Automating Common Tasks

April 08, 2015

Automating Common Tasks

Often with pen testing, and many other things, there are certain tasks that we repeat over and over. I like to automate the tasks that I perform often and depending on the task, I may use a different scripting language. I decided to script some common tasks I perform every pen test to give me more time to focus on the fun exploitation.

You can find the tool at my github page:

https://github.com/l0gan/PenTestScripts/blob/master/engagementStarter.sh.

To run the script, use the following syntax:

./engagementStarter.sh <target IP/range/subnet> <customer name>

This script will do the following:

- run a nmap discovery scan
- run a full TCP scan against all live hosts found during the discovery scan
- run a top 20 UDP port scan against live hosts
- import scan results to metasploit
- run sslscan against hosts with SSL enabled ports
- run snmpcheck against host with SNMP open
- run eyewitness against hosts with http/https services open to grab screenshots of pages

I plan on adding to the script other tools/tasks run often. If you have a tool/technique you think would be beneficial in the script, leave a comment.

Search This Blog

i am the hacking ninja

Automating Common Tasks

Popular Posts

Post-It Note Passwords

Log Parsing