Semgrep #Installation pip install semgrep==1.54.3 #Use below script to run it; update the paths in the script wget https://raw.githubusercontent.com/Bhanunamikaze/PenTest-Scripts/refs/heads/main/semgrep_runner.py #Download the rules git clone https://github.com/Bhanunamikaze/SemgrepRules-PHP.git PHP Code Snipper Download phpcs.phar file from PHP_CodeSniffer Releases sudo apt-get install php-tokenizer php-xml php phpcs.phar /path/to/PHP_Code Visual Code Grepper https://github.com/nccgroup/VCG/tree/master GitHub - tcosolutions/betterscan: Code Scanning/SAST/Static Analysis/Linting using many tools/Scanners with One Report (Code, IaC) - Betterscan For NodeJS GitHub - insidersec/insider: Static Application Security Testing (SAST) engine focused on covering the OWASP Top 10, to make source code analysis to find vulnerabilities right in the source code, focused on a agile and easy to implement software inside your DevOps pipeline. Support the following technologies: Java (M
Refer to Simple WebPentest Checklist Subdomain Enumeration git clone https://github.com/TheRook/subbrute.git python subbrute.py domain.com > subdomains.txt git clone https://github.com/infosec-au/altdns.git altdns -i subdomains.txt -o data_output -w words.txt -r -s results_output.txt #paste the list into Bulk URL HTTP Status Code, Header & Redirect Checker | httpstatus.io # this will give live hosts status make sure to check subdomain of the sub-domains #Other Tools amass enum -passive -norecursive -noalts –df domin.txt -o subs-1.txt amass enum -passive -norecursive -noalts –df subs-1.txt -o all-sub.txt Recon Automation #Better use https://github.com/smicallef/spiderfoot - this automates most of the basic tasks #use ReconFTW git clone https://github.com/six2dez/reconftw cd reconftw/ ./install.sh ./reconftw.sh -d target.com -r #or Setup a container docker pull six2dez/reconftw:main docker run -it --rm \ -v "${PWD}/OutputFolder/":'/reconftw/Recon