The script aims to help in classifying vulnerabilities in web applications. The methodology RecoX is arising can spot weaknesses other than OWASP top ten. The script presents information against the target system.
It gathers the information recursively over each subdomain, and IP address for a sophisticated attack. RecoX automates several functions and saves a significant amount of time that requires throughout a manual penetration test.
For more detail please read this document.
Also Read – S3BucketList : Firefox Plugin That Lists Amazon S3 Buckets Found In Requests
Usage
git clone https://github.com/samhaxr/recox
chmod +x recox.sh
./recox.sh
Paste the below command to run the tool from anywhere in the terminal.
mv recox.sh /usr/local/bin/recox
The deep scanner comprises many check-ups including subdomain takeover, A record, passive scan, active scan, CORS misconfiguration, zone transfer test, and web content discovery.
Youtube Tutorial
Kali Linux 2024.4, the final release of 2024, brings a wide range of updates and…
This Go program applies a lifetime patch to PowerShell to disable ETW (Event Tracing for…
GPOHunter is a comprehensive tool designed to analyze and identify security misconfigurations in Active Directory…
Across small-to-medium enterprises (SMEs) and managed service providers (MSPs), the top priority for cybersecurity leaders…
The free and open-source security platform SecHub, provides a central API to test software with…
Don't worry if there are any bugs in the tool, we will try to fix…