spyboy-productions / cloakquest3r Goto Github PK

While browsing through LinkedIn I found this tool and it was very useful to me so I thought "why not?" and I've decided to refactor this code while trying to improve my Python skills and helping the community somehow.

Before opening a new Pull Request I'd rather ask to the authors their opinion on the actual code as I don't expect you to accept those changes without complaints or questions. So here's a breakthrough of the changes.

⚠️ Disclaimer: I'm not good at coloring outputs, and I find the methods to do so extremely irritating so I didn't used many colors, but this can always be updated later on.

⚠️ Disclaimer #2: I'm also not the best programmer ever, but I've tried my best to facilitate people's life, this does include the author of the code.

🗒️ Changelog:

I've made a couple of changes, so I'm splitting this in different sections.

File Structure

I've modified the project's folder structure. Having a unique and extremely big file containing different functions and parts of the code can become a real mess sometimes and, unfortunately, this is the case.

Previous Structure

CloakQuest3r/
│
├── cloakquest3r.py
├── requirements.txt
└── wordlist.txt

Updated Structure

CloakQuest3r/
│
├── cloakquest3r.py
├── requirements.txt
├── config.toml				# Author information/links, version tag & API keys
├── core/					# Core functionalities of the code
│	├── __init__.py
│	├── cloakquester.py		# Main functions
│	├── banner.py			
│	└── color.py			
├── docs/					# Documentation related files
│	└── LICENSE
└── wordlists/				# Out-of-the-box wordlists
	└── default.txt

Splitting the code into distinct sections enhances organization and makes it easier to find specific code segments when updating or adding new features. Cloakquest3r has been modularized, with its own dedicated module.

• The banner.py contains functions related to banner and social media output, as this is not relevant for the main code to work, this allows the author to easily change the visual and/or colors as desired without touching the main code.
• The config.toml file stores API keys and also other relevant information about the author and his social media links and code version.
• The color.py file stores colored output related functions, to avoid unnecessary lines of code in the main file.
• The default out-of-the-box tool wordlist is included inside the wordlists folder.
• Templates, license, and other documentation should be stored inside the docs folder.

Code Changes

Previously created functions have been refactored, rewritten and/or renamed for simplicity of code as needed. Some functions and variables names have become clearer and shorter.

• Reduced is_using_cloudflare and detect_web_server to a single function, since both do basically the same thing. The code now verifies wheter the target is behind Cloudflare before doing anything else, and only asks for confirmation if the code isn't.
• The code now verifies both if both URL and wordlist file are valid. Both have their own functions for validation: is_valid_url and is_valid_file.
• Two functions have been added _to_url and _to_hostname. Those basically convert the string as some functions require the URL schema (https://) while others don't.

Features

I've added some features that I thought would help users and also trying to add some features mentioned in the Contribution section of the README.md file.

• Added the -w/--wordlist flag, allowing the user to set a custom wordlist for subdomain discovery.
• Added the --no-bruteforce option to avoid subdomain discovery through bruteforcing.
• Added the --no-security-trail option to avoid Security Trails usage for IP history discovery,
• Added the --no-banner option, as this can be useful while piping the output to an external file.
• Added the --force option to ignore wheter the target is using cloudflare of not.
• Added a help page -h/--help using argparse module.

TODO:

Some changes are still in progress and may or may be not continued based on the author's opinion on the code.

• Adding docstrings to functions, some functions already have this included but I was too lazy to add them all.
• Adding typing to functions. Same as above, too lazy to add all.
• More color to printed texts. Adding colors can be an issue due to the fact a simple print function can become hard to understand in the code with the brackets everywhere.
• Turn this into a PyPI package?

Final Considerations

My only objectives is to help and collaborate to the code somehow while improving my coding skills, I don't expect those changes to be accepted without complaints. I'm willing to listen and react to feedback from the code author.

The refactored code is available here: https://github.com/JLowborn/CloakquesterRedone

I tried this instrument, and work's good for me.

I got an error when running the code for the first time

Traceback (most recent call last): File "C:\Users\62897\CloakQuest3r\cloakquest3r.py", line 167, in <module> print_banners() File "C:\Users\62897\CloakQuest3r\cloakquest3r.py", line 44, in print_banners print(f'{G} \u2570\u27a4 {Y}Twitter : {W}{twitter_url}') File "C:\Users\62897\AppData\Local\Programs\Python\Python312\Lib\site-packages\colorama\ansitowin32.py", line 47, in write self.__convertor.write(text) File "C:\Users\62897\AppData\Local\Programs\Python\Python312\Lib\site-packages\colorama\ansitowin32.py", line 177, in write self.write_and_convert(text) File "C:\Users\62897\AppData\Local\Programs\Python\Python312\Lib\site-packages\colorama\ansitowin32.py", line 202, in write_and_convert self.write_plain_text(text, cursor, start) File "C:\Users\62897\AppData\Local\Programs\Python\Python312\Lib\site-packages\colorama\ansitowin32.py", line 210, in write_plain_text self.wrapped.write(text[start:end]) File "C:\Users\62897\AppData\Local\Programs\Python\Python312\Lib\encodings\cp1252.py", line 19, in encode return codecs.charmap_encode(input,self.errors,encoding_table)[0] ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ UnicodeEncodeError: 'charmap' codec can't encode characters in position 1-2: character maps to <undefined>

هكر