A script that you can run in the background!
The main goal for this script is to automate all of the process of recon/enumeration that is run every time, and instead focus our attention on real pen testing.
This will ensure two things:
1) Automate nmap scans.
2) Always have some recon running in the background.
Once initial ports are found 'in around 10 seconds', we can start manually looking into those ports, and let the rest run in the background with no interaction from our side whatsoever.
- Quick: Shows all open ports quickly (~15 seconds)
- Basic: Runs Quick Scan, then runs a more thorough scan on found ports (~5 minutes)
- UDP: Runs "Basic" on UDP ports (~5 minutes)
- Full: Runs a full range port scan, then runs a thorough scan on new ports (~5-10 minutes)
- Vulns: Runs CVE scan and nmap Vulns scan on all found ports (~5-15 minutes)
- Recon: Runs "Basic" scan "if not yet run", then suggests recon commands "i.e. gobuster, nikto, smbmap" based on the found ports, then prompts to automatically run them
- All: Runs all the scans consecutively (~20-30 minutes)
Gobuster 'v3.0 or higher', which we can install with:
sudo apt update
sudo apt install gobusteror ffuf, which we can install with:
sudo apt update
sudo apt install ffufOther Recon tools used within the script include:
./nmapAutomator.sh <TARGET-IP> <TYPE>
./nmapAutomator.sh 10.1.1.1 All
./nmapAutomator.sh 10.1.1.1 Basic
./nmapAutomator.sh 10.1.1.1 Recon git clone https://github.com/21y4d/nmapAutomator.git
sudo ln -s $(pwd)/nmapAutomator/nmapAutomator.sh /usr/local/bin/Feel free to send your pull requests and contributions :)
-
Support DNS resolution "use of urls/domains instead of IPs"- Done, thanks @KatsuragiCSL -
Properly identify url extensions "testing index extensions for code 200" - Add more port-based automatic recon options
- Add an nmap progress bar