CPE_Scanner.sh

1. #!/bin/bash
2.  
3. echo -e"Made By ClumsyLulz"
4.  
5. # Check if domain is provided
6. if [ -z "$1" ]; then
7. echo "Usage: $0 <domain>"
8. exit 1
9. fi
10.  
11. DOMAIN=$1
12.  
13. # Get IP address
14. IP=$(dig +short "$DOMAIN" | head -n 1)
15.  
16. # Get open ports
17. PORTS=$(nmap -p- --open -T4 "$DOMAIN" | grep -oP '(\d+)/open' | cut -d '/' -f 1 | jq -cs '.')
18.  
19. # Get hostnames associated with IP
20. HOSTNAMES=$(dig +short -x "$IP" | jq -Rcs '.')
21.  
22. # Get CPEs (example with `nmap` scan; actual CPE detection is limited without extensive tools)
23. CPES=$(nmap -sV --script vulners "$DOMAIN" -oX - | grep 'cpe:/a:' | sed 's/<.*cpe://;s/">.*//' | jq -cs '.')
24.  
25. # Get vulnerabilities (example using a vulnerability database; requires `vulners` nmap script)
26. VULNS=$(nmap -sV --script vulners "$DOMAIN" -oX - | grep -oP 'CVE-[0-9]{4}-[0-9]+' | jq -cs '.')
27.  
28. # Collect tags (Example: SSL, self-signed cert detection with `curl`)
29. SSL_CHECK=$(curl -I https://"$DOMAIN" 2>&1 | grep -i 'self-signed' && echo '"self-signed"' || echo '""')
30. TAGS=$(echo "$SSL_CHECK" | jq -cs '.')
31.  
32. # Build the JSON structure
33. JSON=$(jq -n \
34. --argjson cpes "$CPES" \
35. --argjson hostnames "$HOSTNAMES" \
36. --arg ip "$IP" \
37. --argjson ports "$PORTS" \
38. --argjson tags "$TAGS" \
39. --argjson vulns "$VULNS" \
40. '{cpes: $cpes, hostnames: $hostnames, ip: $ip, ports: $ports, tags: $tags, vulns: $vulns}')
41.  
42. # Print JSON
43. echo "$JSON"
44.