README.md

---

NeutronSec

• NeutronSec is a Basic Tool which does most of our Recon Hassle.

• It Uses Mohd Shibli's recon scripts as its core component.

• It uses multiple bash scripts and executes them through python.

• It Also does some Post reconnaissance stuff.

• Consider using this Tool mostly for Medium/Large Scope Targets !

---

Features

• Gather Subdomains through Amass, subfinder and assetfinder.

• Gather JS files.

• Check For Any Reflected domain in response (Using Additional X-Header).

• Extract Endpoints with relative url extractor.

• Curate a Common wordlist for gathered enpoints.

• Perform Waybackurls and Gau.

• Grep gf patterns for XSS, SSRF, RCE, SQLi, etc.

• Find Open S3 Buckets using S3Scanner.py

• Perform Subdomain Takeover checks using Subjack.

• Perform Eyewitness for visual Recon.

• Perfom Nmap for port Scanning

• Finally perform Nuclei on Subdomains.

---

Dependencies :

• Golang / go

• Amass

• Subfinder

• AssetFinder

• httpx

• relative-url-extractor

• Waybackurls

• Gau

• gf

• gf-patterns

• S3Scanner

• Subjack

• Nuclei

• pip3 install eyewitness

• pip3 install coloredlogs

• pip3 install requests

• pip3 install awscli

---

Extras

• Here is Mohd Shibli's Github Repository

• To Run the script, Just use > python3 main.py and relax!

• Keep in mind that you need to write the Path for amass config file (If any) and for S3Scanner.py

Thank You

This Mini Project was developed by @Neutron__

If you are facing any problem getting things right, feel free to ping me :)

Future Updates

Possibility of Replacing Nmap with any other fast Port Scanner.

Active BruteForcing of Subdomains (Permutations) for VPS.

Adding more features like Checking SSTI, SSRF, etc.