The script aims to help find vulnerabilities in web applications. The methodology derived from RecoX can identify weaknesses in addition to the top ten of OWASP.
The script displays information against the target system. Gathers information recursively on each subdomain and IP addr for a sophisticated attack.
Το RecoX αυτοματοποιεί πολλές λειτουργίες και εξοικονομεί σημαντικό χρόνο που απαιτείται καθ 'όλη τη διάρκεια μιας χειροκίνητης penetration test δοκιμής.
Installation and use
git clone https://github.com/samhaxr/recox chmod + x recox.sh ./recox.sh
mv recox.sh / usr / local / bin / recox
The deep scan includes many checks, such as subdomain takeover, A record, passive scan, active scan, CORS misconfiguration, zone transfer test and web content discovery.
Videos: guide