Yuyu Scanner is a Web Reconnaissance & Web Analysis Scanner to find assets and information about targets.

Related tags

Security related resourcesYuyu_Scanner
Overview

Yuyu Scanner

Yuyu Scanner is a Web Reconnaissance & Web Analysis Scanner to find assets and information about targets.

installation

   ! run as root
   ~$ chmod +x install.sh
   ~$ ./install.sh

Preview

GUI

This Gui is made using Electron JS and Bootstrap

CLI

This CLI was created using the python language program

REPORTING

Features

  • Available for Gui Version

  • Subdomain Discovery with Passive Method from Public Api

              http://web.archive.org/
          https://threatcrowd.org/
          https://urlscan.io/
          https://rapiddns.io/
          https://otx.alienvault.com/
          https://dnsdumpster.com/
          https://crt.sh/
          https://api.threatminer.org/
          https://api.certspotter.com/
          https://api.hackertarget.com/
          https://riddler.io/
          http://index.commoncrawl.org/

  • Top 10 port scanning with NMAP

  • Url Discovery from waybackurl

  • IP Discovery

  • Title Discovery of target

  • Common sensitive files Discovery

  • Status code Discovery from subdomain result

  • Reverse IP with Passive Method from Public Api

  • Checking Collected Subdomain and IP Address

  • Email Address Discovery with Passive Method from Public Api

  • WHOIS Lookup

  • Save all Discovery result

  • Generate HTML Report

  • Generate JSON Report

  • Multiprocessing

Usage

  • Basic Arguments:

            ~$ python3 yuyu.py -u domain.com [arg]


            -h, --help            show this help message and exit
            -u URL, --url URL     Target URL
            -g, --gui             Run Yuyu in Gui Mode
            -sp, --scanport       Port Discovery from Discovery IP
            -ri, --revip          Reverse IP from target URL
            -wl, --whois          Whois Lookup from target URL
            -cu, --collecturl     Collect URL from target URL & Subdomain Result
            -ed, --emaildiscover  Email Discovery jfrom Subdomain Result
            -fs, --filesensitive  Find Sensitive Files from Subdomain Result

Run Gui

  bash gui.sh run

Stop Gui

  bash gui.sh stop

Publication

Contact me

References

Credits & Thanks

Owner
Justakazh
random people
Justakazh
GitHub Repository
A tool that detects the expensive Carbon Black watchlists.

A tool that detects the "expensive" Carbon Black watchlists.

Oğuzcan Pamuk 8 Aug 04, 2022
This is python script that will extract the functions call in all used DLL in an executable and then provide a mapping of those functions to the attack classes defined and curated malapi.io.

F2Amapper This is python script that will extract the functions call in all used DLL in an executable and then provide a mapping of those functions to

Ajit Kumar 3 Sep 03, 2022
Password List Creator Simple !

Password List Creator Simple !

MR.D3F417 4 Jan 27, 2022
Community Repository for Unofficial Saltbox Add-ons

Saltbox Sandbox Repo Community Repository for Unofficial Saltbox Add-ons Requirements Saltbox Documentation Undetermined Roles List of roles can be fo

Salty Organization 31 Dec 19, 2022
Growtopia Save.dat Stealer

savedat-stealer Growtopia Save.dat Stealer (Auto Send To Webhook) How To Use After Change Webhook URL Compile script to exe Give to target Done Info C

NumeX 9 May 01, 2022
Internal network honeypot for detecting if an attacker or insider threat scans your network for log4j CVE-2021-44228

log4j-honeypot-flask Internal network honeypot for detecting if an attacker or insider threat scans your network for log4j CVE-2021-44228 This can be

Binary Defense 144 Nov 19, 2022
🍯 16 honeypots in a single pypi package (DNS, HTTP Proxy, HTTP, HTTPS, SSH, POP3, IMAP, STMP, VNC, SMB, SOCKS5, Redis, TELNET, Postgres & MySQL)

Easy to setup customizable honeypots for monitoring network traffic, bots activities and username\password credentials. The current available honeypot

QeeqBox 259 Dec 31, 2022
Safety checks your installed dependencies for known security vulnerabilities

Safety checks your installed dependencies for known security vulnerabilities. By default it uses the open Python vulnerability database Safety DB, but

pyup.io 1.4k Dec 30, 2022
Bypass's HCaptcha by overloading their api causing it to throwback a generated uuid. (Released due to exposure)

HCaptcha-Bypass Bypass's HCaptcha by overloading their api causing it to throwback a generated uuid. Not working? If it is not seeming to work for you

Dropout 17 Aug 23, 2021
Big-Papa Integrates Javascript and python for remote cookie stealing which then can be used for session hijacking

Big-Papa is a remote cookie stealer which can then be used for session hijacking and Bypassing 2 Factor Authentication

77 Jan 03, 2023
Fetch Chrome, Firefox, WiFi password and system info

DISCLAIMER : OUR TOOLS ARE FOR EDUCATIONAL PURPOSES ONLY. DON'T USE THEM FOR ILLEGAL ACTIVITIES. YOU ARE THE ONLY RESPONSABLE FOR YOUR ACTIONS! OUR TO

Genos 59 Nov 17, 2022
NFC Implant-base RSA Encrypted Messagging application

Encrypted messaging application with the use of MIFARE DESfire chip to store the private/public keys needed for the application authentication

4 Nov 06, 2021
Spring4Shell - Spring Core RCE - CVE-2022-22965

Spring Core RCE - CVE-2022-22965 After Spring Cloud, on March 29, another heavyweight vulnerability of Spring broke out on the Internet: Spring Core R

Malte Gejr 118 Dec 31, 2022
CVE-2021-36798 Exp: Cobalt Strike < 4.4 Dos

A denial of service (DoS) vulnerability (CVE-2021-36798) was found in Cobalt Strike. The vulnerability was fixed in the scope of the 4.4 release. More

104 Nov 09, 2022
🐎🖥《赛马娘》(ウマ娘: Pretty Derby)辅助脚本

auto-derby 自动化养马 育成结果 Nurturing result 功能 支持客户端 DMM (前台) 实验性 安卓 ADB 连接(后台)开发基于 1080x1920 分辨率 团队赛 (Team race) 有胜利确定奖励时吃帕菲 日常赛 (Daily race) PvP 活动赛 (Cha

NateScarlet 376 Jan 01, 2023
PyPasser is a Python library for bypassing reCaptchaV3 only by sending 2 requests.

PyPasser is a Python library for bypassing reCaptchaV3 only by sending 2 requests. In 1st request, gets token of captcha and in 2nd request,

253 Jan 05, 2023
script that pulls cve collections from NVD.NIST.GOV.

# cvepull.py #script that pulls cve collections from NVD.NIST.GOV. #edit line 17 (timedelta) number to change the amount of days to search backwards

Aaron W 1 Dec 18, 2021
For educational purposes only. (Uzbek Edition)

DISCLAIMER 💣 Ushbu skriptdagi materiallar bilan bog'liq har qanday xatti-harakatlar faqat sizning javobgarligingizdir. Ushbu skriptdagi ma'lumotlarda

Husniddin Murodov 1 Feb 12, 2022
Metal Gear Online 2 (MGO2) stage files decryption

Metal Gear Online 2 decryption tool Metal Gear Online 2 (MGO2) has an additional layer of encryption for stage files. I was not able to find info abou

4 Sep 02, 2022
😭 WSOB is a python tool created to exploit the new vulnerability on WSO2 assigned as CVE-2022-29464.

😭 WSOB (CVE-2022-29464) 😭 WSOB is a python tool created to exploit the new vulnerability on WSO2 assigned as CVE-2022-29464. CVE-2022-29464 details:

0p 25 Oct 14, 2022