ReconNinja Script

ReconNinja is a powerful reconnaissance tool designed for penetration testers and security researchers. It automates the collection of subdomains, URLs, and parameters from a target domain, helping users to identify potential vulnerabilities.

Table of Contents

• Features
• Installation
• Usage
• Examples
• Contributing

Features

• Collects subdomains using Sublist3r, Subfinder, and Assetfinder.
• Checks HTTP status codes with httpx.
• Fetches URLs using gau and waybackurls.
• Performs Gxss checks on collected parameters.
• Outputs results into organized directories for easy access.

Installation

1. Clone the repository:

   git clone https://github.com/kabi777/ReconNinja.git

   cd ReconNinja
   
   

2. Ensure you have the following tools installed:
   • Sublist3r
   • Subfinder
   • Assetfinder
   • httpx
   • gau
   • waybackurls
   • Gxss
   • jq
   • by do this command

   chmod +x requirements.sh
   

   ./requirements.sh
   
   

3. Make the script executable:

   chmod +x recon_ninja.sh

Usage

Run the script with the following command:

./recon_ninja.sh <domain> [-u] [-c] [-g]

Arguments

• <domain>: The target domain to perform reconnaissance on.
• -u: Fetch main domain URLs and filter all URLs using gau and waybackurls.
• -c: Check all domains from httpx_200.txt with gau and waybackurls.
• -g: Perform Gxss check on parameters collected.

Examples

• Run basic reconnaissance:

  ./recon_ninja.sh example.com

• Run reconnaissance and fetch URLs for the main domain:

  ./recon_ninja.sh example.com -u

• Fetch URLs for all domains from httpx_200.txt:

  ./recon_ninja.sh example.com -c

• Perform Gxss check on collected parameters from main domain:

./recon_ninja.sh example.com -u -g

• Perform Gxss check on collected parameters from all domains:

  ./recon_ninja.sh example.com -c -g 

Contributing

Contributions are welcome! Please create an issue or submit a pull request for any improvements or new features.