Hello everyone, In this post we are going to focus on automated penetration testing, as we know that there lots of tools available to do automation. But here we are focusing to automated penetration testing using bash script to do our repetitively task in easy and time saving manner.
Bash refers to the Born again shell, which uses in Linux distros as well as mac too. Bash is really handy for customization. Like, can use multiple tools available or install them on a Linux distro by using single liner bash.
Alias is used to create a shortcut name for a command or many commands. As well as if a user wants to run a file present in a particular location can also create a shortcut name for that
Where we can add aliases for commands? In Linux, the distro can find the .bashrc file, which is located in the user home directory to add aliases.
alias update = ‘apt update && apt upgrade -y’
Users can also add an alias for a file, For example – a user has a VPN file for execution that file needs to go to a particular path and execute. Can create an alias for that which will be easy and time reducing.
Remembering sub-options for each and every tool is not possible, what if will create a bash script for a tool used on a daily basis, isn’t it time reducing.?
Small script given below for the popular tool NMAP.
#!/bin/bash if [ ! -d output ]; then mkdir output fi line="------------------------------------------------------"; echo $line; echo "" read -p "Enter target without protocol: " target; echo "" echo $line; echo ""; echo $line; echo ""; echo "Nmap Fast Scan: "; nmap -F $target -oN output/fast_$target; echo ""; echo $line; echo $line; echo ""; echo "Nmap Agressive Scan: "; nmap -A $target -oN output/agg_$target; echo ""; echo $line; echo $line; echo ""; echo "Nmap total ports Scan: "; nmap -p- $target -oN output/totalports_$target;
Also, do write the same script with multiple tools.
line="------------------------------------------------------";
echo $line;
echo ""
read -p "Enter target url: " target;
echo ""
echo $line;
echo "";
echo "WhatWeb Result: ";
whatweb $target;
echo "";
echo $line;
echo "";
echo "Nikto Result: ";
nikto -h $target;
echo "";
echo $line;
echo "";
echo "Dirb Result: ";
dirb $target;
Like same can check for multiple tools like metasploit-framework, etc
If you found this post helpful then please share it with your co-workers and friends. Please provide your valuable comment and let us know if there is any suggestion. Now you can also collab with us please check our collaboration page, thank you!
