SpyHunt is a comprehensive network scanning and vulnerability assessment tool. This tool is designed for security professionals and penetration testers to perform comprehensive reconnaissance and vulnerability assessments on target networks and web applications. It combines multiple scanning techniques and integrates various external tools to provide a wide range of information about the target.
These tools are made with various libraries that can perform network operations, web scraping, parallel processing, etc. The tools come with command-line argument parsing for different scanning options.
You may also like to read: Nikto Web Security Scanner Beginner Guide
This tool is completely for bug hunters. It includes each and every tool that helps a hunter for finding bugs from subdomain enumeration to brute forcing.
Function
- Subdomain enumeration
- Technology detection
- DNS record scanning
- Web crawling and URL extraction
- Favicon hash calculation
- Host header injection testing
- Security header analysis
- Network vulnerability analysis
- Wayback machine URL retrieval
- JavaScript file discovery
- Broken link checking
- HTTP request smuggling detection
- IP address extraction
- Domain information gathering
- API endpoint fuzzing
- Shodan integration for additional recon
- 403 Forbidden bypass attempts
- Directory and file brute-forcing
- Local File Inclusion (LFI) scanning with Nuclei
- Google Dorking
- Directory Traversal
- SQL Injection
- XSS
- Web Server Detection
- JavaScript file scanning for sensitive info
- The script uses multithreading and multiprocessing to perform scans efficiently.
- It includes options to save results to files and customize scan parameters.
- The tool integrates with external tools and APIs like Shodan, Nmap, and various web-based services.
- It implements various techniques to bypass restrictions and discover vulnerabilities.
- The script includes a CIDR notation scanner for port scanning across IP ranges.
Installation
git clone https://github.com/gotr00t0day/spyhunt.git
cd spyhunt
pip3 install -r requirements.txt
sudo python3 install.py
USAGE
usage: spyhunt.py [-h] [-sv filename.txt] [-s domain.com] [-j domain.com] [-t domain.com] [-d domain.com]
[-p domains.txt] [-r domains.txt] [-b domains.txt] [-w https://domain.com]
[-wc https://domain.com] [-fi https://domain.com] [-fm https://domain.com]
[-na https://domain.com] [-ri IP] [-rim IP] [-sc domain.com] [-co domains.txt]
[-hh domain.com] [-sh domain.com] [-ed domain.com] [-smu domain.com] [-rd domain list]
[-ips domain list] [-dinfo domain list] [-isubs domain list] [-pspider domain.com]
[-nft domains.txt] [-ph domain.txt]
- Scan for subdomains and save the output to a file.
python3 spyhunt.py -s yahoo.com --save filename.txt
- Scan for javascript files
python3 spyhunt.py -j yahoo.com
Scan for DNS records
python3 spyhunt.py -d domains.txt
- Scan for FavIcon hashes
python3 spyhunt.py -fi domain.com
- Web Crawler
python3 spyhunt.py -wc https://www.domain.com
- Broken Links
python3 spyhunt.py -b https://www.domain.com
- Cors Misconfiguration Scan
python3 spyhunt.py -co domains.txt
- Host Header Injection
python3 spyhunt.py -hh domains.txt
- Directory Brute Forcing
python3 spyhunt.py --directorybrute domain.com --wordlist list.txt --threads 50 -e php,txt,html -x 404,403
- Directory Brute Forcing with no extensions
python3 spyhunt.py --directorybrute domain.com --wordlist list.txt --threads 50 -x 404,403
- Scanning a subnet
python3 spyhunt.py --cidr_notation IP/24 --ports 80,443 --threads 200
- Directory Traversal
python3 spyhunt.py -ph domain.com?id=
- sql injection
python3 spyhunt.py -sqli domain.com?id=1
- XSS
python3 spyhunt.py -xss domain.com?id=1
- JavaScript file scanning for sensitive info
python3 spyhunt.py -javascript domain.com
- Javascript endpoint fuzzing
python3 spyhunt.py -javascript_endpoint domains.txt -c 20 --save filename.txt
Now you can use it in your own ways, I hope this information is helpful for you and make sure to save bookmarks for future posts.
You may also like to read: Ominis OSINT | Powerful Dorking Tool For Information Gathering
Want to be a hacker? Join our Complete Offensive-Hacking course and learn everything from scratch, from your home comfort to your time flexibility. Register Now to get 10% special off.