Home

Awesome

<p align="center"> <img src="https://github.com/edoardottt/images/blob/main/scilla/logo.png"><br> <b>🏴‍☠️ Information Gathering tool 🏴‍☠️ - DNS / Subdomains / Ports / Directories enumeration</b><br> <br> <!-- go-report-card --> <a href="https://goreportcard.com/report/github.com/edoardottt/scilla"> <img src="https://goreportcard.com/badge/github.com/edoardottt/scilla" alt="go-report-card" /> </a> <!-- workflows --> <a href="https://github.com/edoardottt/scilla/actions"> <img src="https://github.com/edoardottt/scilla/workflows/Go/badge.svg?branch=main" alt="workflows" /> </a> <br> <sub> Coded with 💙 by edoardottt </sub> <br> <!--Tweet button--> <a href="https://twitter.com/intent/tweet?url=https%3A%2F%2Fgithub.com%2Fedoardottt%2Fscilla%20&text=Information%20Gathering%20tool%21&hashtags=pentesting%2Clinux%2Cgolang%2Cnetwork" target="_blank">Share on Twitter! </a> </p> <p align="center"> <a href="#installation-">Install</a> • <a href="#get-started-">Get Started</a> • <a href="#examples-">Examples</a> • <a href="#changelog-">Changelog</a> • <a href="#contributing-">Contributing</a> • <a href="#license-">License</a> </p> <!--[![asciicast](https://asciinema.org/a/406707.svg)](https://asciinema.org/a/406707)--> <p align="center"> <img src="https://github.com/edoardottt/images/blob/main/scilla/scilla.gif"> </p>

Installation 📡

Homebrew

brew install scilla

Snap

sudo snap install scilla

Go

go install -v github.com/edoardottt/scilla/cmd/scilla@latest

Building from source

You need Go.

Using Docker

docker build -t scilla .
docker run scilla help

Get Started 🎉

scilla help prints the help in the command line.

usage: scilla subcommand { options }

   Available subcommands:
       - dns [-oj JSON output file]
             [-oh HTML output file]
             [-ot TXT output file]
             [-plain Print only results]
             -target <target (URL/IP)> REQUIRED
       - port [-p <start-end> or ports divided by comma]
              [-oj JSON output file]
              [-oh HTML output file]
              [-ot TXT output file]
              [-common scan common ports]
              [-plain Print only results]
              -target <target (URL/IP)> REQUIRED
       - subdomain [-w wordlist]
                   [-oj JSON output file]
                   [-oh HTML output file]
                   [-ot TXT output file]
                   [-i ignore status codes]
                   [-c use also a web crawler]
                   [-db use also a public database]
                   [-plain Print only results]
                   [-db -no-check Don't check status codes for subdomains]
                   [-db -vt Use VirusTotal as subdomains source]
                   [-db -bw Use BuiltWith as subdomains source]
                   [-ua Set the User Agent]
                   [-rua Generate a random user agent for each request]
                   [-dns Set DNS IP to resolve the subdomains]
                   [-alive Check also if the subdomains are alive]
                   -target <target (URL)> REQUIRED
       - dir [-w wordlist]
             [-oj JSON output file]
             [-oh HTML output file]
             [-ot TXT output file]
             [-i ignore status codes]
             [-c use also a web crawler]
             [-plain Print only results]
             [-nr No follow redirects]
             [-ua Set the User Agent]
             [-rua Generate a random user agent for each request]
             -target <target (URL/IP)> REQUIRED
       - report [-p <start-end> or ports divided by comma]
                [-ws subdomains wordlist]
                [-wd directories wordlist]
                [-oj JSON output file]
                [-oh HTML output file]
                [-ot TXT output file]
                [-id ignore status codes in directories scanning]
                [-is ignore status codes in subdomains scanning]
                [-cd use also a web crawler for directories scanning]
                [-cs use also a web crawler for subdomains scanning]
                [-db use also a public database for subdomains scanning]
                [-common scan common ports]
                [-nr No follow redirects]
                [-db -vt Use VirusTotal as subdomains source]
                [-ua Set the User Agent]
                [-rua Generate a random user agent for each request]
                [-dns Set DNS IP to resolve the subdomains]
                [-alive Check also if the subdomains are alive]
                -target <target (URL)> REQUIRED
       - help
       - examples

Examples 💡

Changelog 📌

Detailed changes for each release are documented in the release notes.

Contributing 🛠

Just open an issue / pull request.

Before opening a pull request, download golangci-lint and run

golangci-lint run

If there aren't errors, go ahead :)

To do:

In the news 📰

License 📝

This repository is under GNU General Public License v3.0.
edoardottt.com to contact me.