Jump to content

Aquatone - HTTP Visual Inspection

cwade12c

By cwade12c,
in Penetration Testing

 Share

Recommended Posts

cwade12c HaxMe Enthusiast

cwade12c

Posted
Posted (edited)

I'd recommend checking this tool out if you are conducting some recon to gain an overview of HTTP-based attack surface. According to the Aquatone Github repository,

Quote

Aquatone is a tool for visual inspection of websites across a large amount of hosts and is convenient for quickly gaining an overview of HTTP-based attack surface.

Aquatone is designed to be as easy to use as possible and to integrate with your existing toolset with no or minimal glue. Aquatone is started by piping output of a command into the tool. It doesn't really care how the piped data looks as URLs, domains, and IP addresses will be extracted with regular expression pattern matching. This means that you can pretty much give it output of any tool you use for host discovery.

IPs, hostnames and domain names in the data will undergo scanning for ports that are typically used for web services and transformed to URLs with correct scheme. If the data contains URLs, they are assumed to be alive and do not undergo port scanning.

You can also use it alongside other tools, like Amass, Nmap, Masscan, etc.

Link to the tool: https://github.com/michenriksen/aquatone

Edited by cwade12c
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Similar Content

    • cwade12c
      People Searching with Public Registries
      By cwade12c
      A lot of people use "people" search engines and Google dorks to find people or information about people, but you can actually find out quite a bit of information via public registries. Consider some of these:
      The Knot - Wedding Registry Search RegistryFinder - Baby Shows and Graduation Search MyRegistry - Wedding, Baby, and Gift List Search Amazon - Registries for Any Occasion Search Bed, Bath, and Beyond - Gift Registry Search The Bump - Baby Registry Search You can also find out PII of anyone in the United States who is registered to vote, by looking at local election registries. Does anyone know other registries to include?
    • cwade12c
      Sn1per - All In One Offensive Security Framework
      By cwade12c
      Sn1per is an opensource AIO offensive security framework that includes features such as:
      Attack Surface Discovery Penetration Testing Visual Recon IT Asset Inventory Vulnerability Management Web Application Scans Reporting OSINT Collection Continuous Scan Coverage Domain Takeover Tools There are also many help topics and integration guides listed directly in the README.
      Link to repository: https://github.com/1N3/Sn1per
    • cwade12c
      Shodan - IoT Recon Toolkit
      By cwade12c
      Shodan is an Internet of Things search engine that allows you to search and scan a wide variety of devices using a wide array of filters. Some will limit their information gathering to things that they see on the web. You can go beyond this, and Shodan is a tool to help with that: phones, controllers, refrigerators, etc. Shodan has powerful dashboards, community curated filters, and a powerful API to let you plug right into their platform.
      Here is a HackerSploit video covering some of the basics of Shodan:
       
      And if you want to check out the engine for yourself...well, here you go!
      Link to website: https://www.shodan.io/
    • cwade12c
      Recon-ng: Web-Based Reconnaissance Framework
      By cwade12c
      The Recon-ng Framework provides a web-based environment to conduct reconnaissance quickly and easily. It is written in python and has a look similar to Metasploit, is modular, and has a development guide for building new modules. Here is an included video introduction to help you learn more about and get started with Recon-ng:
       
      Link to the repository: https://github.com/lanmaster53/recon-ng
    • cwade12c
      emailrep.io - Simple Email Reputation
      By cwade12c
      emailrep.io is a simple tool with a nice API that will tell you information about an email address, including:
      Reputation Level Is it suspicious? References Is it blacklisted? Has its credentials been leaked? Has it been part of any data breach? Is it a spammer? Is it spoofable? And much more. A further description from their website states:
      As this is posted in pentesting, some of the offensive usecases of this tool might include:
      Conduct recon on a target to prepare for credential bruteforcing Constructing targeted phishing attacks Avoid the spam folder There are also defenses ways in which this tool might be used, like to detect phishing attacks, prevent fraud, require additional layer of verification during registration, etc.
      Check it out!
      Link to site: https://emailrep.io/
×
×
  • Create New...