Skip to content
/ Yelaa Public
forked from matro7sh/Yelaa

Obtain a clean-cut architecture at the launch of a mission and run some tests ( subdomain search, fuzzing, make screenshots on a given perimeter )

0 stars 5 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

VidsSkids/Yelaa

BranchesTags
 
 

Repository files navigation

Yelaa

Obtain a clean-cut architecture at the launch of a mission and make some tests

Requirements

You need to have the chrome binary in your path:

google-chrome

How to install

Manually :

git clone https://github.com/CMEPW/Yelaa.git
cd Yelaa
make compile

Or if you have set your GO path and all the requirements installed :

go install github.com/CMEPW/Yelaa@latest

In a Docker-container:

# Build docker container
make docker

# Or
docker build -t yelaa \
		--build-arg USER_ID=$(id -g) \
		--build-arg GROUP_ID=$(id -u) \
		.

# create a file with your target
echo "Some web addresses..." > targets.txt

# run the container like so
docker run \
    --security-opt seccomp=unconfined \
    -v $PWD:/home/yelaa_user \
    yelaa \
    checkAndScreen -t /home/yelaa_user/targets.txt

In Kali:

wget https://dl.google.com/linux/direct/google-chrome-stable_current_amd64.deb

sudo  apt install ./google-chrome-stable_current_amd64.deb

wget https://github.com/CMEPW/Yelaa/releases/download/v1.5.2/Yelaa_1.5.2_Linux_x86_64.tar.gz

tar -xvf Yelaa_1.5.2_Linux_x86_64.tar.gz
./Yelaa -h

How to use

-s is optional You can run Yelaa create -c <client> -s <PathToSharedFolder>

How to run scan

Yelaa scan -t <PathToTargetFile>

Use http proxy

Yelaa scan -p http://localhost:8080 -target ./targets.txt

Flag -k is available to skip tls configuration

How to run osint on a domain

Yelaa osint -t ./targets.txt -p http://localhost:8080 --path /tmp

or

./Yelaa osint -d <domain>

This command use the default browser to open the dork page To run osint command on several domains run Yelaa osint -t targets.txt

How to run httpx then gowitness

Yelaa checkAndScreen -t domains.txt

Low fruits : Infrastructure Penetration Testing

nmap -T4 -Pn -p 80,443,8080,8443 --open -oA EvilCorp-24 192.168.1.0/24

then cat *.gnmap | grep -i "open/tcp" | cut -d " " -f2 | sort -u > web-targets.txt

Finaly ./Yelaa checkAndScreen -t ./web-targets.txt

Help

Yelaa -h
 __   __         _
 \ \ / /   ___  | |   __ _    __ _
  \ V /   / _ \ | |  / _` |  / _` |
   | |   |  __/ | | | (_| | | (_| |
   |_|    \___| |_|  \__,_|  \__,_|
Obtain a clean-cut architecture at the launch of a mission and make some tests

Usage:
  create -c [client name] [flags]
  create [command]

Available Commands:
  checkAndScreen Run httpx and gowitness
  help            Help about any command
  osint           Run subfinder, dnsx and httpx to find ips and subdomains of a specific domain
  scan            It will run gobuster and store logs in .yelaa (by default)

Flags:
  -c, --client string         Client name
  -e, --excludedType string   excluded type
  -h, --help                  help for create
  -k, --insecure              Allow insecure certificate
  -p, --proxy string          Add HTTP proxy
  -s, --shared string         path to shared folder
      --path string           Output path (default "/home/$USER/.yelaa")

Use "create [command] --help" for more information about a command.

This script will create a default structure using create command, as well as a cherytree database with payloads for external testing and useful commands for internal testing

Contributors


Darkweak
Mike Houziaux
Julien
Tom Chauveau
bogdan
VidsSkids

About

Obtain a clean-cut architecture at the launch of a mission and run some tests ( subdomain search, fuzzing, make screenshots on a given perimeter )

Resources

Readme
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

15 tags

Packages

No packages published

Languages

  • Go 98.3%
  • Other 1.7%