Skip to content
/ Nucleus Public

Nucleus is a supplemental offensive security tool that leverages open source tools to automate some of the remedial tasks that take place during penetration testing and bug bounty hunting.

License

MIT license
1 star 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

r3s-ost/Nucleus

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

8 Commits
LICENSE
LICENSE
 
 
README.md
README.md
 
 
installation.sh
installation.sh
 
 
tool.sh
tool.sh
 
 

Repository files navigation

███╗   ██╗██╗   ██╗ ██████╗██╗     ███████╗██╗   ██╗███████╗
████╗  ██║██║   ██║██╔════╝██║     ██╔════╝██║   ██║██╔════╝
██╔██╗ ██║██║   ██║██║     ██║     █████╗  ██║   ██║███████╗
██║╚██╗██║██║   ██║██║     ██║     ██╔══╝  ██║   ██║╚════██║
██║ ╚████║╚██████╔╝╚██████╗███████╗███████╗╚██████╔╝███████║
╚═╝  ╚═══╝ ╚═════╝  ╚═════╝╚══════╝╚══════╝ ╚═════╝ ╚══════╝

Nucleus is a supplemental offensive security tool that leverages open source tools to automate some of the remedial tasks that take place during penetration testing and bug bounty hunting. Created by AG from risk3sixty.

Installation

For best results, it is advised that you run this tool from a disposable VPC (i.e., DigitalOcean, AWS, Linode, etc.) to avoid having your public IP address blocked. This tool and the installation should be run as root to ensure proper permissions are met when installing dependencies.

git clone https://github.com/r3s-ost/Nucleus
cd Nucleus
./installation.sh

Usage

./tool.sh -h
Usage: ./tool.sh [-d domain] [-D domain_list] [-i ip/CIDR] [-I ip_list] [-h]
  -d  Specify a single domain.
  -D  Specify a list of domains from a file.
  -i  Specify a single IP address or CIDR range.
  -I  Specify a list of IP addresses and/or CIDR ranges from a file.
  -h  Display this help message.

Example

image

Additional Configuration

To better equip Nucleus, it is recommended to add additional provider API keys to the subfinder configuration. This will help collect more subdomains for your targets (if searching a domain/domains). To do so, create or modify the providers file typically found at $HOME/.config/subfinder/provider-config.yaml

The script also contains actions to provide a notification via notify for certain outputs. This function is commented out by default, but can be enabled by simply removing the comment (lines 85, 88, 106, 109). Just remember to setup your preferred notification method in the configuration file $HOME/.config/notify/provider-config.yaml

Author

Created by Andrew Gahan - Senior Security Consultant @ risk3sixty

Final Thoughts

This tool is meant to be used for authorized testing only. Do not use this tool to attack targets in which you to have written, authorized consent. R3S is not liable for any unauthorized usage of this tool, or any other public tools.

About

Nucleus is a supplemental offensive security tool that leverages open source tools to automate some of the remedial tasks that take place during penetration testing and bug bounty hunting.

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

1 star

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages