Recox: Web Application Vulnerability Finder

Recox combines numerous methods to form the ultimate web application reconnaissance tool. The main aim of the script is to find and then classify vulnerabilities within web applications. With its in-depth mechanism, it can help the user find unexpected vulnerabilities which are normally overlooked by other web application scanners.

Recox: Web Application Vulnerability Finder 

Recox automated numerous functions required in a manual penetration test to help the user save time and focus on the real issues instead. Some of these functions include: 

The information is gathered recursively from each subdomain and IP address. After the web application is scanned, the various vulnerabilities are then presented to the user through the command line interface.

Features:

• Instead of performing a manual penetration test, the user can run this tool instead to find the vulnerabilities within the web application. 
• This tool is easy to install and use. 
• Finds uncommon vulnerabilities which are outside the OWASP top ten list of most common vulnerabilities. 
• Saves significant amount of time for the user. 

Supported Platforms:

• Linux

Requirements:

• None

Install

Clone the GitHub repo: 

$ git clone https://github.com/samhaxr/recox 

Recox Usage

Enter the following commands: 

$ chmod +x recox.sh  
$ ./recox.sh 

Welcome Screen

██████╗ ███████╗ ██████╗ ██████╗ ██╗  ██╗
██╔══██╗██╔════╝██╔════╝██╔═══██╗╚██╗██╔╝
██████╔╝█████╗  ██║     ██║ //██║ ╚███╔╝ 
██╔══██╗██╔══╝  ██║     ██║// ██║ ██╔██╗ 
██║  ██║███████╗╚██████╗╚██████╔╝██╔╝ ██╗
╚═╝  ╚═╝╚══════╝ ╚═════╝ ╚═════╝ ╚═╝  ╚═╝                                         

Twitter: @sulemanmalik_3                V1.0
-----------------------------------------------
DONE           [######################### 100%]

[!] VirusTotal API OK
[!] Shodan API OK

[1] Deep-Dom Scanner
[2] Deep-JS
[3] Web-Info
[0] Exit

To run the Recox from anywhere in the terminal, use the following command:

$ mv recox.sh /usr/local/bin/recox