CHaS

CHaS.pl - Check Headers and SSL

PEaS.pl - Pre-Pentest Enumeration and Scanning

Recursive_PEaS.php - Run PEaS against a list of hosts

What required programs do

aha - Converts ANSI terminal output to HTML

sslscan - Gather information about the SSL certificate in use and identify vulnerabilities / misconfigurations

testssl - A better version of the above.

securityheaders - Check for missing or misconfigured headers on a web application

nmap - Port scanner with plugins to enumerate and fingerprint services running

nikto - Web server scanner that tests web servers for dangerous files/CGIs, outdated server software and other problems.

dirb - Web application directory brute-forcer

wig - Web aplication information gatherer - similar to whatweb

davtest - Identifies if webdav is enabled and check for vulnerabilities if is.

wafw00f - Detects if website is behind a waf and tries to identify it if one is detected

whatweb - Identifies underlying technologies and versions running the web application such as server version and CMS

metagoofil - Information gathering tool designed for extracting metadata of public documents

spaghetti - Web app scanner designed to find various default and insecure files, configurations and misconfigurations.

Recursive_PEaS Usage

1) create a file containing 1 host per line

2) edit PEaS.pl to not launch the file browser at the end

3) edit Recursive_PEaS.php to know the location of the list file and PEaS.pl

4) php ./Recursive_PEaS.php

Ports

Richard Clifford - Python: https://github.com/richard-clifford/CHaS