SilverPoision/Rock-ON SilverPoision/Rock-ON

  • Stars
    star
    282
  • Rank 142,019 (Top 3 %)
  • Language
    Shell
  • Created almost 5 years ago
  • Updated over 4 years ago
Twitter logo Share LinkedIn logo Share Facebook logo Share
SilverPoision/Rock-ON
github

SilverPoision

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Rock-On is a all in one Recon tool that will just get a single entry of the Domain name and do all of the work alone.

Rock-ON (A One-Shoot Killer)

Rock-ON Logo

Rock-On is a all in one recon tool that will help your Recon process give a boost. It is mainley aimed to automate the whole process of recon and save the time that is being wasted in doing all this stuffs manually. A thorough blog will be up in sometime. Stay tuned for the Stable version with a UI.

Features

  1. Sub Domain Scraping
  2. Finding A.S.N -> Netblocks -> IP's
  3. Resolving
  4. Finding Ports
  5. Finding VHost
  6. Finding Directories
  7. Finding Sub Takeovers
  8. Asset tracker with live monitoring
  9. Push Notifications to Slack
  10. Finding JS link then relative links in them and some sensitive files
  11. Active and passive crawling

Recommendation

Machine Configuration - Debian- 9.4, 4 GB RAM on DigitalOcean and its will be good to run this tool on a new and fresh VPS.

For Censys:

Set the API and SECRET KEY in the sub.sh unless you want to set it again and again.

For removing:

1. Delete the lines 13-18
2. Then set you API and SECRET KEY on line 47 & 48 like this: export CENSYS_API_ID=your_key_here

For getting notification on Slack:

Change the webhook address to your one in sub.sh, ASN.sh and Sublert.py-> config.py to get notification while you do your other works.

For changing:

1. Replace the Webhook address at line 113 in sub.sh and 15 in ASN.sh
2. Replace the Webhook address in Tools/sublert/config.py

AND

Follow @yassineaboukir guide to configure the slack for sublert and also for creating a webhook address for sub.sh and ASN.sh here: https://medium.com/@yassineaboukir/automated-monitoring-of-subdomains-for-fun-and-profit-release-of-sublert-634cfc5d7708

Tools Added

Thanks to all the aurthors who have written these scripts and making a huge contribution to the great community. A big shout-out for @ehsahil for his blog on recon that helped me a lot while making this tool and taking examples for the repository.

  1. Sublist3r

  2. Knock

  3. Subfinder

  4. Censys

  5. Amass

  6. CT Logs

  7. CTFR

  8. Wayback

  9. San Domains

  10. AltDns

  11. NMAP

  12. Masscan

  13. MassDNS

  14. Sublert

  15. Aquatone

  16. Vhost

  17. Rapid7 FDNS DB

  18. AWS-CLI

  19. Dirsearch

  20. More to be added...

Requirements

Go-Languange

Install by Following methods:

wget https://dl.google.com/go/go1.12.5.linux-amd64.tar.gz
tar -C /usr/local -xzf go1.12.5.linux-amd64.tar.gz
rm -f go1.12.5.linux-amd64.tar.gz
nano ~/.profile

Add this lines

export PATH=$PATH:/usr/local/go/bin
export GOROOT=/usr/local/go

Installation

Note: For a new Fresh VPS run this commands first:

sudo apt-get upgrade && sudo apt-get update && sudo apt-get install git

git clone https://github.com/SilverPoision/Rock-ON.git
cd Rock-ON
chmod +x rockon.sh
./rockon.sh
1

Also don't forget to configure your AWS credentials by running

aws configure

Usage

./rockon.sh

Enter your choice and then the required Information.

Screenshot

Rock-ON SC Rock-ON SC

Note: Run the below command while running the 4th option for the first time.

gem install colorize

Give Rock-On some Love

If this tool was useful to you during your recon stages - I would love to know. Any suggestions or ideas for this tool are appreciated - Just DM me on Facebook or Twitter

More Repositories

1

a-full-list-of-wordlists

this contain the burp pack
208
star
2

stuxnet-source-code

this is the source code of the stuxnet virus only for educational purpose or malware analysic
67
star
3

Havij-cracked

This contain havij latest version cracked
55
star
4

web-shell-master

this contain many web shells used to make a backdoor on a server
11
star
5

admin-panel-finder

this tool is used for finding admin panel of web apps
Python
3
star
6

PoC-s

Containing all the PoC's of last year on most famous bug bounty sites
Python
3
star
7

Burp-suit-proo-latest-version

burp suit latest version with proo
2
star
8

amass

2
star
9

mass.txt

2
star
10

secAuth

SecAuth is a secure implementation of the user authentication model with added best practices for day to day developers needs. SecAuth can be used in your next Node-Express project to implement the most basic user authentication yet secure than most of the out websites there.
JavaScript
2
star
11

simplebank

Go
1
star
12

subfinder

Go
1
star
13

simple-client-and-sever-.py

this is a simple python based server and client tool
Python
1
star
14

DSA_Practice

C++
1
star
15

intro-react

A robot powered training repository 🤖
JavaScript
1
star
16

test_proj

JavaScript
1
star
17

San

Python
1
star
18

next-blogging-website

This blogging website is totally built on NextJS and supports SSG SSR and CSR. The whole backend is built with NextJS itself.
JavaScript
1
star
19

test_slash

JavaScript
1
star
20

TheFirstVideo

TheFirsVideo aims to manage your Youtube channels so that you can set your channel priorities and watch latest videos from the channels you want to watch first. TheFirstVideo is a Node-Next app that uses SSR to pre-render the page content and provide user a better response time and thus a better UX
JavaScript
1
star