Shulou(Shulou.com)05/31 Report--

This article will explain what kind of tool Rock-ON is for you in detail. The editor thinks it is very practical, so I share it for you as a reference. I hope you can get something after reading this article.

A network reconnaissance tool called Rock-ON, it is a multi-functional intelligence reconnaissance tool, the majority of researchers only need to provide it with a domain name address, the rest of the work can be handed over to Rock-ON to complete!

I. introduction of tools

Rock-On is a multi-functional network investigation tool, which can provide help to the network investigation activities of the majority of researchers. Its main function is to realize all the manual processes in the whole process of network investigation in an automatic way, so as to help researchers save time and money.

2.1. Function introduction

1. Crawl the subdomain name

2. Search A.S.N-> NetBlock-> IP address

3. Address resolution

4. Search port

5. Search VHost

6. Search the directory

7. Search for secondary domain names

8. Asset tracking & real-time monitoring

9. Slack notification push

10. Search for JS links & related links & sensitive files

11. Active / passive crawling

2.2. Suggestions for the use of tools

Device configuration: Debian (v9.4), 4GB RAM (DigitalOcean), VPS

Second, based on Censys

First, we need to set the API and the corresponding key in sub.sh.

To remove:

1. Delete lines 13-18

2. Set your API and the corresponding key on lines 47 and 48:

Export CENSYS_API_ID=your_key_here

Slack Notification push

Modify your WebHook address in sub.sh, ASN.sh, Sublert.py and config.py as follows:

1. Replace the WebHook address in line 113 of sub.sh and line 15 of ASN.sh

2. Replace the WebHook address in Tools/sublert/config.py

Configuration manual: [reference documentation]

2.1. Reference code base

In the process of implementing Rock-On, developers use a large number of excellent code bases in the community, including:

1.Sublist3r2.Knock3.Subfinder4.Censys5.Amass6.CTLogs7.CTFR8.Wayback9.SanDomains10.AltDns11.NMAP12.Masscan13.MassDNS14.Sublert15.Aquatone16.Vhost17.Rapid7FDNS DB18.AWS-CLI19.Dirsearch III. Tools rely on 3.1.Go language environment

You can configure the Go environment with the following command:

Wget https://dl.google.com/go/go1.12.5.linux-amd64.tar.gztar-C / usr/local-xzfgo1.12.5.linux-amd64.tar.gzrm-fgo1.12.5.linux- amd64.tar.gznano ~ / .profile

When you are done, you need to add the following configuration code to the .profile file:

Export PATH=$PATH:/usr/local/go/binexport GOROOT=/usr/local/go IV. Tool installation

If you are using a brand new VPS, please run the following code before installation:

Sudo apt-get upgrade & & sudo apt-getupdate & & sudo apt-get install git

Next, use the git command to clone Rock-On locally from the GitHub code base:

Git clone https://github.com/SilverPoision/Rock-ON.gitcd Rock-ONchmod + x rockon.sh./rockon.sh1

In addition, don't forget to configure your AWS credentials with the following command:

Aws configure V, tool use

Run the following command:

. / rockon.sh

Then choose the appropriate function according to your needs.

Run the screenshot of the tool:

If you need to select the fourth option, you need to run the following command before using it for the first time:

This is the end of gem install colorize's article on "what is Rock-ON?". I hope the above content can be helpful to you, so that you can learn more knowledge. if you think the article is good, please share it for more people to see.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.