Yuyu Scanner is a Web Reconnaissance & Web Analysis Scanner to find assets and information about targets.

Related tags

Security related resourcesYuyu_Scanner
Overview

Yuyu Scanner

Yuyu Scanner is a Web Reconnaissance & Web Analysis Scanner to find assets and information about targets.

installation

   ! run as root
   ~$ chmod +x install.sh
   ~$ ./install.sh

Preview

GUI

This Gui is made using Electron JS and Bootstrap

CLI

This CLI was created using the python language program

REPORTING

Features

  • Available for Gui Version

  • Subdomain Discovery with Passive Method from Public Api

              http://web.archive.org/
          https://threatcrowd.org/
          https://urlscan.io/
          https://rapiddns.io/
          https://otx.alienvault.com/
          https://dnsdumpster.com/
          https://crt.sh/
          https://api.threatminer.org/
          https://api.certspotter.com/
          https://api.hackertarget.com/
          https://riddler.io/
          http://index.commoncrawl.org/

  • Top 10 port scanning with NMAP

  • Url Discovery from waybackurl

  • IP Discovery

  • Title Discovery of target

  • Common sensitive files Discovery

  • Status code Discovery from subdomain result

  • Reverse IP with Passive Method from Public Api

  • Checking Collected Subdomain and IP Address

  • Email Address Discovery with Passive Method from Public Api

  • WHOIS Lookup

  • Save all Discovery result

  • Generate HTML Report

  • Generate JSON Report

  • Multiprocessing

Usage

  • Basic Arguments:

            ~$ python3 yuyu.py -u domain.com [arg]


            -h, --help            show this help message and exit
            -u URL, --url URL     Target URL
            -g, --gui             Run Yuyu in Gui Mode
            -sp, --scanport       Port Discovery from Discovery IP
            -ri, --revip          Reverse IP from target URL
            -wl, --whois          Whois Lookup from target URL
            -cu, --collecturl     Collect URL from target URL & Subdomain Result
            -ed, --emaildiscover  Email Discovery jfrom Subdomain Result
            -fs, --filesensitive  Find Sensitive Files from Subdomain Result

Run Gui

  bash gui.sh run

Stop Gui

  bash gui.sh stop

Publication

Contact me

References

Credits & Thanks

Owner
Justakazh
random people
Justakazh
GitHub Repository
A tool to find good RCE From my series: A powerful Burp extension to make bounties rain

A tool to find good RCE From my series: A powerful Burp extension to make bounties rain

52 Dec 16, 2022
command injection vulnerability in the web server of some Hikvision product. Due to the insufficient input validation, attacker can exploit the vulnerability to launch a command injection attack by sending some messages with malicious commands.

CVE-2021-36260 CVE-2021-36260 POC command injection vulnerability in the web server of some Hikvision product. Due to the insufficient input validatio

Aiminsun 165 Dec 21, 2022
CVE-2022-21907 - Windows HTTP协议栈远程代码执行漏洞 CVE-2022-21907

CVE-2022-21907 Description POC for CVE-2022-21907: Windows HTTP协议栈远程代码执行漏洞 creat

antx 365 Nov 30, 2022
Python lib to automate basic QFT calculations like Wick-contractions.

QFTools Python lib to automate basic QFT calculations like Wick-contractions. Features Wick contractions for real scalar fields Wick contractions for

2 Aug 21, 2022
CSAW 2021 writeups

CSAW 2021 Writeups Challenge Category Solved by The Magic Modbus ics root2thrill Lazy Leaks Forensics root2thrill Poem Collection warm-up root2thrill

7 Oct 06, 2021
Buff A simple BOF library I wrote under an hour to help me automate with BOF attack

What is Buff? A simple BOF library I wrote under an hour to help me automate with BOF attack. It comes with fuzzer and a generic method to generate ex

0x00 3 Nov 21, 2022
A OSINT tool coded in python

Argus Welcome to Argus, a OSINT tool coded in python. Disclaimer I Am not responsible what you do with the information that is given to you by my tool

Aidan 2 Mar 20, 2022
Windows Stack Based Auto Buffer Overflow Exploiter

Autoflow - Windows Stack Based Auto Buffer Overflow Exploiter Autoflow is a tool that exploits windows stack based buffer overflow automatically.

Himanshu Shukla 19 Dec 22, 2022
Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user

About Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user Changed from sam-the-admin. Usage SAM THE ADMIN CVE-202

Evi1cg 500 Jan 06, 2023
Tools to make working the Arch Linux Security Tracker easier

This is a collection of Python scripts to make working with the Arch Linux Security Tracker easier.

Jonas Witschel 6 Jul 13, 2022
Fast and easy way to rollout on multiple GitLab project file a particular content.

Volatile Fast and easy way to rollout on multiple GitLab project file a particular content. Why ? After looking for a tool to simply enforce a develop

Lujeni 4 Jan 17, 2022
Generate malicious files using recently published bidi-attack (CVE-2021-42574)

CVE-2021-42574 - Code generator Generate malicious files using recently published bidi-attack vulnerability, which was discovered in Unicode Specifica

js-on 7 Nov 09, 2022
Steal Files on a Windows Machine

File-Stealer Steal Files on a Windows Machine About This Script will steal certain Files on a Windows Machine and sends them to a FTP Server. Preview

Marcel 5 Nov 17, 2022
JavaScript Raider is a coverage-guided JavaScript fuzzing framework designed for the v8 JavaScript engine

JavaScript Raider is a coverage-guided JavaScript fuzzing framework designed for the v8 JavaScript engine

105 Dec 05, 2022
IPscan - This Script is Framework To automate IP process large scope For Bug Hunting

IPscan This Script is Framework To automate IP process large scope For Bug Hunti

0xd2rdir 8 Mar 12, 2022
dos-atack-tor script de python que permite usar conexiones cebollas para atacar paginas .onion o paginas convencionales via tor.

script de python que permite usar conexiones cebollas para atacar paginas .onion o paginas convencionales via tor. tiene capacidad de ajustar la cantidad de informacion a enviar, el numero de hilos a

Desmon 2 Jun 01, 2022
IP Denial of Service Vulnerability ")A proof of concept for CVE-2021-24086 ("Windows TCP/IP Denial of Service Vulnerability ")

CVE-2021-24086 This is a proof of concept for CVE-2021-24086 ("Windows TCP/IP Denial of Service Vulnerability "), a NULL dereference in tcpip.sys patc

Carry 1 Nov 25, 2021
对naabu的端口扫描结果,调用nmap进行指纹识别

naabu2nmap 对naabu的端口扫描结果,调用nmap进行指纹识别

Se7en 12 Nov 22, 2022
A simple python-function, to gain all wlan passwords from stored wlan-profiles on a computer.

Wlan Fetcher Windows10 Description A simple python-function, to gain all wlan passwords from stored wlan-profiles on a computer. Usage This Script onl

2 Nov 20, 2021
xray多线程批量扫描工具

Auto_xray xray多线程批量扫描工具 简介 xray社区版貌似没有批量扫描,这就让安服仔使用起来很不方便,扫站得一个个手动添加,非常难受 Auto_xray目录下记得放xray,就跟平时一样的。 选项1:oneforall+xray 输入一个主域名,自动采集子域名然后添加到xray任务列表

1frame 13 Nov 09, 2022