Added prefix and suffix arguments, beginnings of prefix implementation; added verbose argument and updated host scanner to show hosts scanned in verbose mode

Author: vortexau

VHostScan.py

@@ -33,7 +33,7 @@ def main():
 
     wordlist_helper = WordList()
     wordlist, wordlist_types = wordlist_helper.get_wordlist(
-        arguments.wordlists)
+        arguments.wordlists, arguments.prefix, arguments.suffix)
 
     if len(wordlist) == 0:
         print("[!] No words found in provided wordlists, unable to scan.")
@@ -82,11 +82,16 @@ def main():
                 wordlist.append(str(ip))
                 wordlist.append(host)
                 wordlist.extend(aliases)
+                if arguments.verbose:
+                    print("[!] Discovered {host}/{ip}. Adding...".format(ip=str(ip), host=host))
         except (dns.resolver.NXDOMAIN):
             print("[!] Couldn't find any records (NXDOMAIN)")
         except (dns.resolver.NoAnswer):
             print("[!] Couldn't find any records (NoAnswer)")
 
+    if arguments.verbose:
+        print("[>] Scanning with %s items in wordlist" % len(wordlist))
+
     scanner_args = vars(arguments)
     scanner_args.update({
         'target': arguments.target_hosts,

lib/core/virtual_host_scanner.py

@@ -59,6 +59,7 @@ def __init__(self, target, wordlist, **kwargs):
         self.unique_depth = int(kwargs.get('unique_depth', 1))
         self.ignore_http_codes = kwargs.get('ignore_http_codes', '404')
         self.first_hit = kwargs.get('first_hit')
+        self.verbose = kwargs.get('verbose')
 
         self.ignore_content_length = int(
             kwargs.get('ignore_content_length', 0)
@@ -104,6 +105,9 @@ def scan(self):
         for virtual_host in self.wordlist:
             hostname = virtual_host.replace('%s', self.base_host)
 
+            if self.verbose:
+                print("[*] Scanning {hostname}".format(hostname=hostname))
+
             if self.real_port == 80:
                 host_header = hostname
             else:

lib/helpers/wordlist_helper.py

@@ -19,7 +19,7 @@ def get_stdin_wordlist(self):
         return list(line for line in sys.stdin.read().splitlines()) \
             if not sys.stdin.isatty() else []
 
-    def get_wordlist(self, wordlist_files=None):
+    def get_wordlist(self, wordlist_files=None, wordlist_prefix=False, wordlist_suffix=False):
         default_wordlist_file = DEFAULT_WORDLIST_FILE
 
         stdin_words = self.get_stdin_wordlist()
@@ -29,11 +29,20 @@ def get_wordlist(self, wordlist_files=None):
 
         combined_files = wordlist_files or default_wordlist_file
         combined = get_combined_word_lists(combined_files)
+
         if combined:
             words_type = 'wordlists: {}'.format(
                 ', '.join(combined['file_paths']))
             self.set_words(words_type=words_type, words=combined['words'])
 
+        # Apply prefixes
+        if wordlist_prefix:
+            prefixed = [wordlist_prefix + word for word in self.wordlist]
+            self.wordlist = self.wordlist + prefixed
+
+        #if wordlist_suffix:
+            
+
         return self.wordlist, self.wordlist_types
 
     def set_words(self, words_type, words):

lib/input.py

@@ -34,6 +34,16 @@ def setup_parser():
             help='Set the port to use (default 80).'
         )
 
+        parser.add_argument(
+            '--prefix', dest='prefix', default=False,
+            help='Add a prefix to each item in the word list (dev, test etc)'
+        )
+
+        parser.add_argument(
+            '--suffix', dest='suffix', default=False,
+            help='Add a suffix to each item in the word list'
+        )
+
         parser.add_argument(
             '-r', dest='real_port', type=int, default=False,
             help='The real port of the webserver to use in headers when '
@@ -98,6 +108,11 @@ def setup_parser():
             help='If set then simple WAF bypass headers will be sent.'
         )
 
+        parser.add_argument(
+            '-v', dest='verbose', action='store_true', default=False,
+            help='Print verbose output'
+        )
+
         output = parser.add_mutually_exclusive_group()
         output.add_argument(
             '-oN', dest='output_normal',