A vulnerability fuzzer tool written in bash, it contains most commonly used tools to perform vulnerability scan.
A bash script that automatically finds vulnerable paramters on the basis of their patterns and run some most common used tools to find various vulnerabilities and it also uses nuclei which helps to find vulnerabilities on the basis of templates. Overall it helps you to find low hanging bugs.
Requirements: python3 and go-lang
runscan:~ sudo apt-get update runscan:~ sudo apt-get install python3.8 python3-pip runscan:~ sudo apt-get install golang-go
Make sure you're root before performing the installation
runscan:~ git clone https://github.com/R0X4R/Pinaak.git && cd Pinaak/ && chmod +x pinaak install.sh && mv pinaak /usr/bin/ && ./install.sh
If you get any error just copy the error and search on google this will make your debugging skills better ;)
Important (add these before using the tool you can do it by:
sudo nano /usr/bin/pinaak)
header="" # please add custom header before using pinaak intServer="" # please add interactsh server before using pinaak (http://test.interact.sh/)
Please use VPS because it makes a lot of traffic
runscan:~ pinaak -h █▀█ █ █▄░█ ▄▀█ ▄▀█ █▄▀ █▀▀ █ █░▀█ █▀█ █▀█ █░█ coded by @R0X4R in INDIA -l List of targets (must have webprobed earlier <subfinder -d target.com | httpx -silent | anew targets.txt>) -b Add your xss server for Blind XSS finding <https://test.xss.ht> (you can get it from https://xsshunter.com/) -t Number of threads (default 100) <-t int> pinaak -l <target files> -t <threads> -b <blind xss server>
runscan:~ subfinder -d target.com -all -threads 200 -silent | httpx -silent -threads 300 | anew -q targets.txt runscan:~ pinaak -l ~/targets.txt -t 200 -b https://test.xss.ht
Thanks to the authors of the tools used in this script.
Warning: This code was originally created for personal use, it generates a substantial amount of traffic, please use with caution