A collection of tools under one script to find subdomains, check for Swagger exposure, test domain to be exposed via firewall and send final results onto WhatsApp Channel.
Ensure to add the domains of your organization in the following script.
Swagger\swagger1.sh
This requires SwaggerHole to be installed on the local system.
Similary, add the domains that are required to be scanned for the subdomain enumeration.
FirewallTester\domainenum.sh
This requires, subfinder and assetfinder to be installed on the local machine.
You are required to link a whatsapp account in order to send the alerts to your WhatsApp Channel. Please follow the below to configure the same.
https://github.com/chrishubert/whatsapp-api
Once you have the details, you are required to add the following values to ensure things are working fine.
WhatsApp\firewallalert.py
WhatsApp\swaggeralert.py
The following 3 details are required to be added in the code.
API_URL = "http://localhost:3000/client/sendMessage/<SESSION ID HERE>"
API_KEY = "<API KEY HERE>"
CHAT_ID = "<CHAT ID HERE>"
Note: Make sure that WhatsApp-API is running on the local system and then you should execute the runner.py.
Ensure to change the payload in the FirewallTester\firewall_tester.py as it is currently set to <<KamranSaifullah>>.
Ensure to update the codebase in FireWallTester/firewall_tester.py as the line contains a different firewall response on Line 47.
The requested URL was rejected. Please consult with your administrator."
Please ensure to go through the entire codebase and make necessary changes before you fire it up against your company domains. The liability lies with you.
I will recommend to create a SIEM Dashboard based on the alert so you have a decent dashboarding of the domains triggering firewall alerts.