Skip to content

Examples

Jump to bottom
fyoorer edited this page Jan 23, 2022 · 8 revisions

shadowclone.py

The syntax is heavily inspired (read copied ;)) from fleex scan so if you are familiar with fleex, you'd have no problem instantly switching to shadowclone.

⚡ python shadowclone.py -h
usage: cloudcli.py [-h] -i INPUT [-s SPLITNUM] [-o OUTPUT] -c COMMAND

optional arguments:
  -h, --help            show this help message and exit
  -i INPUT, --input INPUT
  -s SPLITNUM, --split SPLITNUM
                        Number of lines per chunk of file
  -o OUTPUT, --output OUTPUT
  -c COMMAND, --command COMMAND
                        command to execute

-i or --input -> is the path to your input file on your local machine. (Required)

s or --split -> number of lines to keep per chunk of input file. Default=1000 (Optional)

-o or --output -> write output to file. Default=stdout (Optional)

c or --command -> Command to execute on the cloud. It takes a special placeholder {INPUT} which will be replaced by a chunk of input file dynamically (Required)

See examples below to get a better understanding

httpx

python shadowclone.py -i <SUBDOMAINS FILE> --split 100 -o <OUTPUT FILE> -c "/go/bin/httpx -l {INPUT}"

ffuf

python shadowclone.py -i <WORDLIST FILE> --split 300 -o <OUTPUT FILE> -c "/go/bin/ffuf -u https://www.example.com/FUZZ -w {INPUT} -s -ac"

nuclei

python shadowclone.py -i <WEB DOMAINS FILE> --split 100 -o <OUTPUT FILE> -c "/go/bin/nuclei -l {INPUT} -t /nuclei-templates/technologies/tech-detect.yaml"

puredns resolve

python shadowclone.py -i <SUBDOMAINS FILE> --split 100 -o <OUTPUT FILE> -c "/go/bin/puredns resolve {INPUT} --resolvers /function/resolvers.txt"

shadowbrute.py

This tool simply distributes a wordlist into 1mb chunks and distributes to functions

syntax is pretty simple:

usage: shadowbrute.py [-h] -d DOMAIN -w WORDLIST [-o OUTPUT]

optional arguments:
  -h, --help            show this help message and exit
  -d DOMAIN, --domain DOMAIN
  -w WORDLIST, --wordlist WORDLIST
                        Path to local wordlist file
  -o OUTPUT, --output OUTPUT
                        Write output to a file

Just provide a domain name -d, a local wordlist file and output file path. The wordlist will be divided in chunks of 1mb each and distributed to cloud functions to run parallely. It just runs puredns which is already packaged in the default container image as well as uses a default resolvers file and prints out the results. If you have updated the container image, you will have to update the script accordingly.

Clone this wiki locally