WAES is nothing but Web Auto Enum & Scanner. Doing HTB or other CTFs enumeration against targets with HTTP(S) can become trivial. It can get tiresome to always run the same script/tests on every box eg. nmap, nikto, dirb and so on.
A one-click on target with automatic reports coming solves the issue. Furthermore, with a script the enum process can be optimised while saving time for hacker. This is what CPH:SEC WAES or Web Auto Enum & Scanner is created for. WAES runs 4 steps of scanning against target (see more below) to optimise the time spend scanning.
While multi core or multi-threaded scanning could be implemented it will almost surely get boxes to hang and so is undesirable.
$> git clone https://github.com/Shiva108/WAES.git
$> cd WAES
$> sudo ./install.sh
Make sure directories are set correctly in supergobuster.sh. Should be automatic with Kali & Parrot Linux.
Web Auto Enum & Scanner – Auto enums website(s) and dumps files as result.
################################################################ Web Auto Enum & Scanner
Auto enums website(s) and dumps files as result ################################################################
Usage: waes.sh -u {IP} waes.sh -h
-h shows this help
-u IP to test eg. 10.10.10.123
-p port nummer (default=80)
Example: ./waes.sh -u 10.10.10.130 -p 8080
Also Read – Skadi : Collect, Process & Hunt With Host Based Data From MacOS, Windows & Linux
Step 0 – Passive scan – (disabled in the current version)
Step 1 – Fast scan
Step 2 – Scan – in-depth
Step 3 – Fuzzing
.. against target while dumping results files in report/ folder.
GitButler is a git client that lets you work on multiple branches at the same…
Self-spreading to other Minecraft servers using an extendable, module-based lateral movement system. Crafty Controller Auth'd…
ModTask is an advanced C# tool designed for red teaming operations, focusing on manipulating scheduled…
HellBunny is a malleable shellcode loader written in C and Assembly utilizing direct and indirect…
SharpRedirect is a simple .NET Framework-based redirector from a specified local port to a destination…
Flyphish is an Ansible playbook allowing cyber security consultants to deploy a phishing server in…