From 255e238af39723832482dbd3c1d581527c27d01a Mon Sep 17 00:00:00 2001 From: AnonymousWP <50231698+AnonymousWP@users.noreply.github.com> Date: Thu, 12 Oct 2023 14:51:53 +0200 Subject: [PATCH 1/2] docs(readme): add note about password authentication failed --- README.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/README.md b/README.md index 679c8e138..02d09e17b 100644 --- a/README.md +++ b/README.md @@ -363,6 +363,8 @@ Installation instructions can be found at [https://reNgine.wiki/install/detailed ``` If `update.sh` does not have execution permissions, please change it, `sudo chmod +x update.sh` + + **NOTE:** if you're updating from 1.3.6 and you're getting a 'password authentication failed' error, consider uninstalling 1.3.6 first, then install 2.x.x as you'd normally do. ### Changelog From 5e8547e9beb40dddd9eee6acd8bdadbfa310e206 Mon Sep 17 00:00:00 2001 From: AnonymousWP <50231698+AnonymousWP@users.noreply.github.com> Date: Thu, 12 Oct 2023 14:52:07 +0200 Subject: [PATCH 2/2] Delete README-1.1.md Old README --- README-1.1.md | 312 -------------------------------------------------- 1 file changed, 312 deletions(-) delete mode 100644 README-1.1.md diff --git a/README-1.1.md b/README-1.1.md deleted file mode 100644 index 5a562c298..000000000 --- a/README-1.1.md +++ /dev/null @@ -1,312 +0,0 @@ -
- - - - - - - - - -- - -
- -Quickly discover the attack surface, and identify vulnerabilities using highly customizable and powerful scan engines. -Enjoy peace of mind with reNgine's continuous monitoring, deeper reconnaissance, and open-source powered Vulnerability Scanner.
- -reNgine is a web application reconnaissance suite with focus on a highly configurable streamlined recon process via Engines, recon data correlation, continuous monitoring, recon data backed by a database, and a simple yet intuitive User Interface. With features such as sub-scan, deeper co-relation, report generation, etc. reNgine aims to fix the gap in the traditional recon tools and probably a better alternative for existing commercial tools. - -reNgine makes it easy for penetration testers and security auditors to gather reconnaissance data with bare minimal configuration. -
- -![-----------------------------------------------------](https://raw.githubusercontent.com/andreasbm/readme/master/assets/lines/aqua.png) - -- ⭐reNgine Documentation - · - What's new - · - Contribute - · - Report Bug - · - Request Feature⭐ -
- -![-----------------------------------------------------](https://raw.githubusercontent.com/andreasbm/readme/master/assets/lines/aqua.png) - -## Table of Contents - -* [About reNgine](#about-rengine) -* [Features](#features) -* [Documentation](#documentation) -* [Quick Installation](#quick-installation) -* [What's new in reNgine](#changelog) -* [reNgine Bug Bounty Program](#rengine-bug-bounty-program) -* [Screenshots](#screenshots) -* [Contributing](#contributing) -* [reNgine Support](#rengine-support) -* [Related Projects](#related-projects) -* [Support and Sponsoring](#support-and-sponsoring) -* [License](#license) - -![-----------------------------------------------------](https://raw.githubusercontent.com/andreasbm/readme/master/assets/lines/aqua.png) - -### reNgine 2.0 codenamed Jasper - -I am currently working on reNgine 2.0 likely to be announced sometime between May and August 2023. This version will be codenamed for Jasper. reNgine 2.0 will be the most advanced reNgine ever, tons of work will be done in how scans are performed, things such as Pause and Resume Scan, Axiom Integration, more deeper correlation, Project Options, Multiple Tenants, etc. - -Please submit your feature requests via GitHub issues. - -![-----------------------------------------------------](https://raw.githubusercontent.com/andreasbm/readme/master/assets/lines/aqua.png) - -## About reNgine - -You can watch [reNgine 1.1 release trailer here.](https://www.youtube.com/watch?v=iy_6F7Vq8Lo) (Recommended) - - - -![-----------------------------------------------------](https://raw.githubusercontent.com/andreasbm/readme/master/assets/lines/aqua.png) - -reNgine is a web application reconnaissance suite with a focus on a highly configurable streamlined recon process. reNgine is backed by a database, with data correlation and organization, the custom query “like” language for recon data filtering, reNgine aims to address the shortcomings of traditional recon workflow. - -Developers behind reNgine understand that recon data can be huge, and manually looking up for entries to attack could be cumbersome, with features like identifying Interesting Subdomains, helping penetration testers focus on attack rather than recon. - -reNgine is also focused on continuous monitoring. Penetration testers can choose to schedule the scan at periodic intervals and get notified on notification channels like Discord, Slack, and Telegram for any new subdomains or vulnerabilities identified, or any recon data changes. - -Interoperability is something every recon tool needs, and reNgine is no different. Beginning reNgine 1.0, we additionally developed features such as import and export subdomains, endpoints, GF pattern matched endpoints, etc. This will allow you to use your favorite recon workflow in conjunction with reNgine. - -PDF reports are something every individual or team needs. Beginning reNgine 1.1, reNgine also comes with an option to download PDF reports. One can also choose the type of report, Full Scan Report or just a reconnaissance report. Also, we understand that PDF reports need to be customizable. Choose the color of the report you like, customize the executive summary, etc. You choose the way your pdf report looks! - -reNgine features Highly configurable scan engines based on YAML, that allow penetration testers to create as many recon engines as they want of their choice, configure as they wish, and use them against any targets for the scan. These engines allow penetration testers to use tools of their choice, the configuration of their choice. Out of the box, reNgine comes with several scan engines like Full Scan, Passive Scan, Screenshot gathering, OSINT Engine, etc. - -Our focus has always been on finding the right recon data with very minimal effort. After having several discussions with fellow hackers/pentesters, a screenshots gallery was a must, reNgine also comes with a screenshot gallery, and what's more exciting than having a screenshot gallery with filters, filter screenshots with HTTP status, technology, ports, and services. - -We also want our fellow hackers to stay ahead of the game, reNgine also comes with automatic vulnerability reporting (ATM only Hackerone is supported, other platforms may come soon). This allows hackers to define their vulnerability report template, and reNgine will do the rest of the job to report vulnerability as soon as it is identified. - -![-----------------------------------------------------](https://raw.githubusercontent.com/andreasbm/readme/master/assets/lines/aqua.png) - - - -## Features - -* Reconnaissance: Subdomain Discovery, IP and Open Ports Identification, Endpoints Discovery, Directory and Files fuzzing, - Screenshot gathering, Vulnerability scan using Nuclei, WHOIS Identification, WAF Detection etc. -* Highly configurable YAML-based Scan Engines -* Support for Parallel Scans and Subscans -* Automatically report Vulnerabilities to HackerOne -* Recon Data visualization -* OSINT Capabilities (Meta info Gathering, Employees Gathering, Email Address with an option to look password in the leaked database, - dorks, etc.) -* Customizable Alerts/Notifications on Slack, Discord, and Telegram -* Perform Advanced Query lookup using natural language alike and, or, not operations -* Recon Notes and Todos -* Clocked Scans (Run reconnaissance exactly at X Hours and Y minutes) and Periodic Scans (Runs reconnaissance every X minutes/- hours/days/week) -* Proxy Support -* Screenshot Gallery with Filters -* Powerful recon data filtering with autosuggestions -* Recon Data changes, find new/removed subdomains/endpoints -* Tag targets into the Organization -* Identify Interesting Subdomains -* Custom GF patterns and custom Nuclei Templates -* Edit tool-related configuration files (Nuclei, Subfinder, Naabu, amass) -* Add external tools from Github/Go -* Interoperable with other tools, Import/Export Subdomains/Endpoints -* Import Targets via IP and/or CIDRs -* Report Generation -* Toolbox: Comes bundled with most commonly used tools such as whois lookup, CMS detector, CVE lookup, etc. -* Identification of related domains and related TLDs for targets -* Find actionable insights such as Most Common Vulnerability, Most Common CVE ID, Most Vulnerable Target/Subdomain, etc. - -![-----------------------------------------------------](https://raw.githubusercontent.com/andreasbm/readme/master/assets/lines/aqua.png) - -## Documentation - -You can find reNgine documentation at [https://rengine.wiki](https://rengine.wiki) - -![-----------------------------------------------------](https://raw.githubusercontent.com/andreasbm/readme/master/assets/lines/aqua.png) - -## Quick Installation - -**Note:** Only Ubuntu/VPS - -1. Clone this repo - - ```bash - git clone https://github.com/yogeshojha/rengine && cd rengine - ``` - -1. Edit the dotenv file, **please make sure to change the password for postgresql `POSTGRES_PASSWORD`!** - - ```bash - nano .env - ``` - -1. Run the installation script, Please keep an eye for any prompt, you will also be asked for username and password for reNgine. - - ```bash - sudo ./install.sh - ``` - - If `./install.sh` does not have install permission, please change it, `chmod +x install.sh` - -**reNgine can now be accessed from