Scilla – Information Gathering (DNS/Subdomain/Port Enumeration)
Information Gathering is the process of collecting essential data about the target domain or network. Information can be of various types, like subdomains of the target domain, DNS Information, Port Information, etc. So to get this type of information, one must need to do Enumeration or lots of Reconnaissance, but Scilla is the Information Gathering tool that does lots of things for us. Scilla is a Go language-based tool that can help penetration tester collect lots of information about its target domain. Scilla performs DNS, Subdomains, Ports, Directories Enumeration. One of the most attractive features of Scilla is the report-providing mechanism. Scilla can provide a report of each scan, whether it is Subdomain or Port Enum.
Note: As Scilla is a Golang language-based tool, so you need to have a Golang environment on your system.
Click to check the Installation process of Golang in your system: Golang Installation Steps on Linux
Features of Scilla Tool
- Scilla Tool is Open Source to Use.
- Scilla Tool is Easy to Use.
- Scilla Tool is faster as it is designed in the Go language.
- Scilla Tool provides various types of Enumeration like DNS, Port, Directories, etc.
- Scilla Tool has the capability of Report generation.
Installation of Scilla Tool in Kali Linux OS
Step 1: If you have downloaded Golang in your system, verify the installation by checking the version of Golang, use the following command.
Step 2: Get the Scilla repository or clone the Scilla tool from Github, use the following command.
sudo go get github.com/edoardottt/scilla
Step 3: Now Tool is installed successfully, check the help page of the tool to get a better understanding of tool usage.
Working with Scilla Tool
Example 1: DNS Enumeration
scilla dns -target geeksforgeeks.org
In this example, We will be collecting the DNS Information about our Target which is geeksforgeeks.org. We have used -target flag for specifying our Target URL.
Example 2: Subdomains Enumeration
scilla subdomain -w /home/kali/Desktop/wordlists.txt -target geeksforgeeks.org
1. In this example, We will be performing Subdomains Enumeration on our target. In the below Screenshot, we have provided the wordlist.txt file which contains possible words through which subdomains can be detected.
2. In the below Screenshot, We are performing Subdomain Enumeration. You can see that we have got subdomains lists along with their Status. The Subdomain with status code 200 Ok is the live or accessible subdomain.
Example 3: Directories Enumeration
scilla dir -w /usr/share/wordlists/dirb/common.txt -target geeksforgeeks.org.
1. In this example, We will be performing Directory Enumeration on target. In the below Screenshot we have the list of words or list of possible directory words through which directories will be detected on the target domain
2. In the below Screenshot, We are starting Directory Enumeration on geeksforgeeks.org. You can see the status of directories detected on geeksforgeeks.org.
Example 4: Ports Enumeration
scilla port -target geeksforgeeks.org
1. in this Example, We are performing Ports Enumeration on domain geeksforgeeks.org. Scilla will scan all the ports from 1 to 65535 and display the result. You can see that port 80 is open on the target domain so it is displayed on the terminal.
Example 5: Report Creation
scilla report -p 80 -target http://geeksforgeeks.org
1. In this example, we will generate the Report of our Target domain geeksforgeeks.org
2. In the below Screenshot, You can see that the Scilla tool is generating the report of various scans at the same time.
Scilla tool is an all-in-one tool for Information Gathering and Enumeration. Its Speed and Efficiency make it more attractive for Penetration Testers. You can use this tool for Penetration Testing or Bug Bounty Hunting.