This post serves as an extension to the previous discussion on mass vulnerability scanning employing nuclei, naabu, and subfinder. Here, we introduce a straightforward bash script tailored to conduct a sequential scan utilizing these tools, targeting a single domain to identify vulnerabilities.

The script

Let’s create singlescan.sh file with the following code:

#!/bin/bash

domain=$1
resultDir=$2
if [ -z "$resultDir" ]; then 
    resultDir=$(pwd)
fi

if [ ! -d "$resultDir" ]; then 
    mkdir "$resultDir"
fi

echo "Saving results to $resultDir"

subFile="$resultDir/sub.txt"
portFile="$resultDir/port.txt"
vulFile="$resultDir/vul.txt"

echo "Finding subdomains.."
subfinder -d $domain -silent -o $subFile
echo "Scanning for ports..."
naabu -l $subFile -silent -o $portFile
echo "Scanning for vulners..."
nuclei -l $portFile -silent -s high,critical -o $vulFile
echo "All done."

Usage

./singlescan.sh mydom.com mydom.com

The script scans mydom.com and saves results in mydom.com folder. The folder is created if does not exists.

./mydom.com/vul.txt will contain vulnerabilities detected of level high and critical if found. Otherwise, the file will be empty.

See also

• Vulnerability databases
• Non-arabic african population is willing to invest in high-risk crypto and forex platforms (research)
• Demystifying Crypto and Forex CFD Trading: Platforms, FTDs, and Leads Explained
• Tech SEO Pro video course by Kristina Azarenko
• Practical mass vulnerability scanning using nuclei, naabu and subfinder