← All tools

AutoAR

https://github.com/h0tak88r/AutoAR

Free

Categories

Scanning & Enumeration

Description

AutoAR is an automated security reconnaissance tool, ASM and Discord bot for bug bounty hunters and penetration testers. It automates gathering subdomains, scanning ports, detecting technologies, mapping GitHub repositories, fuzzing, testing vulnerabilities, and AI analysis.

Keywords

asm attack-surface-managment automation bash bughunting cybersecurity pentesting scanning go

Example Usage

autoar domain run      -d <domain>           Full end-to-end workflow: subdomains → live hosts → ports →
                       [--skip-ffuf]         tech → DNS → S3 → nuclei → JS → URLs → GF → backup → misconfig

autoar subdomain run   -s <subdomain>        Focused deep-dive on a single subdomain:
                                             live check → ports → JS → vuln scan → nuclei

autoar lite run        -d <domain>           Lighter workflow: livehosts → reflection → JS → CNAME → DNS → misconfig
                       [--skip-js]           Skip JavaScript scanning
                       [--phase-timeout]     Set default phase timeout in seconds
                       [--timeout-<phase>]   Specific overrides (e.g. --timeout-livehosts)

autoar fastlook run    -d <domain>           Quick recon: subdomains → live hosts → URLs/JS collection

autoar asr             -d <domain>           High-depth reconnaissance (ASR Modes)
                       [-mode 1-5]           Recon mode (default: 5)
                       [-t <threads>]        Number of threads