Rock-ON - An All In One Recon Tool That Will Just Get A Single Entry Of The Domain Name And Do All Of The Work Alone


Rock-On is a all in one recon tool that will help your Recon process give a boost. It is mainley aimed to automate the whole process of recon and save the time that is being wasted in doing all this stuffs manually. A thorough blog will be up in sometime. Stay tuned for the Stable version with a UI.

Features
  1. Sub Domain Scraping
  2. Finding A.S.N -> Netblocks -> IP's
  3. Resolving
  4. Finding Ports
  5. Finding VHost
  6. Finding Directories
  7. Finding Sub Takeovers
  8. Asset tracker with live monitoring
  9. Push Notifications to Slack
  10. Finding JS link then relative links in them and some sensitive files
  11. Active and passive crawling

Recommendation
Machine Configuration - Debian- 9.4, 4 GB RAM on DigitalOcean and its will be good to run this tool on a new and fresh VPS.

For Censys:
Set the API and SECRET KEY in the sub.sh unless you want to set it again and again.
For removing:
1. Delete the lines 13-18
2. Then set you API and SECRET KEY on line 47 & 48 like this: export CENSYS_API_ID=your_key_here

For getting notification on Slack:
Change the webhook address to your one in sub.sh, ASN.sh and Sublert.py-> config.py to get notification while you do your other works.
For changing:
1. Replace the Webhook address at line 113 in sub.sh and 15 in ASN.sh
2. Replace the Webhook address in Tools/sublert/config.py

AND
Follow @yassineaboukir guide to configure the slack for sublert and also for creating a webhook address for sub.sh and ASN.sh here: https://medium.com/@yassineaboukir/automated-monitoring-of-subdomains-for-fun-and-profit-release-of-sublert-634cfc5d7708

Tools Added
Thanks to all the aurthors who have written these scripts and making a huge contribution to the great community. A big shout-out for @ehsahil for his blog on recon that helped me a lot while making this tool and taking examples for the repository.
  1. Sublist3r
  2. Knock
  3. Subfinder
  4. Censys
  5. Amass
  6. CT Logs
  7. CTFR
  8. Wayback
  9. San Domains
  10. AltDns
  11. NMAP
  12. Masscan
  13. MassDNS
  14. Sublert
  15. Aquatone
  16. Vhost
  17. Rapid7 FDNS DB
  18. AWS-CLI
  19. Dirsearch
  20. More to be added...

Requirements

Go-Languange
Install by Following methods:
wget https://dl.google.com/go/go1.12.5.linux-amd64.tar.gz
tar -C /usr/local -xzf go1.12.5.linux-amd64.tar.gz
rm -f go1.12.5.linux-amd64.tar.gz
nano ~/.profile
Add this lines
export PATH=$PATH:/usr/local/go/bin
export GOROOT=/usr/local/go

Installation

Note: For a new Fresh VPS run this commands first:
sudo apt-get upgrade && sudo apt-get update && sudo apt-get install git
git clone https://github.com/SilverPoision/Rock-ON.git
cd Rock-ON
chmod +x rockon.sh
./rockon.sh
1
Also don't forget to configure your AWS credentials by running
aws configure

Usage
./rockon.sh
Enter your choice and then the required Information.

Screenshot



Note: Run the below command while running the 4th option for the first time.
gem install colorize

Give Rock-On some Love
If this tool was useful to you during your recon stages - I would love to know. Any suggestions or ideas for this tool are appreciated - Just DM me on Facebook or Twitter


Rock-ON - An All In One Recon Tool That Will Just Get A Single Entry Of The Domain Name And Do All Of The Work Alone Rock-ON - An All In One Recon Tool That Will Just Get A Single Entry Of The Domain Name And Do All Of The Work Alone Reviewed by Zion3R on 5:56 PM Rating: 5