Quick, Simple & Working quick scripts for pentesting. Created within 5 mins `\_(^v^)_/`
- autonuce - just automate nuclei against list of subs
- urlfiles - grep files from allurls
- quredir - get open-redirect endpoints from all urls
git clone https://github.com/xerohackcom/quick-pentest-scripts.git && mv quick-pentest-scripts QPS && rm -rf quick-pentest-scripts && cd QPS
- Copy the scripts to your recon directory (you can easily copy paste or use cp command)
Filenames in bold don't work if the name is changed. Pls change the scripts to accomodate your names
assetfinder xyz.com | httprobe | grep -i "https://" | anew subs && bash autonuce.sh
assetfinder xyz.com | httprobe | grep -i "https://" | anew subs && cat subs | gau -b ttf,woff,svg,png,jpeg,jpg,css,bmp,tiff,woff2,ico,icon,PNG,JPG,BMP,CSS,gif,GIF | grep -i "https://" | anew allurls && bash urlfiles.sh && bash quredir.sh
assetfinder + httprobe + https-only + gau + urlfiles.sh + + quredir.sh + autonuce.sh (Very-Heavy - All In One)
assetfinder xyz.com | httprobe | grep -i "https://" | anew subs && cat subs | gau -b ttf,woff,svg,png,jpeg,jpg,css,bmp,tiff,woff2,ico,icon,PNG,JPG,BMP,CSS,gif,GIF | grep -i "https://" | anew allurls && bash urlfiles.sh && bash quredir.sh && bash autonuce.sh