megplus: Automated reconnaissance wrapper

by do son · Published March 3, 2018 · Updated October 25, 2022

megplus

Automated reconnaissance wrapper

About

This wrapper will automate numerous tasks and help you during your reconnaissance process. The script finds common issues, low hanging fruit, and assists you when approaching a target. meg+ also allows you to scan all your in-scope targets on HackerOne in one go — it simply retrieves them using a GraphQL query.

Watch TomNomNom’s talk to learn more about his reconnaissance methodology:

Installation

You will need Golang, Python 2 or 3, and PHP 7.0 to use all the features provided by this tool. On top of that, make sure to install meg, waybackurls, Sublist3r, and gio.

git clone https://github.com/EdOverflow/megplus.git

cd megplus

go get github.com/tomnomnom/meg

go get github.com/tomnomnom/waybackurls

git clone https://github.com/aboul3la/Sublist3r.git

# See https://github.com/aboul3la/Sublist3r#dependencies

Usage

You can either scan a list of hosts or use your HackerOne X-Auth-Token token to scan all the bug bounty programs that you participate in.

$ ./megplus.sh

1) Usage - target list of domains:        ./megplus.sh <list of domains>

2) Usage - target all HackerOne programs: ./megplus.sh -x <H1 X-Auth-Token>

3) Usage - run sublist3r first:           ./megplus.sh -s <single host>



1) Example: ./megplus.sh domains

2) Example: ./megplus.sh -x XXXXXXXXXXXXXXXX

3) Example: ./megplus.sh -s example.com

Usage – Docker

If you don’t feel like installing all the dependencies mentioned above, you can simply run the abhartiya/tools_megplusDocker container, where test.txt is a sample file containing the URLs to test against. In your case, this will be the file containing the URLs you want to test:

docker run -v $(pwd):/megplus abhartiya/tools_megplus test.txt

The command will run the abhartiya/tools_megplus Docker image as a container and mount the pwd onto the container as a volume (at /megplus), which makes the test.txt file available to the container. Once megplus finishes running, the outdirectory will be created in pwd with all the results.