🏴☠️Scilla Information Gathering tool 🏴☠️
Presentation
Scilla is an old town in the southern part of Costa Viola.
It is also the name of a sea-dwelling monster that appears in Greek mythology and Odysseus.
Scilla is the Greek word for “scylla.”
This Scylla is usually talked about in pairs with a monster called “Charybdis”.
Charybdis is Italian for Charybdis.
It is a well-known legend that Scylla and Charybdis live on both sides of the Strait of Messina. Charybdis was the daughter of Poseidon and Gaia and was an extraordinary eater. At one point, he ate a whole herd of livestock and was transformed into a monster by Zeus and banished to the sea.
Since then, Charybdis has been swirling three times a day, inhaling and exhaling large amounts of seawater. If a ship happens to pass by, it’s a ship. Speaking of Odysseus and the monsters of the sea, the story of Siren is famous. Siren is a monster who hears the singing voice and is confused and eventually wrecked the ship. Odysseus encounters Charybdis and Scylla after encountering this Siren.
A monster that swallows a piece or anything, and a monster that eats people with the heads of a piece or six beasts. Charybdis manages to get through, but Scylla attacks and kills six crew members.
So Scilla is actually only a town or a monster? NO.
Scilla is an information gathering tool.
This tool allows you easily to search for DNS records, Directories, Subdomains and open ports. If you are familiar with nmap, gobuster, dirsearch, sublist3r.. etc, you know what I’m talking about.
Installation
Scilla is a Command Line tool written entirely on Golang (basically due to the power of goroutines).
Before installing Scilla you need to install Go. Follow This to install Golang on your machine.
Then, I’m talking about Installation on Kali Linux but it’s the same for all the Linux-based OS.
You need to use git, just execute this line of code inside a shell:
git clone https://github.com/edoardottt/scilla.git;cd scilla;go get;sudo make linux
Then just type scilla to see if the installation process ended successfully
For any doubt please visit the official repository or my website edoardoottavianelli.it to reach Edoardo Ottavianelli.
Basic functionalities
If you type scilla help you will see all the commands and the options (required and not) in scilla.
Also scilla examples is useful because you can see all the commands you can execute.
There are 5 main subcommands in Scilla:
DNS Enumerationscilla dns -target example.com
Directories Enumerationscilla dir -target example.com
Port Enumerationscilla port -target example.com
Subdomain Enumerationscilla subdomain -target example.com
Full Report (All 4 commands above)scilla report -target example.com
Advanced functionalities
We will do some exaples. Please be aware that you can mix all the options belonging to a subcommand (e.g. you can use in the same time the output as html and a well defined port range..)
DNS Enumeration
In DNS enumeration we can output the results as a txt document or html document.
scilla dns -o txt -target example.com scilla dns -o html -target example.com
Directories Enumeration
In Directories enumeration we can output the results as a txt document or html document.
scilla dir -o txt -target example.com scilla dir -o html -target example.com
We can use also a custom wordlist.
scilla dir -w rockyou.txt -target example.com
Maybe in some cases it’s useful to ignore some type of responses by the response code.
We can ignore array of response codes in this way:
scilla dir -i 500,503 -target example.com
Or by an entire class of response codes (1,2,3,4,5). scilla dir -i 5,4** -target example.com
Port Enumeration
In Port Enumeration we can select a single port to scan or a range of ports:
To scan a single port:
scilla port -p 80 -target example.com
To scan a range of ports from the first to a defined ending port:
scilla port -p -1000 -target example.com
To scan a range of ports from the defined first port to the last (65635):
scilla port -p 3493- -target example.com
To scan a range of ports from the defined first port to the defined ending port:
scilla port -p 22-80 -target example.com
In Port enumeration we can output the results as a txt document or html document.
scilla port -o txt -target example.com scilla port -o html -target example.com
Subdomain Enumeration
The explanation is exactly the same as Directories enumeration:
scilla subdomain -target example.com scilla subdomain -w wordlist.txt -target example.com scilla subdomain -o txt -target example.com scilla subdomain -o html -target example.com scilla subdomain -i 400 -target example.com scilla subdomain -i 4** -target example.com
Full Report (All 4 commands above)
Default (all ports, so 1-65635)
scilla report -target target.domain
Specifying ports range
scilla report -p 20-90 -target target.domain
Specifying starting port (until the last one)
scilla report -p 20- -target target.domain
Specifying ending port (from the first one)
scilla report -p -90 -target target.domain
Specifying single port
scilla report -p 80 -target target.domain
Specifying output format (txt)
scilla report -o txt -target target.domain
Specifying output format (html)
scilla report -o html -target target.domain
Specifying directories wordlist
scilla report -wd dirs.txt -target target.domain
Specifying subdomains wordlist
scilla report -ws subdomains.txt -target target.domain
Specifying status codes to be ignored in directories scanning
scilla report -id 500,501,502 -target target.domain
Specifying status codes to be ignored in subdomains scanning
scilla report -is 500,501,502 -target target.domain
Specifying status codes classes to be ignored in directories scanning
scilla report -id 5,4 -target target.domain
Specifying status codes classes to be ignored in subdomains scanning
scilla report -is 5,4 -target target.domain
Conclusion
This project is maintained ony by me (Edoardo Ottavianelli).
Contributions are welcome, if you want to contribute just go on GitHub repo, read the issues open, or just open another issue. I suggest you text me before submitting a pull request.
Happy Hacking!
References
Edoardo Ottavianelli, Cybersecurity Student at Sapienza University. Passionate about Computing, Nature and the whole sphere of Science.
Edoardo Ottavianelli social media accounts:
- Website: https://www.edoardoottavianelli.it
- GitHub: https://github.com/edoardottt
- Twitter: https://twitter.com/edoardottt2
- Instagram: https://instagram.com/edoardottt
- Tryhackme: https://tryhackme.com/p/edoardottt