Discover: A Custom Bash Scripts Used To Perform Pentesting Tasks Amongst Metasploit

About discover: abide by is a custom bash scripts used to automate diverse penetration testing tasks including recon, scanning, parsing, in addition to creating malicious payloads in addition to listeners alongside Metasploit Framework. For role alongside Kali Linux, Parrot Security OS and the Penetration Testers Framework (PTF).

About authors:

• Lee Baird: @discoverscripts
• Jay "L1ghtn1ng" Townsend: @jay_townsend1
• Jason Ashton: @ninewires

   Person: Combines information from multiple websites.

RECON

First name:
Last name:

   Parse salesforce: Gather names in addition to positions into a build clean list.

Create a complimentary line of piece of job organisation human relationship at salesforce (https://connect.data.com/login).
Perform a search on your target fellowship > conduct the fellowship refer > run into all.
Copy the results into a novel file.

Enter the place of your list:

About SCANNING inward discover
   Generate target list: Use unlike tools to practice a target listing including Angry IP Scanner, arp-scan, netdiscover in addition to nmap pingsweep.

SCANNING

1. Local surface area network
2. NetBIOS
3. netdiscover
4. Ping sweep
5. Previous menu


   CIDR, List, IP, Range, or URL

Type of scan:

1. External
2. Internal
3. Previous menu

• External scan volition fix the nmap source port to 53 in addition to the max-rrt-timeout to 1500ms.
• Internal scan volition fix the nmap source port to 88 in addition to the max-rrt-timeout to 500ms.
• Nmap is used to perform host discovery, port scanning, service enumeration in addition to OS identification.
• Matching nmap scripts are used for additional enumeration.
• Addition tools: enum4linux, smbclient, in addition to ike-scan.
• Matching Metasploit auxiliary modules are also leveraged.

About WEB inward discover
   Insecure straight object reference

Using Burp, authenticate to a site, map & Spider, in addition to thence log out.
Target > Site map > conduct the URL > correct click > Copy URLs inward this host.
Paste the results into a novel file.


Enter the place of your file:

   Open multiple tabs inward Firefox

Open multiple tabs inward Firefox with:

1. List
2. Directories from robots.txt.
3. Previous menu

• Use a listing containing IPs and/or URLs.
• Use wget to clit a domain's robot.txt file, in addition to thence opened upward all of the directories.

   Nikto

Run multiple instances of Nikto inward parallel.

1. List of IPs.
2. List of IP:port.
3. Previous menu

   SSL: Use sslscan in addition to sslyze to banking concern tally for SSL/TLS certificate issues.

Check for SSL certificate issues.

Enter the place of your list:

About MISC inward discover
   Parse XML

Parse XML to CSV.

1. Burp (Base64)
2. Nessus (.nessus)
3. Nexpose (XML 2.0)
4. Nmap
5. Qualys
6. revious menu

   Generate a malicious payload

Malicious Payloads

1. android/meterpreter/reverse_tcp
2. cmd/windows/reverse_powershell
3. java/jsp_shell_reverse_tcp (Linux)
4. java/jsp_shell_reverse_tcp (Windows)
5. linux/x64/meterpreter_reverse_https
6. linux/x64/meterpreter_reverse_tcp
7. linux/x64/shell/reverse_tcp
8. osx/x64/meterpreter_reverse_https
9. osx/x64/meterpreter_reverse_tcp
10. php/meterpreter/reverse_tcp
11. python/meterpreter_reverse_https 12. python/meterpreter_reverse_tcp
13. windows/x64/meterpreter_reverse_https
14. windows/x64/meterpreter_reverse_tcp
15. Previous menu

   Start a Metasploit listener

Metasploit Listeners

1. android/meterpreter/reverse_tcp
2. cmd/windows/reverse_powershell
3. java/jsp_shell_reverse_tcp
4. linux/x64/meterpreter_reverse_https
5. linux/x64/meterpreter_reverse_tcp
6. linux/x64/shell/reverse_tcp
7. osx/x64/meterpreter_reverse_https
8. osx/x64/meterpreter_reverse_tcp
9. php/meterpreter/reverse_tcp
10. python/meterpreter_reverse_https
11. python/meterpreter_reverse_tcp
12. windows/x64/meterpreter_reverse_https
13. windows/x64/meterpreter_reverse_tcp
14. Previous menu