A suite of workflows designed to integrate open-source tools for offensive security.
A suite of workflows designed to integrate open-source tools for offensive security, yublueflower provides comprehensive vulnerability assessments.
- Reconnaissance Phase: In this phase, web crawling is done passively and actively.
- Vulnerability Assessment Phase: In this phase, vulnerability assessment is carried out through an offensive approach.
- Reporting Phase: In this phase, a report is generated.
This tool is designed to be flexible and effective in supporting offensive security workflows. It has been tested to work smoothly on WSL (Windows Subsystem for Linux) with Kali Linux.
- Reconnaissance Phase:
- Passive crawling to collect URLs.
- Active crawling for deeper URL discovery.
- Vulnerability Assessment Phase:
- Automatically scans vulnerabilities based on severity and tags (CVE) and performs dynamic application security testing (DAST).
- Reporting Phase:
- Automatically saves results in a timestamped folder.
- Options:
- Silent mode suppresses the output of the reconnaissance process, helping to reduce clutter in the terminal during the scan.
- Operating System: WSL (Windows Subsystem for Linux) with Kali Linux
- Dependencies: Go programming language (see installation instructions)
To install yublueflower, clone the repository and set up the tool as follows:
git clone https://github.com/1337rokudenashi/yublueflower.git
cd yublueflower
chmod +x yublueflower.shTo run the tool, use the following command:
./yublueflower.sh -url http://testphp.vulnweb.com/ -silent
We welcome contributions! Feel free to fork the repository, improve the tool, and submit a pull request.
This project is licensed under the MIT License. See the LICENSE file for details.
Developed and maintained by 1337rokudenashi.