View Issue Details

Jump to NotesJump to History
IDProjectCategoryView StatusDate SubmittedLast Update
0006131Kali LinuxNew Tool Requestspublic2020-02-25 04:032020-02-25 13:18
Reporterjul10l1r4 Assigned To 
PrioritynormalSeveritytextReproducibilityN/A
Status closedResolutionsuspended 
Summary0006131: Add OWASP D4N155 tool for make intelligent wordlist
Description
  • [Name] -
    OWASP D4N155
  • [Version] -
    1.1
  • [Homepage] -
    https://owasp.org/www-project-d4n155/
  • [Download] -
    https://github.com/OWASP/D4N155
  • [Author] -
    Julio Lira [email protected]
  • [License] -
    GNU GPLv3
  • [Description] -
    Make intelligent wordlists based on the content of the target page with OSINT. Make report in PDF and HTML
  • [Dependencies] -
    Python3.6, Bash, groff, python3-pip
    • [requirements.txt ] - -
      beautifulsoup4==4.6.3,
      google==2.0.3,
      numpy==1.15.4,
      requests==2.20.1,
      mechanicalsoup==0.12.0,
      selenium==3.14.1,
      getrails==1.5,
      objetive==0.6
  • [Similar tools] -
    CeWL + hashcat + Geckodriver handless [Run JS] + Google Hacking dorks
  • [Activity] -
    Begin: Dec 30, 2018,
    Release: 1.1,
    No more functionality is being added, just creating API, Docker...
  • [How to install] -
    wget -qO- https://github.com/OWASP/D4N155/archive/1.1.zip | bsdtar -xf-
    cd D4N155-1.1
    pip3 install -r requirements.txt
    bash main

    or

    docker pull docker.pkg.github.com/owasp/d4n155/d4n155:latest
    docker run -it d4n155

  • [How to use] -

bash main --help
D4N155: Tool for smart audit security

Usage: bash main <option> <value>
All options are optionals

Options:
-w, --wordlist  <url|ip>    Make the smartwordlist based in informations
                on website.
-t, --targets   <file>      Make the smart-wordlist based in your passed
                source informations in urls.
-b, --based <file>      Analyze texts to generate the
                custom wordlist
-r, --rate  <time>      Defines time interval between requests
-o, --output    <file>      For to store the all wordlist.
-?a, --aggressive      Aggressive reading with headless
-h, --help          Show this mensage.

 Value: <url | ip | source | file | time>
URL             URL target, example: scanme.nmap.org
IP              IP address
TIME                Time, example: 2.5. I.e: 00:00:02:30.. 0 are default
FILE                File, for save the result, get urls or using in
                wordlist

See video: https://asciinema.org/a/294029

Steps To Reproduce
Interative

$ bash main

Select method (1: tradicional read url, 2: aggressive read url)

2

Type the target domain

Target is: scanme.nmap.org

Inerval between requests for dont block: Ex: 1s = 1, 1,3s = 1.3

Time interval in seconds (Default: -1): 1
...

Logic

bash main -wa scanme.nmap.org -r 1

Additional Information

Wiki: https://owasp.org/www-project-d4n155/
Operations: https://owasp.org/www-project-d4n155/#div-operations
Docker project: https://owasp.org/www-project-d4n155/#div-docker
API project: https://owasp.org/www-project-d4n155/#div-api
Github: https://github.com/owasp/d4n155

Attached Files
D4N155-1.1.zip (25,132 bytes)

Activities

g0tmi1k

g0tmi1k

2020-02-25 13:18

administrator   ~0012338

Not sure what the upside this is over cewl.
I don't see this bringing anything new to the table overall.

Issue History

Date Modified Username Field Change
2020-02-25 04:03 jul10l1r4 New Issue
2020-02-25 04:03 jul10l1r4 File Added: D4N155-1.1.zip
2020-02-25 13:18 g0tmi1k Status new => closed
2020-02-25 13:18 g0tmi1k Resolution open => suspended
2020-02-25 13:18 g0tmi1k Note Added: 0012338