Offensive Security Tool for Reconnaissance and Information Gathering.
Features
- DNS details
- DNS visual mapping using DNS dumpster
- WHOIS information
- TLS Data - supported ciphers, TLS versions, certificate details, and SANs
- Port Scan
- Services and scripts scan
- URL fuzzing and dir/file detection
- Subdomain enumeration - uses Google Dorking, DNS dumpster queries, SAN discovery, and brute-force
- Web application data retrieval:
- CMS detection
- Web server info and X-Powered-By
- robots.txt and sitemap extraction
- Cookie inspection
- Extracts all fuzzable URLs
- Discovers HTML forms
- Retrieves all Email addresses
- Detects known WAFs
- Supports anonymous routing through Tor/Proxies
- Uses asyncio for improved performance
- Saves output to files - separates targets by folders and modules by files
Roadmap and TODOs
- Support multiple hosts (read from the file)
- Rate limit evasion
- OWASP vulnerabilities scan (RFI, RCE, XSS, SQLi etc.)
- SearchSploit lookup on results
- IP ranges support
- CIDR notation support
- More output formats
About
A raccoon is a tool made for reconnaissance and information gathering with an emphasis on simplicity.
It will do everything from fetching DNS records, retrieving WHOIS information, obtaining TLS data, detecting WAF presence and up to threaded dir busting and subdomain enumeration. Every scan outputs to a corresponding file.
As most of Raccoon's scans are independent and do not rely on each other's results, it utilizes Python's asyncio to run most scans asynchronously.
Raccoon supports Tor/proxy for anonymous routing. It uses default wordlists (for URL fuzzing and subdomain discovery) from the amazing SecLists repository but different lists can be passed as arguments.
For more options - see "Usage".
Installation
For the latest stable version:
pip install raccoon-scannergit clone https://github.com/evyatarmeged/Raccoon.git
cd Raccoon
python raccoon_src/main.pyPrerequisites
Raccoon uses Nmap to scan ports as well as utilizes some other Nmap scripts and features. It is mandatory that you have it installed before running Raccoon.
OpenSSL is also used for TLS/SSL scans and should be installed as well.
Usage
Usage: raccoon [OPTIONS]
Options:
--version Show the version and exit.
-t, --target TEXT Target to scan [required]
-d, --dns-records TEXT Comma separated DNS records to query.
Defaults to: A,MX,NS,CNAME,SOA,TXT
--tor-routing Route HTTP traffic through Tor (uses port
9050). Slows total runtime significantly
--proxy-list TEXT Path to proxy list file that would be used
for routing HTTP traffic. A proxy from the
list will be chosen at random for each
request. Slows total runtime
--proxy TEXT Proxy address to route HTTP traffic through.
Slows total runtime
-w, --wordlist TEXT Path to wordlist that would be used for URL
fuzzing
-T, --threads INTEGER Number of threads to use for URL
Fuzzing/Subdomain enumeration. Default: 25
--ignored-response-codes TEXT Comma separated list of HTTP status code to
ignore for fuzzing. Defaults to:
302,400,401,402,403,404,503,504
--subdomain-list TEXT Path to subdomain list file that would be
used for enumeration
-S, --scripts Run Nmap scan with -sC flag
-s, --services Run Nmap scan with -sV flag
-f, --full-scan Run Nmap scan with both -sV and -sC
-p, --port TEXT Use this port range for Nmap scan instead of
the default
--tls-port INTEGER Use this port for TLS queries. Default: 443
--skip-health-check Do not test for target host availability
-fr, --follow-redirects Follow redirects when fuzzing. Default: True
--no-url-fuzzing Do not fuzz URLs
--no-sub-enum Do not bruteforce subdomains
-q, --quiet Do not output to stdout
-o, --outdir TEXT Directory destination for scan output
--help Show this message and exit.Screenshots
HTB challenge example scan:
Results folder tree after a scan:
Continue reading
- Hack Tools
- Hacking Tools Pc
- Usb Pentest Tools
- Hack Tools Mac
- Pentest Tools For Android
- Pentest Tools For Ubuntu
- Hacking Tools And Software
- New Hack Tools
- Hacker Tools Apk
- Hacking Tools For Games
- Hacking Tools Windows
- Hacking Tools 2019
- Pentest Tools Port Scanner
- Hacking Tools Windows 10
- Pentest Tools Find Subdomains
- Underground Hacker Sites
- Pentest Tools Linux
- Pentest Tools Tcp Port Scanner
- Hacker Tools 2020
- Hacker Techniques Tools And Incident Handling
- Hacking Tools For Mac
- Black Hat Hacker Tools
- Hacking Tools For Kali Linux
- Underground Hacker Sites
- Hacker Security Tools
- Hack Tools Online
- Hacking Tools 2020
- Hackrf Tools
- Hacking Tools Hardware
- Android Hack Tools Github
- New Hack Tools
- Pentest Tools Linux
- Hack Tools For Games
- Hacker Tools 2019
- Hacker Tools Windows
- Hacker Tools 2020
- Hacking Tools Online
- Best Hacking Tools 2019
- Hack Tool Apk No Root
- Hacker Tools Free
- Hacking Tools Download
- Hack Tool Apk
- Hacker Tools Mac
- How To Make Hacking Tools
- Pentest Tools List
- Pentest Tools Apk
- Hacks And Tools
- Growth Hacker Tools
- Hack Tools For Pc
- Hack Tools For Windows
- Computer Hacker
- Pentest Recon Tools
- Ethical Hacker Tools
- Hacker Tools Apk
- Install Pentest Tools Ubuntu
- Wifi Hacker Tools For Windows
- Pentest Tools Find Subdomains
- Pentest Tools For Android
- New Hacker Tools
- What Are Hacking Tools
- Pentest Tools Online
- Hacker Tools Apk
- Easy Hack Tools
- Hacking Tools For Windows
- Hacking Tools For Windows
- Pentest Tools Free
- Hacker Tools For Mac
- Free Pentest Tools For Windows
- Beginner Hacker Tools
- Hack Tool Apk No Root
- Hacking Tools Pc
- Pentest Reporting Tools
- Tools Used For Hacking
- Hack Tools
- Hack Tools For Pc
- Underground Hacker Sites
- Pentest Tools Alternative
- How To Install Pentest Tools In Ubuntu
- Best Hacking Tools 2020
- How To Hack
- Hackrf Tools
- Hack Tools For Windows
- Nsa Hacker Tools
- Hak5 Tools
- Pentest Tools Port Scanner
- Hack Tools Online
- Hacking Tools Github
- Tools Used For Hacking
- Pentest Tools Free
- Nsa Hack Tools
- Hacker Tools Software
- Hacker Tools 2020
- Pentest Automation Tools
- Hacker Tool Kit
- Hacker Tools Apk Download
- Pentest Automation Tools
- Hacker Tools Software
- Hacker Techniques Tools And Incident Handling
- Hack Tools Github
- Hacker Tools Windows
- Hacking Tools Free Download
- Hacker Tools Linux
- Termux Hacking Tools 2019
- Hacking Tools Online
- Pentest Tools Alternative
- Hacking Tools Windows
- Pentest Box Tools Download
- Hacking Tools For Pc
- Hacking Tools Mac
- Blackhat Hacker Tools
- Hacker Tools For Mac
- Hacking Tools Online
- Hacker Tools 2020
- Hack Rom Tools
- Black Hat Hacker Tools
- Hack Tools For Mac
- Hack Tools 2019
- Nsa Hack Tools Download
- Hack Tools 2019
- Pentest Tools For Mac
- Pentest Tools Kali Linux
- Hacking Tools Github
- Pentest Tools Linux
- Hacker Tools Hardware
- Hacker Tools 2019
- Hack Tools
- Pentest Tools Android
- Nsa Hack Tools
- Pentest Tools Port Scanner
- Tools 4 Hack
- Pentest Tools Website
- Android Hack Tools Github
- Hacker Tools Github
- Hacking Apps
- Hack Website Online Tool
- Hacking Tools For Pc
- Hacking Tools For Windows 7
- Hacking Tools Kit
- Hack Tool Apk No Root
- World No 1 Hacker Software
- Pentest Box Tools Download
- Github Hacking Tools
- Hacking Tools For Beginners
- Hacker
- Github Hacking Tools
- Hack Tools For Windows
- Black Hat Hacker Tools
- Pentest Tools Find Subdomains
- Pentest Tools Linux
- Hacker Hardware Tools
- Hacking Apps
No comments:
Post a Comment