Just supply a domain name to Striker and it will automatically do the following for you:
- Check and Bypass Cloudflare
- Retrieve Server and Powered by Headers
- Fingerprint the operating system of Web Server
- Detect CMS (197+ CMSs are supported)
- Launch WPScan if target is using WordPress
- Retrieve robots.txt
- Whois lookup
- Check if the target is a honeypot
- Port Scan with banner grabbing
- Dumps all kind of DNS records
- Generate a map for visualizing the attack surface
- Gather Emails related to the target
- Find websites hosted on the same web server
- Find hosts using google
- Crawl the website for URLs having parameters
- SQLi scan using online implemention of SQLMap (takes < 3 min.)
- Basic XSS scanning
Get and run Striker:
https://github.com/s0md3v/Striker.git
pip install -r requirements.txt
python striker.py [domain]
e.g: python striker.py example.com
