Sub-Ringan-Framework
Sub-Ringan-Framework π
Tool for automate bughunting process π.
βΆοΈ π£πΊ ππ¦π· ππͺπ«π’πΊ ππ-129 π«πΆπ―π¦ 2024 βοΈ
Presenting the Sub-Ringan Framework, a user-friendly bug hunting tool designed to automate the process of identifying vulnerabilities in web applications. This tool is created specifically for bug bounty hunters and cybersecurity experts, By automating much of the work, it allows testers to focus on uncovering critical vulnerabilities and improving web application security.
Key Features π:
Subdomain Discovery from everywhere including many websites-db β: Quickly identify all subdomains associated with your target, providing you with a comprehensive overview.
Fetch every live π· URL from every assets,subs,webs-db πΈ: Find and then Scan live URLs for potential vulnerabilities, ensuring thorough coverage of your targetβs web presence.
XSS (Cross-Site Scripting) Detection all π Reflected parameters with inbuild and customizable polyglot payload π¦: Uncover XSS vulnerabilities that could compromise user data and application security.
One and only header base SSRF (Server-Side Request Forgery) π Detection: Identify potential SSRF vulnerabilities that might lead to unauthorized data access.
SQLi ( time base , header base SQL Injection) Analysis π: Detect SQL injection points and potential weaknesses in your targetβs database.
LFI (Local File Inclusion) Search π: Hunt for LFI vulnerabilities that could lead to unauthorized access to sensitive files.
Efficient Organization:
Sub-Ringan Framework automatically arranges target files in a structured directory, enhancing your workflow and enabling seamless collaboration with fellow bug bounty hunters.
Installation and pre-requirements for Sub-Ringan βοΈ Framework:
Required π Dependencies:
gf: A powerful pattern-matching utility for extracting URLs and other useful information from web pages.
Install it from: https://github.com/tomnomnom/gfhttpx: A fast and multi-purpose HTTP utility.
Install it from: https://github.com/projectdiscovery/httpxtee: A command-line utility for redirecting output to multiple files. Itβs usually available by default on most Unix-like systems.
assetfinder: A tool to discover assets from a domain.
Install it from: https://github.com/tomnomnom/assetfindergetallurls: A tool to fetch all URLs from a web page.
Install it from: https://github.com/lc/gauwaybackurls: A tool to fetch URLs from the Wayback Machine.
Install it from: https://github.com/tomnomnom/waybackurlsgxss: A tool for finding reflected parameters.
Install it from: https://github.com/KathanP19/Gxssanew: A tool for filtering and manipulating text output.
Install it from: https://github.com/tomnomnom/anew
Installation β Steps:
1. Clone the Sub-Ringan Framework repository from GitHub:
git clone https://github.com/R4GN4R0K-SEC/Sub-Ringan-Framework.git
2. Navigate to the Sub-Ringan Framework directory:
cd Sub-Ringan-Framework
cd Sub-ringan
chmod +x Sub-Ringan.sh
sh Sub-Ringan.sh
3. Make sure all the required dependencies are installed and available in your system
Click on this Image to Watch YouTube Video
Interface 1 π§
Interface 2 π₯
Interface 3 βοΈ
π Special Thanks to the Awesome Tools that Power Sub-Ringan Framework! π
- gf: Rohan Aggarwal (@rohank1337)
- sqlmap: Bernardo Damele A. G. (@MiroslavStampar)
- amass: Jeff Foley (@caffix)
- subfinder: Ice3man (@Ice3man543)
- ffuf: Magnus Stubman (@ffuf)
- httpx, qsreplace, getallurls, waybackurls, gxss ,anew, asset finder : Tom Hudson (@tomnomnom)
Kudos to these talented individuals for their invaluable contributions! π
- Sub-Ringan-Framework: is not just relying on other tools β it brings some fresh techniques to the table, like header-based SSRF detection π and an inbuilt polyglot XSS payload. and detect time basedβ³ SQL injection with temper bypass technique Itβs not just a wrapper for other programs.
License
This project is licensed under the MIT License. See LICENSE for details.