3klCon: Automated Recon tool which works with Large and Medium scopes
3klCon Project
Automated Recon tool which works with Large and Medium scopes.
It’s recommended to use it on VPS, it’ll discover secrets and search for vulnerabilities
What’re the tasks it will do?
- Search for subdomains using different tools and resources (Subfinder – Findomain – Amass – Assetfinder – Archive.Org – RapidDNS.io – Riddler.io – JLDC – GitHub-Subdomains – Chaos)
- Search for the 3rd level of subdomains by extracting them using simple Python script and enumerate them using (Subfinder – Findomain – Assetfinder – Archive.Org)
- Resolving Subdomains with basic web ports 80 and 443
- Resolving Subdomains with Special Web ports 81,3000,3001,8000,8080,8443,10000,9000,9443
- Port scanning for all discovered assets using Naabu
- Search for Wayback records using (Hakrawler – GauPlus)
- Enumerate JavaScript files using (SubJs – Wayback Records)
- Extract the files with interesting extensions
- Search for Admin and login panels
- Scan the assets using Nuclei
Tools
- subfinder
- findomain
- assetfinder
- amass
- anew
- github-subdomains
- chaos
- hakrawler
- gauplus
- subjs
- httpx
- python3
- naabu
- nuclei
Notes
- It will take almost 1 ~ 2 hours to run if your target is a medium. So, be patient or use VPS and sleep while running 🙂
- It will collect all the results for every target into a separated directory.