNNMMMMMMMMMMMMMNNNmdyo/-`
-dNMMMMMMMMMMMMMMMMMMMMMMMMMMMNmh+-`
........-:/oydNMMMMMMMMMMMMMMMMMMNms:`
.:os `.yMMMMMMMMMMMMMMMMMMMMNd+`
:ymMm/ ``.oMMMMMMMMMMMMMMMMMMMMMMMm/
..++yhNMMMmmmmmmMMMMMMMMMMMMMMMMMMMMMMMMMMh.
`/ymNMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMs:omd.
.smMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMM/ `+y`
/NdoyMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMN/ .-
`NMddNMMMMMMNmNMddddmNNMMMMMMMMMMMMMMMMMMMMMMMMMy-
`oddddhyso/-.`.-` ```.-:ohNMMMMMMMMMMMMMMMMMMMMMMNy-
``` ``.. .+dMMMMMMMMMMMMMMMMMMMMMMNo
./ohdmmo```.. `/mMMMMMMMMMMMMMMMMMMMMMMs
.+hNMMMMMMNmmmmm:.....` .dMMMMMMMMMMMMMMMMMMMMMM-
`omMMNNmmmNNMMMMMMMNmmm+-. `mMMMMMMMMMMMMMMMMN+:yM/
`hMmy/-.....-:/ohmNMMMMo +MMMMMMMMMMMMMMMMh `m`
sMd. `-sNMMs -MMMMMMMMMMMMMMMMs ..
NM+ .yMN +MMMMMMMMMMMMMMMM/
NMh` `hm .mMMMMMMMMMMMMMMMm`
sMMy. -- :mMMMMMMMMMMMMMMMM/
`dMMNs-` `:yMMMMMMMMMMdymMMMN+
.hMMMMds/-.` `.-+ymMMMMMMMMMMNo` hMMm:
+mMMMMMMNdhyysssyyhdNMMMMMMMMMMMMms. +Mmo`
`/ymMMMMMMMMMMMMMMMMMMMMMMMMNmh/` +s:`
`:ohmNNMMMMMMMMMMMMNNNdy+:`
.-:/+osssso++/:.`
An Automated Tool For Web-Recon
Developed By Momen Ali
The CyberGuy
v-2.0
_ __________ _ __
| | / / _/ __ | |/ /
| | / // // /_/ | /
| |/ _/ // ____/ |
|___/___/_/ /_/|_|
====================================
Banner
====================================
[+] Target Domain => google.com
[+] Date => 05-05-2021
[+] Current User => cyber-guy
-------------------------------------
[+] Current Recon Path: => /home/cyber-guy/BlackDragon/google.com/05-05-2021
====================================
BlackDragon (this link opens in a new window) by Cyber-Guy1 (this link opens in a new window)
An Adavnced Automation Tool For Web-Recon Developed For Linux Systems