Netlas Recon Automation with Nuclei: Neuro

Netlas is a very new tool providing variety of services like IP WHOIS search, DNS search, attack surface discovery, Certificate Search, Responses Search. It is like a good alternative to shodan.

Netlas also has a lot of dorking facilities.

In this post, we would utilize Netlas python library to automate scanning for vulnerabilities for all subdomains for domain via nuclei templates.

Githup repo for Neuro:

https://github.com/humblelad/neuro

Using Neuro, we have implemented end to end automation to find open vulnerabilities by coupling netlas api with nuclei template scanner.

Create netlas account using my referral code to get 2X more requests than standard user.

https://app.netlas.io/ref/d053087d/

Please ensure you have installed httpx, nuclei and netlas python dependencies in your system. The process is very easy to follow if we follow the steps by given in documentation.

httpx

go install -v github.com/projectdiscovery/httpx/cmd/httpx@latest

Nuclei

go install -v github.com/projectdiscovery/nuclei/v3/cmd/nuclei@latest

We have used the netlas python library to first download the subdomains and then fetch live subdomains.Here is the netlas python repo- https://github.com/netlas-io/netlas-python

pip3 install netlas

Get the api key from netlas dashboard and place in the .py script and run ./run.sh and enter the domain name intented to run Neuro on.

Later, we are feeding those results, wherein we can manipulate it in our intended way to get results. For now , it scans all the templates having severity as critical and high with concurrency of 50 requests. We may later save the results to a file/ create cron jobs to auto run the python script , setup slack alerts etc according to our convenience and business requirement.

Note: While running the shell script, keep all the .py , .txt files in the same folder.

TLDR: Neuro is available on github https://github.com/humblelad/neuro