The script aims to help find vulnerabilities in applications Web. The methodology derived from RecoX can detect weaknesses in addition to the OWASP top ten.
The script displays information against the target system. Gathers information recursively on each subdomain and IP addr for a sophisticated attack.
RecoX automates a lot functions and saves significant time required throughout a manual penetration test.
Installation and use
git clone https://github.com/samhaxr/recox chmod + x recox.sh ./recox.sh
mv recox.sh / usr / local / bin / recox
The deep scan includes many controls, such as subdomain takeover, A record, passive scan, active scan, CORS misconfiguration, zone transfer test και ανακάλυψη περιεχομένου ιστού.
Videos: guide