**<u>CHaS</u>**


**CHaS.pl** - Check Headers and SSL

**PEaS.pl** - Pre-Pentest Enumeration and Scanning

**Recursive_PEaS.php** - Run PEaS against a list of hosts

***

**<u>What required programs do</u>**

**aha** - Converts ANSI terminal output to HTML

**sslscan** - Gather information about the SSL certificate in use and identify vulnerabilities / misconfigurations

**testssl** - A better version of the above.

**securityheaders** - Check for missing or misconfigured headers on a web application

**nmap** - Port scanner with plugins to enumerate and fingerprint services running

**nikto** - Web server scanner that tests web servers for dangerous files/CGIs, outdated server software and other problems.

**dirb** - Web application directory brute-forcer

**wig** - Web aplication information gatherer - similar to whatweb

**davtest** - Identifies if webdav is enabled and check for vulnerabilities if is.

**wafw00f** - Detects if website is behind a waf and tries to identify it if one is detected

**whatweb** - Identifies underlying technologies and versions running the web application such as server version and CMS

**metagoofil** - Information gathering tool designed for extracting metadata of public documents

**spaghetti** - Web app scanner designed to find various default and insecure files, configurations and misconfigurations.

***

**<u>Recursive_PEaS Usage</u>**

1) create a file containing 1 host per line

2) edit PEaS.pl to not launch the file browser at the end

3) edit Recursive_PEaS.php to know the location of the list file and PEaS.pl

4) php ./Recursive_PEaS.php

***

**<u>Ports</u>**

Richard Clifford - Python: [https://github.com/richard-clifford/CHaS](https://github.com/richard-clifford/CHaS)