Layla is a python script that automatically performs recon on a
given URL. It combines the outputs of other known tools into a single one.
To start, make sure that you're using a Debian-based distro, like Kali Linux, for example. Since the script uses Python3 to run, it's essential to have it installed on your machine.
- Cloning the project:
git clone https://github.com/mthf0/layla.git
- Get into the project' folder:
cd layla/
- Install all dependencies
chmod +x install.sh & sudo ./install.sh
- Run the script
python3 layla.py --url owasp.org
-
Web Application Firewall Detection
-
Port Scanning
-
Subdomain Detection
-
Directory Discovery
This script needs a lot of improvements, which I'll definitely add with time. I'll list some of them below:
- Fine-tune some parameters from:
- NMAP
- AMASS
- Add subdomain takeover detection with subjack.
- Add visual recon, aquatone would be nice for that.
- Add permutation scanning using dnsgen.
- Add certificate search from crt.sh. (automated script)
- Add GitHub recon.