Reconnaissance&Enumeration

#!/bin/sh
show_welcome(){
    NORMAL=`echo "\033[m"`
    MENU=`echo "\033[36m"` #Blue
    TEXT=`echo "\033[33m"` #yellow
    FGRED=`echo "\033[41m"`
    RED_TEXT=`echo "\033[31m"`
    ENTER_LINE=`echo "\033[33m"`
    echo -e "${MENU}*********************************************${NORMAL}"
    echo -e "${MENU}**${TEXT} Reconnaissance Version 1.0"
    echo -e "${MENU}**${TEXT} Written by Joseph DePlato${MENU}"
    echo -e "${MENU}**${TEXT} Usage: Enter Domain as ${MENU}"
    echo -e "${MENU}**${TEXT} domain.com${MENU}"
    echo -e "${MENU}**${TEXT} Then select options from menu${MENU}"
    echo -e "${MENU}*********************************************${NORMAL}"
    echo -e "${ENTER_LINE}Please input a domain and press enter"
    read domain
    echo "$domain Scan Summary" > ~/Enumeration/$domain
}

show_menu(){
    NORMAL=`echo "\033[m"`
    MENU=`echo "\033[36m"` #Blue
    NUMBER=`echo "\033[33m"` #yellow
    FGRED=`echo "\033[41m"`
    RED_TEXT=`echo "\033[31m"`
    ENTER_LINE=`echo "\033[33m"`
    echo -e "${MENU}*****************************************************************************${NORMAL}"
    echo -e "${MENU}**${NUMBER} 1)${MENU} Perform DNS Recon ${NORMAL}"
    echo -e "${MENU}**${NUMBER} 2)${MENU} Perform Network Recon ${NORMAL}"
    echo -e "${MENU}**${NUMBER} 3)${MENU} Test for Vitural Hosting and Load Balancing ${NORMAL}"
    echo -e "${MENU}**${NUMBER} 4)${MENU} Test for WAF and IPS ${NORMAL}"
	echo -e "${MENU}**${NUMBER} 5)${MENU} Perform HTTP and URL Recon ${NORMAL}"
    echo -e "${MENU}**${NUMBER} 6)${MENU} Exit ${NORMAL}"
    echo -e "${MENU}*****************************************************************************${NORMAL}"
    echo -e "${ENTER_LINE}Please enter a menu option and enter"
    read opt
}

clear
show_welcome
echo "Summary File created, happy hunting..."
sleep 2
clear

option_picked(){
    COLOR='\033[01;31m' # bold red
    RESET='\033[00;00m' # normal white
    MESSAGE=${@:-"${RESET}Error: No message passed"}
    echo -e "${COLOR}${MESSAGE}${RESET}"
}


show_menu
while [ opt != '' ]
    do
    if [[ $opt = ""]]; then
            exit;
    else
        case $opt in
        1) clear;
        option_picked "DNS Recon Selected, Please Wait";
		echo "##########Executing WHOIS Lookup ##########" >> ~/Enumeration/$domain
        whois $domain >> ~/Enumeration/$domain
		echo  "##########Executing DIG DNS querying##########" >> ~/Enumeration/$domain
		dig $domain any >> ~/Enumeration/$domain
		echo "##########Executing HOST DNS querying##########" >> ~/Enumeration/$domain
		host -l $domain >> ~/Enumeration/$domain
		echo "##########Executing DNSENUM##########" >> ~/Enumeration/$domain
		cd /home/strategicsec/toolz/dnsenum
		perl dnsenum.pl --enum -f dns.txt --update a -r $domain >> ~/Enumeration/$domain
		cd
		echo "##########Executing DNSTRACER##########" >> ~/Enumeration/$domain
		dnstracer $domain >> ~/Enumeration/$domain
		echo "##########Executing Fierce##########" >> ~/Enumeration/$domain
		cd /home/strategicsec/toolz/fierce2
		perl fierce -dns $domain >> ~/Enumeration/$domain
		cd
		option_picked "Executed WHOIS LOOKUP, DIG DNS querying, HOST DNS querying, DNSENUM, DNSTRACER, Fierce2 DNS Tool"
	sleep 5
	clear
        show_menu;
        ;;

        2) clear;
            option_picked "Network Recon Selected, Please Wait";
            echo "##########Executing TCPTRACEROUTE ##########" >> ~/Enumeration/$domain
			tcptraceroute -i eth0 $domain >> ~/Enumeration/$domain
			echo "##########Executing NMAP##########" >> ~/Enumeration/$domain
			nmap -PN -n -F -T4 -sV -A -oG temp.txt $domain  >> ~/Enumeration/$domain
			option_picked "Executed TCPTRACEROUTE, NMAP"
	sleep 5
	clear
        show_menu;
            ;;

        3) clear;
            option_picked "Virtual and LB Selected, Please Wait";
		echo "##########Executing Load Balancing Detection ##########" >> ~/Enumeration/$domain
			cd /home/strategicsec/toolz
			./lbd-0.1.sh $domain >> ~/Enumeration/$domain
		echo "##########Executing Virtual Hosting Detection ##########" >> ~/Enumeration/$domain
			cd /home/strategicsec/toolz/ritx
			perl RitX.pl -t $domain >> ~/Enumeration/$domain
			option_picked "Executed LBD, RitX"
	 sleep 5
	 clear
         show_menu;
            ;;
        4) clear;
            option_picked "WAF and IPS Detection Selected, Please Wait";
		echo "##########Executing wafw00f ##########" >> ~/Enumeration/$domain
			cd /home/strategicsec/toolz/wafw00f
			python wafw00f.py http://www.$domain >> ~/Enumeration/$domain
			cd
		echo "##########Executing IPS Detection ##########" >> ~/Enumeration/$domain
			osstmm-afd -P HTTP -t www.$domain -v >> ~/Enumeration/$domain
			echo "#!/bin/bash" > ~/toolz/ssl_proxy.sh
			echo "openssl s_client -quiet -connect www.$domain:443 2>/dev/null" >> ~/toolz/ssl_proxy.sh
	 sleep 5
	 clear
         show_menu;
            ;;
        5) clear;
		echo "##########Executing HTTPRINT ##########" >> ~/Enumeration/$domain
			option_picked "HTTP and URL Recon, Please Wait";
			cd /home/strategicsec/toolz/httprint_301/linux
			./httprint -h www.$domain -s signatures.txt -P0 >> ~/Enumeration/$domain
			cd /home/strategicsec/toolz
		echo "##########Executing List-URLS ##########" >> ~/Enumeration/$domain
			./list-urls.py http://www.$domain >> ~/Enumeration/$domain
			option_picked "Executed HTTPRINT, LIST-URLS"
	 sleep 5
 	 clear
         show_menu;
            ;;
		6) clear;
            option_picked "Goodbye";
        exit;
            ;;

        x)exit;
        ;;

        \n)exit;
        ;;

        *)clear;
        option_picked "Pick an option from the menu";
        show_menu;
        ;;
    esac
fi
done