UltyScan Documentation Overhaul

2026-04-17 20:35:59 +00:00 · 2026-01-01 16:33:22 +11:00
commit f046dee832
294 changed files with 250370 additions and 0 deletions
--- a/templates/passive/network/CVE-2018-15473_-_OpenSSH_Username_Enumeration.sh
+++ b/templates/passive/network/CVE-2018-15473_-_OpenSSH_Username_Enumeration.sh
@@ -0,0 +1,9 @@
+AUTHOR='@xer0dayz'
+VULN_NAME='CVE-2018-15473 - OpenSSH Username Enumeration'
+FILENAME="$LOOT_DIR/output/msf-$TARGET-*-ssh_enumusers.txt"
+MATCH="\[+\]"
+SEVERITY='P3 - MEDIUM'
+GREP_OPTIONS='-i'
+SEARCH='positive'
+SECONDARY_COMMANDS=''
+TYPE="network"
--- a/templates/passive/network/Default_Credentials_BruteX.sh
+++ b/templates/passive/network/Default_Credentials_BruteX.sh
@@ -0,0 +1,9 @@
+AUTHOR='@xer0dayz'
+VULN_NAME='Default Credentials - BruteX'
+FILENAME="$LOOT_DIR/credentials/brutex-$TARGET.txt $LOOT_DIR/credentials/brutex-$TARGET-*.txt"
+MATCH="password\:\ "
+SEVERITY='P1 - CRITICAL'
+GREP_OPTIONS='-i'
+SEARCH='positive'
+SECONDARY_COMMANDS=''
+TYPE="network"
--- a/templates/passive/network/Default_Credentials_NMap.sh
+++ b/templates/passive/network/Default_Credentials_NMap.sh
@@ -0,0 +1,9 @@
+AUTHOR='@xer0dayz'
+VULN_NAME='Default Credentials - NMap'
+FILENAME="$LOOT_DIR/output/nmap-$TARGET.txt $LOOT_DIR/output/nmap-$TARGET-*.txt"
+MATCH="Valid\ credentials"
+SEVERITY='P1 - CRITICAL'
+GREP_OPTIONS='-i'
+SEARCH='positive'
+SECONDARY_COMMANDS=''
+TYPE="network"
--- a/templates/passive/network/Interesting_Domain_Found.sh
+++ b/templates/passive/network/Interesting_Domain_Found.sh
@@ -0,0 +1,10 @@
+AUTHOR='@xer0dayz'
+VULN_NAME='Interesting Domain Found'
+echo "$TARGET" > /tmp/target 
+FILENAME="/tmp/target"
+MATCH="admin|dev|portal|stage|prod|tst|test"
+SEVERITY='P5 - INFO'
+GREP_OPTIONS='-i'
+SEARCH='positive'
+SECONDARY_COMMANDS=''
+TYPE='network'
--- a/templates/passive/network/Lack_of_SPF_DNS_Record.sh
+++ b/templates/passive/network/Lack_of_SPF_DNS_Record.sh
@@ -0,0 +1,9 @@
+AUTHOR='@xer0dayz'
+VULN_NAME='Lack of SPF DNS Record'
+FILENAME="$LOOT_DIR/nmap/email-$TARGET.txt"
+MATCH="\[\+\]\ Spoofing\ possible"
+SEVERITY='P4 - LOW'
+GREP_OPTIONS='-i'
+SEARCH='positive'
+SECONDARY_COMMANDS=''
+TYPE='network'
--- a/templates/passive/network/Possible_Takeover_Detected.sh
+++ b/templates/passive/network/Possible_Takeover_Detected.sh
@@ -0,0 +1,9 @@
+AUTHOR='@xer0dayz'
+VULN_NAME='Possible Takeover Detected'
+FILENAME="$LOOT_DIR/nmap/takeovers-$TARGET.txt"
+MATCH='anima|bitly|wordpress|instapage|heroku|github|bitbucket|squarespace|fastly|feed|fresh|ghost|helpscout|helpjuice|instapage|pingdom|surveygizmo|teamwork|tictail|shopify|desk|teamwork|unbounce|helpjuice|helpscout|pingdom|tictail|campaign|monitor|cargocollective|statuspage|tumblr|amazon|hubspot|cloudfront|modulus|unbounce|uservoice|wpengine|cloudapp|azure|trafficmanager|netifly|brandpa'
+SEVERITY='P5 - INFO'
+GREP_OPTIONS='-i'
+SEARCH='positive'
+SECONDARY_COMMANDS=''
+TYPE='network'
--- a/templates/passive/network/SMB_Info_Disclosure.sh
+++ b/templates/passive/network/SMB_Info_Disclosure.sh
@@ -0,0 +1,9 @@
+AUTHOR='@xer0dayz'
+VULN_NAME='SMB Info Disclosure'
+FILENAME="$LOOT_DIR/output/msf-$TARGET-port139.txt $LOOT_DIR/output/msf-$TARGET-port445.txt"
+MATCH="\[\+\]"
+SEVERITY='P4 - LOW'
+GREP_OPTIONS='-i'
+SEARCH='positive'
+SECONDARY_COMMANDS=''
+TYPE="network"
--- a/templates/passive/network/SMBv1_Enabled.sh
+++ b/templates/passive/network/SMBv1_Enabled.sh
@@ -0,0 +1,9 @@
+AUTHOR='@xer0dayz'
+VULN_NAME='SMBv1 Enabled'
+FILENAME="$LOOT_DIR/output/nmap-$TARGET-*.txt"
+MATCH="SMBv1"
+SEVERITY='P3 - MEDIUM'
+GREP_OPTIONS='-i'
+SEARCH='positive'
+SECONDARY_COMMANDS=''
+TYPE="network"
--- a/templates/passive/network/SSH_Version_Disclosure.sh
+++ b/templates/passive/network/SSH_Version_Disclosure.sh
@@ -0,0 +1,9 @@
+AUTHOR='@xer0dayz'
+VULN_NAME='SSH Version Disclosure'
+FILENAME="$LOOT_DIR/output/msf-$TARGET-*-ssh_version.txt"
+MATCH="\[\+\]"
+SEVERITY='P4 - LOW'
+GREP_OPTIONS='-i'
+SEARCH='positive'
+SECONDARY_COMMANDS=''
+TYPE="network"
--- a/templates/passive/network/Subjack_Takeover_Detected.sh
+++ b/templates/passive/network/Subjack_Takeover_Detected.sh
@@ -0,0 +1,9 @@
+AUTHOR='@xer0dayz'
+VULN_NAME='Subjack Takeover Detected'
+FILENAME="$LOOT_DIR/nmap/subjack-$TARGET.txt"
+MATCH="\[Vulnerable\]"
+SEVERITY='P2 - HIGH'
+GREP_OPTIONS='-i'
+SEARCH='positive'
+SECONDARY_COMMANDS=''
+TYPE="network"
--- a/templates/passive/network/Subover_Takeover_Detected.sh
+++ b/templates/passive/network/Subover_Takeover_Detected.sh
@@ -0,0 +1,9 @@
+AUTHOR='@xer0dayz'
+VULN_NAME='Subover Takeover Detected'
+FILENAME="$LOOT_DIR/nmap/subover-$TARGET.txt"
+MATCH="Takeover\ Possible"
+SEVERITY='P2 - HIGH'
+GREP_OPTIONS='-i'
+SEARCH='positive'
+SECONDARY_COMMANDS=''
+TYPE="network"
--- a/templates/passive/network/recursive/Component_With_Known_Vulnerabilities_-_NMap.sh
+++ b/templates/passive/network/recursive/Component_With_Known_Vulnerabilities_-_NMap.sh
@@ -0,0 +1,11 @@
+AUTHOR='@xer0dayz'
+VULN_NAME='Component With Known Vulnerabilities - NMap'
+FILENAME="$LOOT_DIR/nmap/nmap-$TARGET.txt $LOOT_DIR/output/nmap-$TARGET.txt $LOOT_DIR/output/nmap-$TARGET-*.txt"
+OUTPUT_NAME=$(echo $VULN_NAME | sed -E 's/[^[:alnum:]]+/_/g')
+MATCH="vulners.com"
+GREP_OPTIONS='-ih'
+TYPE="network"
+
+rm -f $LOOT_DIR/vulnerabilities/sc0pe-$TARGET-$OUTPUT_NAME.txt 2> /dev/null
+egrep "$GREP_OPTIONS" "$MATCH" $FILENAME 2> /dev/null | awk -v AWK_TARGET="$TARGET" '$5=AWK_TARGET{print "P3 - MEDIUM, Components with Known Vulnerabilities - NMap, " $5 ", " $2 " " $3 " " $4}' 2> /dev/null >> $LOOT_DIR/vulnerabilities/sc0pe-$TARGET-$OUTPUT_NAME.txt
+cat $LOOT_DIR/vulnerabilities/sc0pe-$TARGET-$OUTPUT_NAME.txt 2> /dev/null
--- a/templates/passive/network/recursive/Interesting_Ports_Found.sh
+++ b/templates/passive/network/recursive/Interesting_Ports_Found.sh
@@ -0,0 +1,23 @@
+AUTHOR='@xer0dayz'
+VULN_NAME='Interesting Ports Found'
+FILENAME="$LOOT_DIR/nmap/ports-$TARGET.txt"
+MATCH="21\ |22\ |23\ |137\ |139\ |445\ |8080\ |8443\ |3306\ |5900\ |53\ |8081\ |5432\ "
+SEVERITY='P5 - INFO'
+GREP_OPTIONS='-i'
+SECONDARY_COMMANDS=''
+OUTPUT_NAME=$(echo $VULN_NAME | sed -E 's/[^[:alnum:]]+/_/g')
+TYPE='network'
+
+rm -f /tmp/match.out 2> /dev/null
+cat $FILENAME 2> /dev/null | egrep $GREP_OPTIONS "$MATCH" $SECONDARY_COMMANDS 2> /dev/null | head -n 1 2> /dev/null > /tmp/match.out
+
+CHARS="$(wc -c /tmp/match.out 2> /dev/null | awk '{print $1}' 2> /dev/null)"
+if [[ $CHARS > 0 ]]; then
+	echo "$SEVERITY, $VULN_NAME, $TARGET, $(cat /tmp/match.out 2> /dev/null)" | tee "$LOOT_DIR/vulnerabilities/sc0pe-$TARGET-$OUTPUT_NAME.txt" 2> /dev/null
+	# /bin/bash "$INSTALL_DIR/bin/slack.sh" "[+] [$SEVERITY] $VULN_NAME - $TARGET - EVIDENCE: $(cat /tmp/match.out | tr '\n' ' ') (`date +"%Y-%m-%d %H:%M"`) •._.·°¯))؟•"
+	#echo "•?((¯°·._.• [+] [$SEVERITY] $VULN_NAME - $TARGET - EVIDENCE: $(cat /tmp/match.out) (`date +"%Y-%m-%d %H:%M"`) •._.·°¯))؟•" >> $LOOT_DIR/scans/notifications_new.txt
+else
+	rm -f "$LOOT_DIR/vulnerabilities/sc0pe-$TARGET-$OUTPUT_NAME.txt" 2> /dev/null
+fi
+
+rm -f /tmp/match.out 2> /dev/null
--- a/templates/passive/web/Autocomplete_Enabled.sh
+++ b/templates/passive/web/Autocomplete_Enabled.sh
@@ -0,0 +1,8 @@
+AUTHOR='@xer0dayz'
+VULN_NAME='Autocomplete Enabled'
+FILENAME="$LOOT_DIR/web/websource-htt*-$TARGET-*.txt"
+MATCH='autocomplete=\"on\"'
+SEVERITY='P4 - LOW'
+GREP_OPTIONS='-i'
+SEARCH='positive'
+SECONDARY_COMMANDS=''
--- a/templates/passive/web/CORS_Policy_-_Allow-Credentials_Enabled.sh
+++ b/templates/passive/web/CORS_Policy_-_Allow-Credentials_Enabled.sh
@@ -0,0 +1,8 @@
+AUTHOR='@xer0dayz'
+VULN_NAME='CORS Policy - Allow-Credentials Enabled'
+FILENAME="$LOOT_DIR/web/headers-htt*-$TARGET-*.txt"
+MATCH='Access-Control-Allow-Credentials: true'
+SEVERITY='P4 - LOW'
+GREP_OPTIONS='-i'
+SEARCH='positive'
+SECONDARY_COMMANDS=''
--- a/templates/passive/web/CORS_Policy_-_Allow-Origin_Wildcard.sh
+++ b/templates/passive/web/CORS_Policy_-_Allow-Origin_Wildcard.sh
@@ -0,0 +1,8 @@
+AUTHOR='@xer0dayz'
+VULN_NAME='CORS Policy - Allow-Origin Wildcard'
+FILENAME="$LOOT_DIR/web/headers-htt*-$TARGET-*.txt"
+MATCH='Access-Control-Allow-Origin: *'
+SEVERITY='P4 - LOW'
+GREP_OPTIONS='-i'
+SEARCH='positive'
+SECONDARY_COMMANDS=''
--- a/templates/passive/web/CSP_Not_Enforced.sh
+++ b/templates/passive/web/CSP_Not_Enforced.sh
@@ -0,0 +1,23 @@
+if [ -f $LOOT_DIR/web/headers-http-$TARGET.txt ]; then
+	if [ "$SSL" = "true" ]; then
+		AUTHOR='@xer0dayz'
+		VULN_NAME='CSP Not Enforced'
+		FILENAME="$LOOT_DIR/web/headers-https-$TARGET.txt"
+		MATCH="content-security-policy"
+		SEVERITY='P5 - INFO'
+		GREP_OPTIONS='-i'
+		SEARCH='negative'
+		SECONDARY_COMMANDS=''
+		URI=""
+	else
+		AUTHOR='@xer0dayz'
+		VULN_NAME='CSP Not Enforced'
+		FILENAME="$LOOT_DIR/web/headers-http-$TARGET.txt"
+		MATCH="content-security-policy"
+		SEVERITY='P5 - INFO'
+		GREP_OPTIONS='-i'
+		SEARCH='negative'
+		SECONDARY_COMMANDS=''
+		URI=""
+	fi
+fi
--- a/templates/passive/web/Clear-text_Communications_HTTP.sh
+++ b/templates/passive/web/Clear-text_Communications_HTTP.sh
@@ -0,0 +1,10 @@
+if [ "$SSL" = "false" ]; then
+	AUTHOR='@xer0dayz'
+	VULN_NAME='Clear-Text Protocol - HTTP'
+	FILENAME="$LOOT_DIR/web/headers-http-$TARGET-*.txt"
+	MATCH="200\ OK"
+	SEVERITY='P2 - HIGH'
+	GREP_OPTIONS='-i'
+	SEARCH='positive'
+	SECONDARY_COMMANDS=''
+fi
--- a/templates/passive/web/Clickjacking.sh
+++ b/templates/passive/web/Clickjacking.sh
@@ -0,0 +1,23 @@
+if [ -f $LOOT_DIR/web/headers-http-$TARGET.txt ]; then
+	if [ "$SSL" = "false" ]; then
+		AUTHOR='@xer0dayz'
+		VULN_NAME='Clickjacking HTTP'
+		FILENAME="$LOOT_DIR/web/headers-http-$TARGET.txt"
+		MATCH="x-frame-options"
+		SEVERITY='P4 - LOW'
+		GREP_OPTIONS='-i'
+		SEARCH='negative'
+		SECONDARY_COMMANDS=''
+		URI=""
+	else
+		AUTHOR='@xer0dayz'
+		VULN_NAME='Clickjacking HTTPS'
+		FILENAME="$LOOT_DIR/web/headers-https-$TARGET.txt"
+		MATCH="x-frame-options"
+		SEVERITY='P4 - LOW'
+		GREP_OPTIONS='-i'
+		SEARCH='negative'
+		SECONDARY_COMMANDS=''
+		URI=""
+	fi
+fi
--- a/templates/passive/web/Drupal_Detected.sh
+++ b/templates/passive/web/Drupal_Detected.sh
@@ -0,0 +1,8 @@
+AUTHOR='@xer0dayz'
+VULN_NAME='Drupal Detected'
+FILENAME="$LOOT_DIR/web/headers-htt*-$TARGET-*.txt"
+MATCH="X\-Generator\:\ Drupal\ "
+SEVERITY='P5 - INFO'
+GREP_OPTIONS='-i'
+SEARCH='positive'
+SECONDARY_COMMANDS=''
--- a/templates/passive/web/Expired_SSL_Certificate.sh
+++ b/templates/passive/web/Expired_SSL_Certificate.sh
@@ -0,0 +1,8 @@
+AUTHOR='@xer0dayz'
+VULN_NAME='Expired SSL Certificate'
+FILENAME="$LOOT_DIR/web/curldebug-$TARGET-*.txt"
+MATCH='certificate has expired'
+SEVERITY='P3 - MEDIUM'
+GREP_OPTIONS=''
+SEARCH='positive'
+SECONDARY_COMMANDS=''
--- a/templates/passive/web/Fortinet_FortiGate_SSL_VPN_Panel_Passive_Detection.sh
+++ b/templates/passive/web/Fortinet_FortiGate_SSL_VPN_Panel_Passive_Detection.sh
@@ -0,0 +1,8 @@
+AUTHOR='@xer0dayz'
+VULN_NAME='Fortinet FortiGate SSL VPN Panel Passive Detection'
+FILENAME="$LOOT_DIR/web/headers-htt*-$TARGET-*.txt"
+MATCH="Server\:\ xxxxxxxx-xxxxx"
+SEVERITY='P5 - INFO'
+GREP_OPTIONS='-i'
+SEARCH='positive'
+SECONDARY_COMMANDS=''
--- a/templates/passive/web/Insecure_Cookie_-_HTTPOnly_Not_Set.sh
+++ b/templates/passive/web/Insecure_Cookie_-_HTTPOnly_Not_Set.sh
@@ -0,0 +1,8 @@
+AUTHOR='@xer0dayz'
+VULN_NAME='Insecure Cookie - HTTPOnly Not Set'
+FILENAME="$LOOT_DIR/web/headers-htt*-$TARGET-*.txt"
+MATCH='Set-Cookie'
+SEVERITY='P3 - MEDIUM'
+GREP_OPTIONS='-i'
+SEARCH='positive'
+SECONDARY_COMMANDS=' | egrep -iv httponly'
--- a/templates/passive/web/Insecure_Cookie_-_Secure_Not_Set.sh
+++ b/templates/passive/web/Insecure_Cookie_-_Secure_Not_Set.sh
@@ -0,0 +1,8 @@
+AUTHOR='@xer0dayz'
+VULN_NAME='Insecure Cookie - Secure Not Set'
+FILENAME="$LOOT_DIR/web/headers-htt*-$TARGET-*.txt"
+MATCH='Set-Cookie'
+SEVERITY='P3 - MEDIUM'
+GREP_OPTIONS='-i'
+SEARCH='positive'
+SECONDARY_COMMANDS=' | egrep -iv secure'
--- a/templates/passive/web/Insecure_SSL_TLS_Connection.sh
+++ b/templates/passive/web/Insecure_SSL_TLS_Connection.sh
@@ -0,0 +1,8 @@
+AUTHOR='@xer0dayz'
+VULN_NAME='Weak SSL TLS Protocols'
+FILENAME="$LOOT_DIR/web/sslscan-$TARGET.txt $LOOT_DIR/web/sslscan-$TARGET-*.txt"
+MATCH="SSLv*   enabled"
+SEVERITY='P2 - HIGH'
+GREP_OPTIONS='-i'
+SEARCH='positive'
+SECONDARY_COMMANDS=''
--- a/templates/passive/web/Insecure_SSL_TLS_Connection_CN_Mismatch.sh
+++ b/templates/passive/web/Insecure_SSL_TLS_Connection_CN_Mismatch.sh
@@ -0,0 +1,9 @@
+AUTHOR='@xer0dayz'
+VULN_NAME='Insecure SSL TLS Connection CN Mismatch'
+FILENAME="$LOOT_DIR/web/curldebug-$TARGET.txt"
+MATCH='failed to verify the legitimacy of the server'
+SEVERITY='P3 - MEDIUM'
+GREP_OPTIONS='-i'
+SEARCH='positive'
+SECONDARY_COMMANDS=''
+URI="/"
--- a/templates/passive/web/Interesting_Title_Found.sh
+++ b/templates/passive/web/Interesting_Title_Found.sh
@@ -0,0 +1,8 @@
+AUTHOR='@xer0dayz'
+VULN_NAME='Interesting Title Found'
+FILENAME="$LOOT_DIR/web/title-htt*-$TARGET-*.txt"
+MATCH='admin|dev|portal|login|sign|signup|registration|account'
+SEVERITY='P5 - INFO'
+GREP_OPTIONS='-i'
+SEARCH='positive'
+SECONDARY_COMMANDS=''
--- a/templates/passive/web/Server_Header_Disclosure.sh
+++ b/templates/passive/web/Server_Header_Disclosure.sh
@@ -0,0 +1,19 @@
+if [ "$SSL" = "false" ]; then
+	AUTHOR='@xer0dayz'
+	VULN_NAME='Server Header Disclosure - HTTP'
+	FILENAME="$LOOT_DIR/web/headers-http-$TARGET-*.txt"
+	MATCH="Server\:"
+	SEVERITY='P5 - INFO'
+	GREP_OPTIONS='-i'
+	SEARCH='positive'
+	SECONDARY_COMMANDS=''
+else
+	AUTHOR='@xer0dayz'
+	VULN_NAME='Server Header Disclosure - HTTPS'
+	FILENAME="$LOOT_DIR/web/headers-https-$TARGET-*.txt"
+	MATCH="Server\:"
+	SEVERITY='P5 - INFO'
+	GREP_OPTIONS='-i'
+	SEARCH='positive'
+	SECONDARY_COMMANDS=''
+fi
--- a/templates/passive/web/Strict_Tranposrt_Security_Not_Enforced.sh
+++ b/templates/passive/web/Strict_Tranposrt_Security_Not_Enforced.sh
@@ -0,0 +1,12 @@
+if [ "$SSL" = "true" ]; then
+	AUTHOR='@xer0dayz'
+	VULN_NAME='Strict Tranposrt Security Not Enforced'
+	FILENAME="$LOOT_DIR/web/headers-https-$TARGET.txt"
+	MATCH="strict-transport-security"
+	SEVERITY='P4 - LOW'
+	GREP_OPTIONS='-i'
+	SEARCH='negative'
+	SECONDARY_COMMANDS=''
+else
+	break
+fi
--- a/templates/passive/web/Trace_Method_Enabled.sh
+++ b/templates/passive/web/Trace_Method_Enabled.sh
@@ -0,0 +1,8 @@
+AUTHOR='@xer0dayz'
+VULN_NAME='TRACE Method Enabled'
+FILENAME="$LOOT_DIR/web/http_options-$TARGET-*.txt"
+MATCH='TRACE'
+SEVERITY='P4 - LOW'
+GREP_OPTIONS='-i'
+SEARCH='positive'
+SECONDARY_COMMANDS=''
--- a/templates/passive/web/X-Powered-By_Header_Found.sh
+++ b/templates/passive/web/X-Powered-By_Header_Found.sh
@@ -0,0 +1,8 @@
+AUTHOR='@xer0dayz'
+VULN_NAME='X-Powered-By Header Found'
+FILENAME="$LOOT_DIR/web/headers-htt*-$TARGET-*.txt"
+MATCH='X-Powered-By'
+SEVERITY='P5 - INFO'
+GREP_OPTIONS='-i'
+SEARCH='positive'
+SECONDARY_COMMANDS=''
--- a/templates/passive/web/recursive/Arachni_Vulnerability_Scan.disabled
+++ b/templates/passive/web/recursive/Arachni_Vulnerability_Scan.disabled
@@ -0,0 +1,39 @@
+AUTHOR='@xer0dayz'
+VULN_NAME='Arachni Vulnerability Scan'
+FILENAME="${LOOT_DIR}/web/arachni_webscan_${TARGET}_*.txt"
+OUTPUT_NAME=$(echo $VULN_NAME | sed -E 's/[^[:alnum:]]+/_/g')
+
+rm -f $LOOT_DIR/vulnerabilities/sc0pe-$TARGET-$OUTPUT_NAME.txt 2> /dev/null
+rm -f /tmp/report.txt 2> /dev/null
+touch /tmp/report.txt 2> /dev/null
+x=0
+cat $FILENAME 2> /dev/null | egrep 'Proof\:|URL\:|Severity\:|\[\+\]\ \[' | sed 's/\n//g' | sed -r 's/</\&lh\;/g' | awk '{print $3 " " $4 " " $5 " " $6 " " $7 " " $8 " " $9 " " $10 " " $11 " " $12 " " $13 " " $14 " " $15}' 2> /dev/null | tr -d '"' > /tmp/out 2> /dev/null
+
+# DELETE FIRST LINE
+sed -i '1d' /tmp/out 2> /dev/null
+
+cat /tmp/out 2> /dev/null | while read line; do
+  x=$(( x+1 ))
+  if [ $x -eq "1" ]; then
+    echo "$line," | tr -d '\n' >> /tmp/report.txt 2> /dev/null
+  elif [ $x -eq "2" ]; then
+    if [[ $line =~ .*Critical.* ]]; then
+      echo "P1 - CRITICAL," | tr -d '\n' >> /tmp/report.txt 2> /dev/null
+    elif [[ $line =~ .*High.* ]]; then
+      echo "P2 - HIGH," | tr -d '\n' >> /tmp/report.txt 2> /dev/null
+    elif [[ $line =~ .*Medium.* ]]; then
+      echo "P3 - MEDIUM," | tr -d '\n' >> /tmp/report.txt 2> /dev/null
+    elif [[ $line =~ .*Low.* ]]; then
+      echo "P4 - LOW," | tr -d '\n' >> /tmp/report.txt 2> /dev/null
+    elif [[ $line =~ .*Informational.* ]]; then
+      echo "P5 - INFO," | tr -d '\n' >> /tmp/report.txt 2> /dev/null
+    fi
+  elif [ $x -eq "3" ]; then
+    echo "$line," | tr -d '\n' >> /tmp/report.txt 2> /dev/null
+  elif [ $x -eq "4" ]; then
+    echo "$line" >> /tmp/report.txt 2> /dev/null
+    x=0
+  fi
+done
+cat /tmp/report.txt 2> /dev/null | awk -F',' '{print $2 ", " $1 ", " $3 ", " $4 " " $5 " " $6 " " $7 " " $8 " " $9 " " $10}' 2> /dev/null >> $LOOT_DIR/vulnerabilities/sc0pe-$TARGET-$OUTPUT_NAME.txt
+cat $LOOT_DIR/vulnerabilities/sc0pe-$TARGET-$OUTPUT_NAME.txt 2> /dev/null
--- a/templates/passive/web/recursive/Arachni_Vulnerability_Scan_-_HTTP.sh
+++ b/templates/passive/web/recursive/Arachni_Vulnerability_Scan_-_HTTP.sh
@@ -0,0 +1,39 @@
+AUTHOR='@xer0dayz'
+VULN_NAME='Arachni Vulnerability Scan - HTTP'
+FILENAME="$LOOT_DIR/web/arachni-$TARGET-webscan-http.txt"
+OUTPUT_NAME=$(echo $VULN_NAME | sed -E 's/[^[:alnum:]]+/_/g')
+
+rm -f $LOOT_DIR/vulnerabilities/sc0pe-$TARGET-$OUTPUT_NAME.txt 2> /dev/null
+rm -f /tmp/report.txt 2> /dev/null
+touch /tmp/report.txt 2> /dev/null
+x=0
+cat $FILENAME 2> /dev/null | egrep 'Proof\:|URL\:|Severity\:|\[\+\]\ \[' | sed 's/\n//g' | sed -r 's/</\&lh\;/g' | awk '{print $3 " " $4 " " $5 " " $6 " " $7 " " $8 " " $9 " " $10 " " $11 " " $12 " " $13 " " $14 " " $15}' 2> /dev/null | tr -d '"' > /tmp/out 2> /dev/null
+
+# DELETE FIRST LINE
+sed -i '1d' /tmp/out 2> /dev/null
+
+cat /tmp/out 2> /dev/null | while read line; do
+  x=$(( x+1 ))
+  if [ $x -eq "1" ]; then
+    echo "$line," | tr -d '\n' >> /tmp/report.txt 2> /dev/null
+  elif [ $x -eq "2" ]; then
+    if [[ $line =~ .*Critical.* ]]; then
+      echo "P1 - CRITICAL," | tr -d '\n' >> /tmp/report.txt 2> /dev/null
+    elif [[ $line =~ .*High.* ]]; then
+      echo "P2 - HIGH," | tr -d '\n' >> /tmp/report.txt 2> /dev/null
+    elif [[ $line =~ .*Medium.* ]]; then
+      echo "P3 - MEDIUM," | tr -d '\n' >> /tmp/report.txt 2> /dev/null
+    elif [[ $line =~ .*Low.* ]]; then
+      echo "P4 - LOW," | tr -d '\n' >> /tmp/report.txt 2> /dev/null
+    elif [[ $line =~ .*Informational.* ]]; then
+      echo "P5 - INFO," | tr -d '\n' >> /tmp/report.txt 2> /dev/null
+    fi
+  elif [ $x -eq "3" ]; then
+    echo "$line," | tr -d '\n' >> /tmp/report.txt 2> /dev/null
+  elif [ $x -eq "4" ]; then
+    echo "$line" >> /tmp/report.txt 2> /dev/null
+    x=0
+  fi
+done
+cat /tmp/report.txt 2> /dev/null | awk -F',' '{print $2 ", " $1 ", " $3 ", " $4 " " $5 " " $6 " " $7 " " $8 " " $9 " " $10}' 2> /dev/null >> $LOOT_DIR/vulnerabilities/sc0pe-$TARGET-$OUTPUT_NAME.txt
+cat $LOOT_DIR/vulnerabilities/sc0pe-$TARGET-$OUTPUT_NAME.txt 2> /dev/null
--- a/templates/passive/web/recursive/Arachni_Vulnerability_Scan_-_HTTPS.sh
+++ b/templates/passive/web/recursive/Arachni_Vulnerability_Scan_-_HTTPS.sh
@@ -0,0 +1,39 @@
+AUTHOR='@xer0dayz'
+VULN_NAME='Arachni Vulnerability Scan - HTTPS'
+FILENAME="$LOOT_DIR/web/arachni-$TARGET-webscan-https.txt"
+OUTPUT_NAME=$(echo $VULN_NAME | sed -E 's/[^[:alnum:]]+/_/g')
+
+rm -f $LOOT_DIR/vulnerabilities/sc0pe-$TARGET-$OUTPUT_NAME.txt 2> /dev/null
+rm -f /tmp/report.txt 2> /dev/null
+touch /tmp/report.txt 2> /dev/null
+x=0
+cat $FILENAME 2> /dev/null | egrep 'Proof\:|URL\:|Severity\:|\[\+\]\ \[' | sed 's/\n//g' | sed -r 's/</\&lh\;/g' | awk '{print $3 " " $4 " " $5 " " $6 " " $7 " " $8 " " $9 " " $10 " " $11 " " $12 " " $13 " " $14 " " $15}' 2> /dev/null | tr -d '"' > /tmp/out 2> /dev/null
+
+# DELETE FIRST LINE
+sed -i '1d' /tmp/out 2> /dev/null
+
+cat /tmp/out 2> /dev/null | while read line; do
+  x=$(( x+1 ))
+  if [ $x -eq "1" ]; then
+    echo "$line," | tr -d '\n' >> /tmp/report.txt 2> /dev/null
+  elif [ $x -eq "2" ]; then
+    if [[ $line =~ .*Critical.* ]]; then
+      echo "P1 - CRITICAL," | tr -d '\n' >> /tmp/report.txt 2> /dev/null
+    elif [[ $line =~ .*High.* ]]; then
+      echo "P2 - HIGH," | tr -d '\n' >> /tmp/report.txt 2> /dev/null
+    elif [[ $line =~ .*Medium.* ]]; then
+      echo "P3 - MEDIUM," | tr -d '\n' >> /tmp/report.txt 2> /dev/null
+    elif [[ $line =~ .*Low.* ]]; then
+      echo "P4 - LOW," | tr -d '\n' >> /tmp/report.txt 2> /dev/null
+    elif [[ $line =~ .*Informational.* ]]; then
+      echo "P5 - INFO," | tr -d '\n' >> /tmp/report.txt 2> /dev/null
+    fi
+  elif [ $x -eq "3" ]; then
+    echo "$line," | tr -d '\n' >> /tmp/report.txt 2> /dev/null  
+  elif [ $x -eq "4" ]; then
+    echo "$line" >> /tmp/report.txt 2> /dev/null
+    x=0
+  fi
+done
+cat /tmp/report.txt 2> /dev/null | awk -F',' '{print $2 ", " $1 ", " $3 ", " $4 " " $5 " " $6 " " $7 " " $8 " " $9 " " $10}' 2> /dev/null >> $LOOT_DIR/vulnerabilities/sc0pe-$TARGET-$OUTPUT_NAME.txt
+cat $LOOT_DIR/vulnerabilities/sc0pe-$TARGET-$OUTPUT_NAME.txt 2> /dev/null
--- a/templates/passive/web/recursive/Nikto_Vulnerability_Scan-HTTP.sh
+++ b/templates/passive/web/recursive/Nikto_Vulnerability_Scan-HTTP.sh
@@ -0,0 +1,10 @@
+AUTHOR='@xer0dayz'
+VULN_NAME='Nikto Vulnerability Scan - HTTP'
+FILENAME="$LOOT_DIR/web/nikto-$TARGET-http-port80.txt"
+OUTPUT_NAME=$(echo $VULN_NAME | sed -E 's/[^[:alnum:]]+/_/g')
+MATCH="\+"
+GREP_OPTIONS='-ih'
+
+rm -f $LOOT_DIR/vulnerabilities/sc0pe-$TARGET-$OUTPUT_NAME.txt 2> /dev/null
+egrep "$GREP_OPTIONS" "$MATCH" $FILENAME 2> /dev/null | grep -v "Target\ " | awk -v AWK_TARGET="$TARGET" '$50=AWK_TARGET{print "P4 - LOW, Nikto Vulnerability Scan - HTTP, http://" $50 ", " $2 " " $3 " " $4 " " $5 " " $6 " " $7 " " $8" " $9 " " $10 " " $11 " " $12" " $13 " " $14 " " $15 " " $16 " " $17 " " $18 " " $19 " " $20 " " $21 " " $22 " " $23 " " $24 " " $25}' 2> /dev/null >> $LOOT_DIR/vulnerabilities/sc0pe-$TARGET-$OUTPUT_NAME.txt 2> /dev/null
+cat $LOOT_DIR/vulnerabilities/sc0pe-$TARGET-$OUTPUT_NAME.txt 2> /dev/null
--- a/templates/passive/web/recursive/Nikto_Vulnerability_Scan-HTTPS.sh
+++ b/templates/passive/web/recursive/Nikto_Vulnerability_Scan-HTTPS.sh
@@ -0,0 +1,10 @@
+AUTHOR='@xer0dayz'
+VULN_NAME='Nikto Vulnerability Scan - HTTPS'
+FILENAME="$LOOT_DIR/web/nikto-$TARGET-https-port443.txt"
+OUTPUT_NAME=$(echo $VULN_NAME | sed -E 's/[^[:alnum:]]+/_/g')
+MATCH="\+"
+GREP_OPTIONS='-ih'
+
+rm -f $LOOT_DIR/vulnerabilities/sc0pe-$TARGET-$OUTPUT_NAME.txt 2> /dev/null
+egrep "$GREP_OPTIONS" "$MATCH" $FILENAME 2> /dev/null | grep -v "Target\ " | awk -v AWK_TARGET="$TARGET" '$50=AWK_TARGET{print "P4 - LOW, Nikto Vulnerability Scan - HTTP, http://" $50 ", " $2 " " $3 " " $4 " " $5 " " $6 " " $7 " " $8" " $9 " " $10 " " $11 " " $12" " $13 " " $14 " " $15 " " $16 " " $17 " " $18 " " $19 " " $20 " " $21 " " $22 " " $23 " " $24 " " $25}' 2> /dev/null >> $LOOT_DIR/vulnerabilities/sc0pe-$TARGET-$OUTPUT_NAME.txt 2> /dev/null
+cat $LOOT_DIR/vulnerabilities/sc0pe-$TARGET-$OUTPUT_NAME.txt 2> /dev/null
--- a/templates/passive/web/recursive/Nuclei_Vulnerability_Scan_-_HTTP.sh
+++ b/templates/passive/web/recursive/Nuclei_Vulnerability_Scan_-_HTTP.sh
@@ -0,0 +1,19 @@
+AUTHOR='@xer0dayz'
+VULN_NAME='Nuclei Vulnerability Scan - HTTP'
+FILENAME="$LOOT_DIR/web/nuclei-http-$TARGET-port*.txt"
+OUTPUT_NAME=$(echo $VULN_NAME | sed -E 's/[^[:alnum:]]+/_/g')
+GREP_OPTIONS='-ih'
+
+rm -f $LOOT_DIR/vulnerabilities/sc0pe-$TARGET-$OUTPUT_NAME.txt 2> /dev/null
+MATCH="\[critical\]"
+egrep "$GREP_OPTIONS" "$MATCH" $FILENAME 2> /dev/null | awk -v AWK_TARGET="$TARGET" '$50=AWK_TARGET{print "P1 - CRITICAL, Nuclei Vulnerability Scan, " $1 ", " $4 " " $5 " " $6 " " $7 " " $8 " " $9 " " $10 " " $11 " "  $12 " " $13 " " $14 " " $15 " " $16 " " $17 " " $18 " " $19 " " $20 " " $21 " " $22 " " $23 " " $24 " " $25}' 2> /dev/null >> $LOOT_DIR/vulnerabilities/sc0pe-$TARGET-$OUTPUT_NAME.txt 2> /dev/null
+MATCH="\[high\]"
+egrep "$GREP_OPTIONS" "$MATCH" $FILENAME 2> /dev/null | awk -v AWK_TARGET="$TARGET" '$50=AWK_TARGET{print "P2 - HIGH, Nuclei Vulnerability Scan, " $1 ", " $4 " " $5 " " $6 " " $7 " " $8 " " $9 " " $10 " " $11 " "  $12 " " $13 " " $14 " " $15 " " $16 " " $17 " " $18 " " $19 " " $20 " " $21 " " $22 " " $23 " " $24 " " $25}' 2> /dev/null >> $LOOT_DIR/vulnerabilities/sc0pe-$TARGET-$OUTPUT_NAME.txt 2> /dev/null
+MATCH="\[medium\]"
+egrep "$GREP_OPTIONS" "$MATCH" $FILENAME 2> /dev/null | awk -v AWK_TARGET="$TARGET" '$50=AWK_TARGET{print "P3 - MEDIUM, Nuclei Vulnerability Scan, " $1 ", " $4 " " $5 " " $6 " " $7 " " $8 " " $9 " " $10 " " $11 " "  $12 " " $13 " " $14 " " $15 " " $16 " " $17 " " $18 " " $19 " " $20 " " $21 " " $22 " " $23 " " $24 " " $25}' 2> /dev/null >> $LOOT_DIR/vulnerabilities/sc0pe-$TARGET-$OUTPUT_NAME.txt 2> /dev/null
+MATCH="\[low\]"
+egrep "$GREP_OPTIONS" "$MATCH" $FILENAME 2> /dev/null | awk -v AWK_TARGET="$TARGET" '$50=AWK_TARGET{print "P4 - LOW, Nuclei Vulnerability Scan, " $1 ", " $4 " " $5 " " $6 " " $7 " " $8 " " $9 " " $10 " " $11 " "  $12 " " $13 " " $14 " " $15 " " $16 " " $17 " " $18 " " $19 " " $20 " " $21 " " $22 " " $23 " " $24 " " $25}' 2> /dev/null >> $LOOT_DIR/vulnerabilities/sc0pe-$TARGET-$OUTPUT_NAME.txt 2> /dev/null
+MATCH="\[info\]"
+egrep "$GREP_OPTIONS" "$MATCH" $FILENAME 2> /dev/null | awk -v AWK_TARGET="$TARGET" '$50=AWK_TARGET{print "P5 - INFO, Nuclei Vulnerability Scan, " $1 ", " $4 " " $5 " " $6 " " $7 " " $8 " " $9 " " $10 " " $11 " "  $12 " " $13 " " $14 " " $15 " " $16 " " $17 " " $18 " " $19 " " $20 " " $21 " " $22 " " $23 " " $24 " " $25}' 2> /dev/null >> $LOOT_DIR/vulnerabilities/sc0pe-$TARGET-$OUTPUT_NAME.txt 2> /dev/null
+
+cat $LOOT_DIR/vulnerabilities/sc0pe-$TARGET-$OUTPUT_NAME.txt 2> /dev/null
--- a/templates/passive/web/recursive/Nuclei_Vulnerability_Scan_-_HTTPS.sh
+++ b/templates/passive/web/recursive/Nuclei_Vulnerability_Scan_-_HTTPS.sh
@@ -0,0 +1,19 @@
+AUTHOR='@xer0dayz'
+VULN_NAME='Nuclei Vulnerability Scan - HTTPS'
+FILENAME="$LOOT_DIR/web/nuclei-https-$TARGET-port*.txt"
+OUTPUT_NAME=$(echo $VULN_NAME | sed -E 's/[^[:alnum:]]+/_/g')
+GREP_OPTIONS='-ih'
+
+rm -f $LOOT_DIR/vulnerabilities/sc0pe-$TARGET-$OUTPUT_NAME.txt 2> /dev/null
+MATCH="\[critical\]"
+egrep "$GREP_OPTIONS" "$MATCH" $FILENAME 2> /dev/null | awk -v AWK_TARGET="$TARGET" '$50=AWK_TARGET{print "P1 - CRITICAL, Nuclei Vulnerability Scan, " $1 ", " $4 " " $5 " " $6 " " $7 " " $8 " " $9 " " $10 " " $11 " "  $12 " " $13 " " $14 " " $15 " " $16 " " $17 " " $18 " " $19 " " $20 " " $21 " " $22 " " $23 " " $24 " " $25}' 2> /dev/null >> $LOOT_DIR/vulnerabilities/sc0pe-$TARGET-$OUTPUT_NAME.txt 2> /dev/null
+MATCH="\[high\]"
+egrep "$GREP_OPTIONS" "$MATCH" $FILENAME 2> /dev/null | awk -v AWK_TARGET="$TARGET" '$50=AWK_TARGET{print "P2 - HIGH, Nuclei Vulnerability Scan, " $1 ", " $4 " " $5 " " $6 " " $7 " " $8 " " $9 " " $10 " " $11 " "  $12 " " $13 " " $14 " " $15 " " $16 " " $17 " " $18 " " $19 " " $20 " " $21 " " $22 " " $23 " " $24 " " $25}' 2> /dev/null >> $LOOT_DIR/vulnerabilities/sc0pe-$TARGET-$OUTPUT_NAME.txt 2> /dev/null
+MATCH="\[medium\]"
+egrep "$GREP_OPTIONS" "$MATCH" $FILENAME 2> /dev/null | awk -v AWK_TARGET="$TARGET" '$50=AWK_TARGET{print "P3 - MEDIUM, Nuclei Vulnerability Scan, " $1 ", " $4 " " $5 " " $6 " " $7 " " $8 " " $9 " " $10 " " $11 " "  $12 " " $13 " " $14 " " $15 " " $16 " " $17 " " $18 " " $19 " " $20 " " $21 " " $22 " " $23 " " $24 " " $25}' 2> /dev/null >> $LOOT_DIR/vulnerabilities/sc0pe-$TARGET-$OUTPUT_NAME.txt 2> /dev/null
+MATCH="\[low\]"
+egrep "$GREP_OPTIONS" "$MATCH" $FILENAME 2> /dev/null | awk -v AWK_TARGET="$TARGET" '$50=AWK_TARGET{print "P4 - LOW, Nuclei Vulnerability Scan, " $1 ", " $4 " " $5 " " $6 " " $7 " " $8 " " $9 " " $10 " " $11 " "  $12 " " $13 " " $14 " " $15 " " $16 " " $17 " " $18 " " $19 " " $20 " " $21 " " $22 " " $23 " " $24 " " $25}' 2> /dev/null >> $LOOT_DIR/vulnerabilities/sc0pe-$TARGET-$OUTPUT_NAME.txt 2> /dev/null
+MATCH="\[info\]"
+egrep "$GREP_OPTIONS" "$MATCH" $FILENAME 2> /dev/null | awk -v AWK_TARGET="$TARGET" '$50=AWK_TARGET{print "P5 - INFO, Nuclei Vulnerability Scan, " $1 ", " $4 " " $5 " " $6 " " $7 " " $8 " " $9 " " $10 " " $11 " "  $12 " " $13 " " $14 " " $15 " " $16 " " $17 " " $18 " " $19 " " $20 " " $21 " " $22 " " $23 " " $24 " " $25}' 2> /dev/null >> $LOOT_DIR/vulnerabilities/sc0pe-$TARGET-$OUTPUT_NAME.txt 2> /dev/null
+
+cat $LOOT_DIR/vulnerabilities/sc0pe-$TARGET-$OUTPUT_NAME.txt 2> /dev/null
--- a/templates/passive/web/recursive/OWASP_Zap_Scan_-_HTTP.sh
+++ b/templates/passive/web/recursive/OWASP_Zap_Scan_-_HTTP.sh
@@ -0,0 +1,73 @@
+AUTHOR='@xer0dayz'
+VULN_NAME='OWASP Zap Scan - HTTP'
+FILENAME="$LOOT_DIR/web/zap-report-${TARGET}-http.html"
+OUTPUT_NAME=$(echo $VULN_NAME | sed -E 's/[^[:alnum:]]+/_/g')
+
+rm -f $LOOT_DIR/vulnerabilities/sc0pe-$TARGET-$OUTPUT_NAME.txt 2> /dev/null
+cat $FILENAME 2> /dev/null | egrep '<name>' -A20 | egrep '<name>|<riskdesc>|<uri>|<desc>' > /tmp/raw_out.txt 2> /dev/null
+grep '<name>' /tmp/raw_out.txt 2> /dev/null| cut -d'<' -f2 | cut -d'>' -f2 > /tmp/vulns.txt 2> /dev/null
+grep '<riskdesc>' /tmp/raw_out.txt 2> /dev/null| cut -d'<' -f2 | cut -d'>' -f2 > /tmp/risk.txt 2> /dev/null
+grep '<desc>' /tmp/raw_out.txt 2> /dev/null| cut -d\; -f3 > /tmp/desc.txt 2> /dev/null
+
+awk 'FNR==1' /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null | sed -n -e 'H;${x;s/\n/,/g;s/^,//;p;}' > /tmp/report.csv  2> /dev/null
+awk 'FNR==2' /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null | sed -n -e 'H;${x;s/\n/,/g;s/^,//;p;}' >> /tmp/report.csv  2> /dev/null
+awk 'FNR==3' /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null | sed -n -e 'H;${x;s/\n/,/g;s/^,//;p;}' >> /tmp/report.csv  2> /dev/null
+awk 'FNR==4' /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null | sed -n -e 'H;${x;s/\n/,/g;s/^,//;p;}' >> /tmp/report.csv  2> /dev/null
+awk 'FNR==5' /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null | sed -n -e 'H;${x;s/\n/,/g;s/^,//;p;}' >> /tmp/report.csv  2> /dev/null
+awk 'FNR==6' /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null | sed -n -e 'H;${x;s/\n/,/g;s/^,//;p;}' >> /tmp/report.csv  2> /dev/null
+awk 'FNR==7' /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null | sed -n -e 'H;${x;s/\n/,/g;s/^,//;p;}' >> /tmp/report.csv  2> /dev/null
+awk 'FNR==8' /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null | sed -n -e 'H;${x;s/\n/,/g;s/^,//;p;}' >> /tmp/report.csv  2> /dev/null
+awk 'FNR==9' /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null | sed -n -e 'H;${x;s/\n/,/g;s/^,//;p;}' >> /tmp/report.csv  2> /dev/null
+awk 'FNR==10' /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null | sed -n -e 'H;${x;s/\n/,/g;s/^,//;p;}' >> /tmp/report.csv  2> /dev/null
+awk 'FNR==11' /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null | sed -n -e 'H;${x;s/\n/,/g;s/^,//;p;}' >> /tmp/report.csv  2> /dev/null
+awk 'FNR==12' /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null | sed -n -e 'H;${x;s/\n/,/g;s/^,//;p;}' >> /tmp/report.csv  2> /dev/null
+awk 'FNR==13' /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null | sed -n -e 'H;${x;s/\n/,/g;s/^,//;p;}' >> /tmp/report.csv  2> /dev/null
+awk 'FNR==14' /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null | sed -n -e 'H;${x;s/\n/,/g;s/^,//;p;}' >> /tmp/report.csv  2> /dev/null
+awk 'FNR==15' /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null | sed -n -e 'H;${x;s/\n/,/g;s/^,//;p;}' >> /tmp/report.csv  2> /dev/null
+awk 'FNR==16' /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null | sed -n -e 'H;${x;s/\n/,/g;s/^,//;p;}' >> /tmp/report.csv  2> /dev/null
+awk 'FNR==17' /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null | sed -n -e 'H;${x;s/\n/,/g;s/^,//;p;}' >> /tmp/report.csv  2> /dev/null
+awk 'FNR==18' /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null | sed -n -e 'H;${x;s/\n/,/g;s/^,//;p;}' >> /tmp/report.csv  2> /dev/null
+awk 'FNR==19' /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null | sed -n -e 'H;${x;s/\n/,/g;s/^,//;p;}' >> /tmp/report.csv  2> /dev/null
+awk 'FNR==20' /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null | sed -n -e 'H;${x;s/\n/,/g;s/^,//;p;}' >> /tmp/report.csv  2> /dev/null
+awk 'FNR==21' /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null | sed -n -e 'H;${x;s/\n/,/g;s/^,//;p;}' >> /tmp/report.csv  2> /dev/null
+awk 'FNR==22' /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null | sed -n -e 'H;${x;s/\n/,/g;s/^,//;p;}' >> /tmp/report.csv  2> /dev/null
+awk 'FNR==23' /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null | sed -n -e 'H;${x;s/\n/,/g;s/^,//;p;}' >> /tmp/report.csv  2> /dev/null
+awk 'FNR==24' /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null | sed -n -e 'H;${x;s/\n/,/g;s/^,//;p;}' >> /tmp/report.csv  2> /dev/null
+awk 'FNR==25' /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null | sed -n -e 'H;${x;s/\n/,/g;s/^,//;p;}' >> /tmp/report.csv  2> /dev/null
+awk 'FNR==26' /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null | sed -n -e 'H;${x;s/\n/,/g;s/^,//;p;}' >> /tmp/report.csv  2> /dev/null
+awk 'FNR==27' /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null | sed -n -e 'H;${x;s/\n/,/g;s/^,//;p;}' >> /tmp/report.csv  2> /dev/null
+awk 'FNR==28' /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null | sed -n -e 'H;${x;s/\n/,/g;s/^,//;p;}' >> /tmp/report.csv  2> /dev/null
+awk 'FNR==29' /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null | sed -n -e 'H;${x;s/\n/,/g;s/^,//;p;}' >> /tmp/report.csv  2> /dev/null
+awk 'FNR==30' /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null | sed -n -e 'H;${x;s/\n/,/g;s/^,//;p;}' >> /tmp/report.csv  2> /dev/null
+awk 'FNR==31' /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null | sed -n -e 'H;${x;s/\n/,/g;s/^,//;p;}' >> /tmp/report.csv  2> /dev/null
+awk 'FNR==32' /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null | sed -n -e 'H;${x;s/\n/,/g;s/^,//;p;}' >> /tmp/report.csv  2> /dev/null
+awk 'FNR==33' /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null | sed -n -e 'H;${x;s/\n/,/g;s/^,//;p;}' >> /tmp/report.csv  2> /dev/null
+awk 'FNR==34' /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null | sed -n -e 'H;${x;s/\n/,/g;s/^,//;p;}' >> /tmp/report.csv  2> /dev/null
+awk 'FNR==35' /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null | sed -n -e 'H;${x;s/\n/,/g;s/^,//;p;}' >> /tmp/report.csv  2> /dev/null
+awk 'FNR==36' /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null | sed -n -e 'H;${x;s/\n/,/g;s/^,//;p;}' >> /tmp/report.csv  2> /dev/null
+awk 'FNR==37' /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null | sed -n -e 'H;${x;s/\n/,/g;s/^,//;p;}' >> /tmp/report.csv  2> /dev/null
+awk 'FNR==38' /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null | sed -n -e 'H;${x;s/\n/,/g;s/^,//;p;}' >> /tmp/report.csv  2> /dev/null
+awk 'FNR==39' /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null | sed -n -e 'H;${x;s/\n/,/g;s/^,//;p;}' >> /tmp/report.csv  2> /dev/null
+awk 'FNR==40' /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null | sed -n -e 'H;${x;s/\n/,/g;s/^,//;p;}' >> /tmp/report.csv  2> /dev/null
+awk 'FNR==50' /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null | sed -n -e 'H;${x;s/\n/,/g;s/^,//;p;}' >> /tmp/report.csv  2> /dev/null
+awk 'FNR==51' /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null | sed -n -e 'H;${x;s/\n/,/g;s/^,//;p;}' >> /tmp/report.csv  2> /dev/null
+awk 'FNR==52' /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null | sed -n -e 'H;${x;s/\n/,/g;s/^,//;p;}' >> /tmp/report.csv  2> /dev/null
+awk 'FNR==53' /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null | sed -n -e 'H;${x;s/\n/,/g;s/^,//;p;}' >> /tmp/report.csv  2> /dev/null
+awk 'FNR==54' /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null | sed -n -e 'H;${x;s/\n/,/g;s/^,//;p;}' >> /tmp/report.csv  2> /dev/null
+awk 'FNR==55' /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null | sed -n -e 'H;${x;s/\n/,/g;s/^,//;p;}' >> /tmp/report.csv  2> /dev/null
+awk 'FNR==56' /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null | sed -n -e 'H;${x;s/\n/,/g;s/^,//;p;}' >> /tmp/report.csv  2> /dev/null
+awk 'FNR==57' /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null | sed -n -e 'H;${x;s/\n/,/g;s/^,//;p;}' >> /tmp/report.csv  2> /dev/null
+awk 'FNR==58' /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null | sed -n -e 'H;${x;s/\n/,/g;s/^,//;p;}' >> /tmp/report.csv  2> /dev/null
+awk 'FNR==59' /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null | sed -n -e 'H;${x;s/\n/,/g;s/^,//;p;}' >> /tmp/report.csv  2> /dev/null
+awk 'FNR==60' /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null | sed -n -e 'H;${x;s/\n/,/g;s/^,//;p;}' >> /tmp/report.csv  2> /dev/null
+
+egrep '^High' /tmp/report.csv 2> /dev/null | awk -v AWK_TARGET="$TARGET" -F',' '$50=AWK_TARGET{print "P2 - HIGH, " $2 ", http://" $50 ", " $3}' > /tmp/report_final.csv 2> /dev/null
+egrep '^Medium' /tmp/report.csv 2> /dev/null | awk -v AWK_TARGET="$TARGET" -F',' '$50=AWK_TARGET{print "P3 - MEDIUM, " $2 ", http://" $50 ", " $3}' >> /tmp/report_final.csv 2> /dev/null
+egrep '^Low' /tmp/report.csv 2> /dev/null | awk -v AWK_TARGET="$TARGET" -F',' '$50=AWK_TARGET{print "P4 - LOW, " $2 ", http://" $50 ", " $3}' >> /tmp/report_final.csv 2> /dev/null
+egrep '^Informational' /tmp/report.csv 2> /dev/null | awk -v AWK_TARGET="$TARGET" -F',' '$50=AWK_TARGET{print "P5 - INFO, " $2 ", http://" $50 ", " $3}' >> /tmp/report_final.csv 2> /dev/null
+
+mv -f /tmp/report_final.csv $LOOT_DIR/vulnerabilities/sc0pe-$TARGET-$OUTPUT_NAME.txt 2> /dev/null
+
+cat $LOOT_DIR/vulnerabilities/sc0pe-$TARGET-$OUTPUT_NAME.txt 2> /dev/null
+
+rm -f /tmp/report_final.csv /tmp/report.csv /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null
--- a/templates/passive/web/recursive/OWASP_Zap_Scan_-_HTTPS.sh
+++ b/templates/passive/web/recursive/OWASP_Zap_Scan_-_HTTPS.sh
@@ -0,0 +1,73 @@
+AUTHOR='@xer0dayz'
+VULN_NAME='OWASP Zap Scan - HTTPS'
+FILENAME="$LOOT_DIR/web/zap-report-${TARGET}-https.html"
+OUTPUT_NAME=$(echo $VULN_NAME | sed -E 's/[^[:alnum:]]+/_/g')
+
+rm -f $LOOT_DIR/vulnerabilities/sc0pe-$TARGET-$OUTPUT_NAME.txt 2> /dev/null
+cat $FILENAME 2> /dev/null | egrep '<name>' -A20 | egrep '<name>|<riskdesc>|<uri>|<desc>' > /tmp/raw_out.txt 2> /dev/null
+grep '<name>' /tmp/raw_out.txt 2> /dev/null| cut -d'<' -f2 | cut -d'>' -f2 > /tmp/vulns.txt 2> /dev/null
+grep '<riskdesc>' /tmp/raw_out.txt 2> /dev/null| cut -d'<' -f2 | cut -d'>' -f2 > /tmp/risk.txt 2> /dev/null
+grep '<desc>' /tmp/raw_out.txt 2> /dev/null| cut -d\; -f3 > /tmp/desc.txt 2> /dev/null
+
+awk 'FNR==1' /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null | sed -n -e 'H;${x;s/\n/,/g;s/^,//;p;}' > /tmp/report.csv  2> /dev/null
+awk 'FNR==2' /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null | sed -n -e 'H;${x;s/\n/,/g;s/^,//;p;}' >> /tmp/report.csv  2> /dev/null
+awk 'FNR==3' /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null | sed -n -e 'H;${x;s/\n/,/g;s/^,//;p;}' >> /tmp/report.csv  2> /dev/null
+awk 'FNR==4' /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null | sed -n -e 'H;${x;s/\n/,/g;s/^,//;p;}' >> /tmp/report.csv  2> /dev/null
+awk 'FNR==5' /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null | sed -n -e 'H;${x;s/\n/,/g;s/^,//;p;}' >> /tmp/report.csv  2> /dev/null
+awk 'FNR==6' /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null | sed -n -e 'H;${x;s/\n/,/g;s/^,//;p;}' >> /tmp/report.csv  2> /dev/null
+awk 'FNR==7' /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null | sed -n -e 'H;${x;s/\n/,/g;s/^,//;p;}' >> /tmp/report.csv  2> /dev/null
+awk 'FNR==8' /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null | sed -n -e 'H;${x;s/\n/,/g;s/^,//;p;}' >> /tmp/report.csv  2> /dev/null
+awk 'FNR==9' /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null | sed -n -e 'H;${x;s/\n/,/g;s/^,//;p;}' >> /tmp/report.csv  2> /dev/null
+awk 'FNR==10' /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null | sed -n -e 'H;${x;s/\n/,/g;s/^,//;p;}' >> /tmp/report.csv  2> /dev/null
+awk 'FNR==11' /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null | sed -n -e 'H;${x;s/\n/,/g;s/^,//;p;}' >> /tmp/report.csv  2> /dev/null
+awk 'FNR==12' /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null | sed -n -e 'H;${x;s/\n/,/g;s/^,//;p;}' >> /tmp/report.csv  2> /dev/null
+awk 'FNR==13' /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null | sed -n -e 'H;${x;s/\n/,/g;s/^,//;p;}' >> /tmp/report.csv  2> /dev/null
+awk 'FNR==14' /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null | sed -n -e 'H;${x;s/\n/,/g;s/^,//;p;}' >> /tmp/report.csv  2> /dev/null
+awk 'FNR==15' /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null | sed -n -e 'H;${x;s/\n/,/g;s/^,//;p;}' >> /tmp/report.csv  2> /dev/null
+awk 'FNR==16' /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null | sed -n -e 'H;${x;s/\n/,/g;s/^,//;p;}' >> /tmp/report.csv  2> /dev/null
+awk 'FNR==17' /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null | sed -n -e 'H;${x;s/\n/,/g;s/^,//;p;}' >> /tmp/report.csv  2> /dev/null
+awk 'FNR==18' /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null | sed -n -e 'H;${x;s/\n/,/g;s/^,//;p;}' >> /tmp/report.csv  2> /dev/null
+awk 'FNR==19' /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null | sed -n -e 'H;${x;s/\n/,/g;s/^,//;p;}' >> /tmp/report.csv  2> /dev/null
+awk 'FNR==20' /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null | sed -n -e 'H;${x;s/\n/,/g;s/^,//;p;}' >> /tmp/report.csv  2> /dev/null
+awk 'FNR==21' /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null | sed -n -e 'H;${x;s/\n/,/g;s/^,//;p;}' >> /tmp/report.csv  2> /dev/null
+awk 'FNR==22' /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null | sed -n -e 'H;${x;s/\n/,/g;s/^,//;p;}' >> /tmp/report.csv  2> /dev/null
+awk 'FNR==23' /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null | sed -n -e 'H;${x;s/\n/,/g;s/^,//;p;}' >> /tmp/report.csv  2> /dev/null
+awk 'FNR==24' /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null | sed -n -e 'H;${x;s/\n/,/g;s/^,//;p;}' >> /tmp/report.csv  2> /dev/null
+awk 'FNR==25' /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null | sed -n -e 'H;${x;s/\n/,/g;s/^,//;p;}' >> /tmp/report.csv  2> /dev/null
+awk 'FNR==26' /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null | sed -n -e 'H;${x;s/\n/,/g;s/^,//;p;}' >> /tmp/report.csv  2> /dev/null
+awk 'FNR==27' /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null | sed -n -e 'H;${x;s/\n/,/g;s/^,//;p;}' >> /tmp/report.csv  2> /dev/null
+awk 'FNR==28' /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null | sed -n -e 'H;${x;s/\n/,/g;s/^,//;p;}' >> /tmp/report.csv  2> /dev/null
+awk 'FNR==29' /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null | sed -n -e 'H;${x;s/\n/,/g;s/^,//;p;}' >> /tmp/report.csv  2> /dev/null
+awk 'FNR==30' /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null | sed -n -e 'H;${x;s/\n/,/g;s/^,//;p;}' >> /tmp/report.csv  2> /dev/null
+awk 'FNR==31' /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null | sed -n -e 'H;${x;s/\n/,/g;s/^,//;p;}' >> /tmp/report.csv  2> /dev/null
+awk 'FNR==32' /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null | sed -n -e 'H;${x;s/\n/,/g;s/^,//;p;}' >> /tmp/report.csv  2> /dev/null
+awk 'FNR==33' /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null | sed -n -e 'H;${x;s/\n/,/g;s/^,//;p;}' >> /tmp/report.csv  2> /dev/null
+awk 'FNR==34' /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null | sed -n -e 'H;${x;s/\n/,/g;s/^,//;p;}' >> /tmp/report.csv  2> /dev/null
+awk 'FNR==35' /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null | sed -n -e 'H;${x;s/\n/,/g;s/^,//;p;}' >> /tmp/report.csv  2> /dev/null
+awk 'FNR==36' /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null | sed -n -e 'H;${x;s/\n/,/g;s/^,//;p;}' >> /tmp/report.csv  2> /dev/null
+awk 'FNR==37' /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null | sed -n -e 'H;${x;s/\n/,/g;s/^,//;p;}' >> /tmp/report.csv  2> /dev/null
+awk 'FNR==38' /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null | sed -n -e 'H;${x;s/\n/,/g;s/^,//;p;}' >> /tmp/report.csv  2> /dev/null
+awk 'FNR==39' /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null | sed -n -e 'H;${x;s/\n/,/g;s/^,//;p;}' >> /tmp/report.csv  2> /dev/null
+awk 'FNR==40' /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null | sed -n -e 'H;${x;s/\n/,/g;s/^,//;p;}' >> /tmp/report.csv  2> /dev/null
+awk 'FNR==50' /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null | sed -n -e 'H;${x;s/\n/,/g;s/^,//;p;}' >> /tmp/report.csv  2> /dev/null
+awk 'FNR==51' /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null | sed -n -e 'H;${x;s/\n/,/g;s/^,//;p;}' >> /tmp/report.csv  2> /dev/null
+awk 'FNR==52' /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null | sed -n -e 'H;${x;s/\n/,/g;s/^,//;p;}' >> /tmp/report.csv  2> /dev/null
+awk 'FNR==53' /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null | sed -n -e 'H;${x;s/\n/,/g;s/^,//;p;}' >> /tmp/report.csv  2> /dev/null
+awk 'FNR==54' /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null | sed -n -e 'H;${x;s/\n/,/g;s/^,//;p;}' >> /tmp/report.csv  2> /dev/null
+awk 'FNR==55' /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null | sed -n -e 'H;${x;s/\n/,/g;s/^,//;p;}' >> /tmp/report.csv  2> /dev/null
+awk 'FNR==56' /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null | sed -n -e 'H;${x;s/\n/,/g;s/^,//;p;}' >> /tmp/report.csv  2> /dev/null
+awk 'FNR==57' /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null | sed -n -e 'H;${x;s/\n/,/g;s/^,//;p;}' >> /tmp/report.csv  2> /dev/null
+awk 'FNR==58' /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null | sed -n -e 'H;${x;s/\n/,/g;s/^,//;p;}' >> /tmp/report.csv  2> /dev/null
+awk 'FNR==59' /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null | sed -n -e 'H;${x;s/\n/,/g;s/^,//;p;}' >> /tmp/report.csv  2> /dev/null
+awk 'FNR==60' /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null | sed -n -e 'H;${x;s/\n/,/g;s/^,//;p;}' >> /tmp/report.csv  2> /dev/null
+
+egrep '^High' /tmp/report.csv 2> /dev/null | awk -v AWK_TARGET="$TARGET" -F',' '$50=AWK_TARGET{print "P2 - HIGH, " $2 ", http://" $50 ", " $3}' > /tmp/report_final.csv 2> /dev/null
+egrep '^Medium' /tmp/report.csv 2> /dev/null | awk -v AWK_TARGET="$TARGET" -F',' '$50=AWK_TARGET{print "P3 - MEDIUM, " $2 ", http://" $50 ", " $3}' >> /tmp/report_final.csv 2> /dev/null
+egrep '^Low' /tmp/report.csv 2> /dev/null | awk -v AWK_TARGET="$TARGET" -F',' '$50=AWK_TARGET{print "P4 - LOW, " $2 ", http://" $50 ", " $3}' >> /tmp/report_final.csv 2> /dev/null
+egrep '^Informational' /tmp/report.csv 2> /dev/null | awk -v AWK_TARGET="$TARGET" -F',' '$50=AWK_TARGET{print "P5 - INFO, " $2 ", http://" $50 ", " $3}' >> /tmp/report_final.csv 2> /dev/null
+
+mv -f /tmp/report_final.csv $LOOT_DIR/vulnerabilities/sc0pe-$TARGET-$OUTPUT_NAME.txt 2> /dev/null
+
+cat $LOOT_DIR/vulnerabilities/sc0pe-$TARGET-$OUTPUT_NAME.txt 2> /dev/null
+
+rm -f /tmp/report_final.csv /tmp/report.csv /tmp/risk.txt /tmp/vulns.txt /tmp/desc.txt 2> /dev/null
--- a/templates/passive/web/recursive/Wordpress_Vulnerability_Scan_-_HTTPS_1.sh
+++ b/templates/passive/web/recursive/Wordpress_Vulnerability_Scan_-_HTTPS_1.sh
@@ -0,0 +1,12 @@
+AUTHOR='@xer0dayz'
+VULN_NAME='Wordpress Vulnerability Scan - HTTPS 1'
+FILENAME="$LOOT_DIR/web/wpscan-$TARGET-https-port443a.txt"
+OUTPUT_NAME=$(echo $VULN_NAME | sed -E 's/[^[:alnum:]]+/_/g')
+MATCH="Title\:"
+GREP_OPTIONS='-ih'
+
+rm -f $LOOT_DIR/vulnerabilities/sc0pe-$TARGET-$OUTPUT_NAME.txt 2> /dev/null
+egrep "$GREP_OPTIONS" "$MATCH" $FILENAME 2> /dev/null | cut -d\: -f2 2> /dev/null | awk -v AWK_TARGET="$TARGET" '$50=AWK_TARGET{print "P3 - MEDIUM, Wordpress Vulnerability Scan - HTTPS, https://" $50 ", " $2 " " $3 " " $4 " " $5 " " $6 " " $7 " " $8" " $9 " " $10 " " $11 " " $12" " $13 " " $14 " " $15 " " $16 " " $17 " " $18 " " $19 " " $20 " " $21 " " $22 " " $23 " " $24 " " $25}' 2> /dev/null >> $LOOT_DIR/vulnerabilities/sc0pe-$TARGET-$OUTPUT_NAME.txt 2> /dev/null
+MATCH="[+]"
+egrep "$GREP_OPTIONS" "$MATCH" $FILENAME 2> /dev/null | awk -v AWK_TARGET="$TARGET" '$50=AWK_TARGET{print "P5 - INFO, Wordpress Vulnerability Scan - HTTPS, https://" $50 ", " $2 " " $3 " " $4 " " $5 " " $6 " " $7 " " $8" " $9 " " $10 " " $11 " " $12" " $13 " " $14 " " $15 " " $16 " " $17 " " $18 " " $19 " " $20 " " $21 " " $22 " " $23 " " $24 " " $25}' 2> /dev/null >> $LOOT_DIR/vulnerabilities/sc0pe-$TARGET-$OUTPUT_NAME.txt 2> /dev/null
+cat $LOOT_DIR/vulnerabilities/sc0pe-$TARGET-$OUTPUT_NAME.txt 2> /dev/null
--- a/templates/passive/web/recursive/Wordpress_Vulnerability_Scan_-_HTTPS_2.sh
+++ b/templates/passive/web/recursive/Wordpress_Vulnerability_Scan_-_HTTPS_2.sh
@@ -0,0 +1,12 @@
+AUTHOR='@xer0dayz'
+VULN_NAME='Wordpress Vulnerability Scan - HTTPS 2'
+FILENAME="$LOOT_DIR/web/wpscan-$TARGET-https-port443b.txt"
+OUTPUT_NAME=$(echo $VULN_NAME | sed -E 's/[^[:alnum:]]+/_/g')
+MATCH="Title\:"
+GREP_OPTIONS='-ih'
+
+rm -f $LOOT_DIR/vulnerabilities/sc0pe-$TARGET-$OUTPUT_NAME.txt 2> /dev/null
+egrep "$GREP_OPTIONS" "$MATCH" $FILENAME 2> /dev/null | cut -d\: -f2 2> /dev/null | awk -v AWK_TARGET="$TARGET" '$50=AWK_TARGET{print "P3 - MEDIUM, Wordpress Vulnerability Scan - HTTPS, https://" $50 ", " $2 " " $3 " " $4 " " $5 " " $6 " " $7 " " $8" " $9 " " $10 " " $11 " " $12" " $13 " " $14 " " $15 " " $16 " " $17 " " $18 " " $19 " " $20 " " $21 " " $22 " " $23 " " $24 " " $25}' 2> /dev/null >> $LOOT_DIR/vulnerabilities/sc0pe-$TARGET-$OUTPUT_NAME.txt 2> /dev/null
+MATCH="[+]"
+egrep "$GREP_OPTIONS" "$MATCH" $FILENAME 2> /dev/null | awk -v AWK_TARGET="$TARGET" '$50=AWK_TARGET{print "P5 - INFO, Wordpress Vulnerability Scan - HTTPS, https://" $50 ", " $2 " " $3 " " $4 " " $5 " " $6 " " $7 " " $8" " $9 " " $10 " " $11 " " $12" " $13 " " $14 " " $15 " " $16 " " $17 " " $18 " " $19 " " $20 " " $21 " " $22 " " $23 " " $24 " " $25}' 2> /dev/null >> $LOOT_DIR/vulnerabilities/sc0pe-$TARGET-$OUTPUT_NAME.txt 2> /dev/null
+cat $LOOT_DIR/vulnerabilities/sc0pe-$TARGET-$OUTPUT_NAME.txt 2> /dev/null
--- a/templates/passive/web/recursive/Wordpress_Vulnerability_Scan_-_HTTP_1.sh
+++ b/templates/passive/web/recursive/Wordpress_Vulnerability_Scan_-_HTTP_1.sh
@@ -0,0 +1,12 @@
+AUTHOR='@xer0dayz'
+VULN_NAME='Wordpress Vulnerability Scan - HTTP 1'
+FILENAME="$LOOT_DIR/web/wpscan-$TARGET-http-port80a.txt"
+OUTPUT_NAME=$(echo $VULN_NAME | sed -E 's/[^[:alnum:]]+/_/g')
+MATCH="Title\:"
+GREP_OPTIONS='-ih'
+
+rm -f $LOOT_DIR/vulnerabilities/sc0pe-$TARGET-$OUTPUT_NAME.txt 2> /dev/null
+egrep "$GREP_OPTIONS" "$MATCH" $FILENAME 2> /dev/null | cut -d\: -f2 2> /dev/null | awk -v AWK_TARGET="$TARGET" '$50=AWK_TARGET{print "P3 - MEDIUM, Wordpress Vulnerability Scan - HTTP, http://" $50 ", " $2 " " $3 " " $4 " " $5 " " $6 " " $7 " " $8" " $9 " " $10 " " $11 " " $12" " $13 " " $14 " " $15 " " $16 " " $17 " " $18 " " $19 " " $20 " " $21 " " $22 " " $23 " " $24 " " $25}' 2> /dev/null >> $LOOT_DIR/vulnerabilities/sc0pe-$TARGET-$OUTPUT_NAME.txt 2> /dev/null
+MATCH="[+]"
+egrep "$GREP_OPTIONS" "$MATCH" $FILENAME 2> /dev/null | awk -v AWK_TARGET="$TARGET" '$50=AWK_TARGET{print "P5 - INFO, Wordpress Vulnerability Scan - HTTP, http://" $50 ", " $2 " " $3 " " $4 " " $5 " " $6 " " $7 " " $8" " $9 " " $10 " " $11 " " $12" " $13 " " $14 " " $15 " " $16 " " $17 " " $18 " " $19 " " $20 " " $21 " " $22 " " $23 " " $24 " " $25}' 2> /dev/null >> $LOOT_DIR/vulnerabilities/sc0pe-$TARGET-$OUTPUT_NAME.txt 2> /dev/null
+cat $LOOT_DIR/vulnerabilities/sc0pe-$TARGET-$OUTPUT_NAME.txt 2> /dev/null
--- a/templates/passive/web/recursive/Wordpress_Vulnerability_Scan_-_HTTP_2.sh
+++ b/templates/passive/web/recursive/Wordpress_Vulnerability_Scan_-_HTTP_2.sh
@@ -0,0 +1,12 @@
+AUTHOR='@xer0dayz'
+VULN_NAME='Wordpress Vulnerability Scan - HTTP 2'
+FILENAME="$LOOT_DIR/web/wpscan-$TARGET-http-port80b.txt"
+OUTPUT_NAME=$(echo $VULN_NAME | sed -E 's/[^[:alnum:]]+/_/g')
+MATCH="Title\:"
+GREP_OPTIONS='-ih'
+
+rm -f $LOOT_DIR/vulnerabilities/sc0pe-$TARGET-$OUTPUT_NAME.txt 2> /dev/null
+egrep "$GREP_OPTIONS" "$MATCH" $FILENAME 2> /dev/null | cut -d\: -f2 2> /dev/null | awk -v AWK_TARGET="$TARGET" '$50=AWK_TARGET{print "P3 - MEDIUM, Wordpress Vulnerability Scan - HTTP, http://" $50 ", " $2 " " $3 " " $4 " " $5 " " $6 " " $7 " " $8" " $9 " " $10 " " $11 " " $12" " $13 " " $14 " " $15 " " $16 " " $17 " " $18 " " $19 " " $20 " " $21 " " $22 " " $23 " " $24 " " $25}' 2> /dev/null >> $LOOT_DIR/vulnerabilities/sc0pe-$TARGET-$OUTPUT_NAME.txt 2> /dev/null
+MATCH="[+]"
+egrep "$GREP_OPTIONS" "$MATCH" $FILENAME 2> /dev/null | awk -v AWK_TARGET="$TARGET" '$50=AWK_TARGET{print "P5 - INFO, Wordpress Vulnerability Scan - HTTP, http://" $50 ", " $2 " " $3 " " $4 " " $5 " " $6 " " $7 " " $8" " $9 " " $10 " " $11 " " $12" " $13 " " $14 " " $15 " " $16 " " $17 " " $18 " " $19 " " $20 " " $21 " " $22 " " $23 " " $24 " " $25}' 2> /dev/null >> $LOOT_DIR/vulnerabilities/sc0pe-$TARGET-$OUTPUT_NAME.txt 2> /dev/null
+cat $LOOT_DIR/vulnerabilities/sc0pe-$TARGET-$OUTPUT_NAME.txt 2> /dev/null