kenzer v3.35 releases: Automated web assets enumeration & scanning

KENZER | Automated web assets enumeration & scanning

Built-in Modules

• blacklist <target>,<regex> – initializes & removes blacklisted targets
• whitelist <target>,<regex> – initializes & keeps only whitelisted targets
• program <target>,<link> – initializes the program to which target belongs
• subenum[-<mode>[active/passive]] <target> – enumerates subdomains
• repenum <target> – enumerates reputation of subdomains
• repoenum <target> – enumerates github repositories
• portenum[-<mode>[100/1000/full/fast]] <target> – enumerates open ports
• servenum <target> – enumerates services
• webenum <target> – enumerates webservers
• headenum <target> – enumerates additional info from webservers
• urlheadenum <target> – enumerates additional info from urls
• asnenum <target> – enumerates asn records
• dnsenum <target> – enumerates dns records
• conenum <target> – enumerates hidden files & directories
• urlenum[-<mode>[active/passive]] <target> – enumerates urls
• socenum <target> – enumerates social media accounts
• subscan <target> – hunts for subdomain takeovers
• reposcan <target> – scans github repositories for api key leaks
• cscan[-<severity>[critical/high/medium/low/info]] <target> – scan with customized templates
• cvescan[-<severity>[critical/high/medium/low/info]] <target> – hunts for CVEs
• vulnscan[-<severity>[critical/high/medium/low/info]] <target> – hunts for other common vulnerabilites
• endscan[-<severity>[critical/high/medium/low/info]] <target> – hunts for vulnerablities in custom endpoints
• idscan[-<severity>[critical/high/medium/low/info]] <target> – identifies applications running on webservers
• portscan <target> – scans open ports (nmap)(slow)
• shodscan <target> – scans open ports (shodan)(fast)
• buckscan <target> – hunts for unreferenced aws s3 buckets
• favscan <target> – fingerprints webservers using favicon
• vizscan <target> – screenshots applications running on webservers
• enum <target> – runs all enumerator modules
• scan <target> – runs all scanner modules
• recon <target> – runs all modules
• hunt <target> – runs your custom workflow
• upload – switches upload functionality
• upgrade – upgrades kenzer to latest version
• monitor <target> – monitors ct logs for new subdomains
• monitor normalize – normalizes the enumerations from ct logs
• monitor db – monitors ct logs for domains in summary/domain.txt
• monitor autohunt <frequency(default=5)> – starts automated hunt while monitoring
• sync – synchronizes the local kenzerdb with github
• kenzer <module> – runs a specific modules
• kenzer man – shows this manual

The Beginner’s Workflow

Demo

Install