Drystan: Automated information gathering tool for pentest

Drystan

Automated information gathering tool for pentest.

How It Works

1. explore domain information.
2. search and enumerate subDomains/IPs.
3. extract all IP & ports.
4. identify service.
5. detect vulnerability(brute & exploit).

Tools Already Included

1. domain info

• dig
• whois
• nslookup
• theHarvester

2. subdomains

• Sublist3r
• subDomainsBrute

3. class C Network

• BingC

4. port scan

• nmap

5. intrusive scan

• nmap-scripts
• msf-exploits

6. bruteforce

• hydra

7. web application

• BBScan
• WebSOC
• pocscan

Download

git clone https://github.com/Xyntax/Drystan.git
python install.py

You can modify the system settings manually by editing the config file: vi config.py

Usage

python drystan.py DOMAIN/IP [auto] [j1] [j2] [j3]

Argument:
DOMAIN base target(domain) for scanning.
IP base target(ip) for scanning.

Options:
j1 jump subdomain gathering (Sublist3r,subDomainsBrute).
j2 jump port scanning (nmap).
j3 jump bruteforce (hydra).
auto run all steps automaticly with default settings.

Author i@cdxy.me

Source: https://github.com/Xyntax/