Getting started
Knowledge hub
- Overview
-
-
- 34 M Wordlist Subdomain Brute Force
- Asn Based Network Scan
- Asset Discovery and Vulnerability Scanning
- Custom Subdomain Brute Force Wordlist From Ip Ranges
- Enumerate Cloud Resources
- Full Subdomain Enumeration
- Get Ips and Cnames
- Getdns
- Github Recon and Scanner
- Hostnames S3 Bucket Finder
- Simple Content Discovery
-
-
- amass
- anew
- apkurlgrep
- assetfinder
- cent
- cero
- cewl
- cloudenum
- crosslinked
- dnsdumpster-dns-lookup
- dnsdumpster-host-search
- dnstwist
- dnsvalidator
- dsieve
- dumpsterdiver
- eyeballer
- ffuf
- find-gh-poc
- findomain
- gau
- generate-yaml-report
- get-asn-prefixes
- get-trickest-output
- gf
- github-subdomains
- goaltdns
- gospider
- gotator
- hakcheckurl
- httprobe
- httpx
- infoga
- ipinfo
- jldc-subdomains
- katana
- mapcidr
- mass-linkfinder
- masscan
- massdns
- meg
- mksub
- naabu
- notify
- nrich
- nuclei
- oneforall
- puredns
- pymeta
- s3scanner
- securitytrails-subdomains
- spiderfoot
- sslyze
- subdomainizer
- subfinder
- tlsx
- uncover
- unfurl
- uro
- vita
- webanalyze-1
- webanalyze
- x8
Tutorials
- Creating a Workflow
- Downloading a Result
- Executing a Workflow
- How Do Machines Work
- Keeping Track of a Run
- Navigating in Workflow Editor
- Overview
- Saving a Workflow and History
- Scheduling a Workflow
- Using Workflows From Library
Concepts
Asset Discovery & Vulnerability Scanning
This workflow is designed to identify vulnerabilities and gather information about the technologies and web servers in an infrastructure. It produces several output files, including a list of vulnerabilities ranked by severity, a list of open ports, details about the technologies used in the infrastructure, a list of available web servers, and a zip file containing screenshots of those web servers. These outputs can be used to assess the security of the infrastructure and identify any potential weaknesses that may need to be addressed.
Complexity: advanced
Category: Attack Surface Management
Workflow
Asset Discovery & Vulnerability Scanning
Tools
- amass
- subfinder
- oneforall
- vita
- cewl
- mksub
- dsieve
- puredns
- goaltdns
- naabu
- httpx
- cent
- nuclei
- webanalyze-1
- sslyze
- generate-yaml-report
Setup
You can set up this workflow by changing following input values:
- ROOT DOMAIN - provide root domain, e.g. trickest.com, as a target
- YOUR TRICKEST TOKEN - provide your Trickest authentication token
- YOUR WORKFLOW ID - provide the workflow’s ID available in URL e.g https://trickest.io/editor/a4f61662-915f-4e15-8d94-1114152c36b3
- 1000 - optionally provide your wordlist brute-force limit
Workflow Targets Setup
Execution and results
After setup workflow is ready to be executed. Once workflow’s last node, report script, is finished result can be viewed and downloaded.
report script node will contain the following files:
nuclei.json- output of nuclei containing all of the vulnerabilities connected to parameterseverityused as input to the workflowopen-ports.txt- output of naabu with all of the ports open from hostnames found in the current runtechnologies.json- output of webanalyze-1 containing the valuable info about the infrastructure technologies from hostnames found in the current runwebservers.json- all of the available web servers from httpxresults.zip- eyeballer output containing all screenshots from found web servers
Try it out!
This workflow is available in the Library, you can copy it and execute it immediately!
Get a Video Demo
Fill out and submit this form to receive an in-depth video demo of the Trickest platform.
Talk To Sales
Fill out the form and we'll get back to you about any questions you have on our products, services, pricing, or scheduling a demo.