BASH script to setup dirb and nikto enumeration from web hosts parsed from nessus output (see parse_nessus_web.py in other gist post)

create_web_scans.sh

#!/bin/bash

BASE="$1"
INPUT_FILE="$2"

print_help() {
    echo "Usage: $(basename $0) <folder> <input file>"
}

if [ -z "$BASE" ]; then
    echo "Error: Provide me a directory"
    echo
    print_help
    exit 1
elif [ ! -d "$BASE" ]; then
    echo "Error: Directory doesn't exist."
    echo
    print_help
    exit 2
fi

if [ -z "$INPUT_FILE" ]; then
    echo "Error: Provide me an input file"
    echo
    print_help
    exit 3
elif [ ! -e "$INPUT_FILE" ]; then
    echo "Error: Input file doesn't exist."
    echo
    print_help
    exit 4
fi

DIRB_LIST="/usr/share/wordlists/dirb/big.txt"
AGENT_STRING="Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)"
NIKTO_EXE=$(which nikto)
DIRB_EXE=$(which dirb)

mkdir -p ${BASE}/nikto
mkdir -p ${BASE}/dirb

NIKTO_FILE="${BASE}/nikto/run_nikto.sh"
DIRB_FILE="${BASE}/dirb/run_dirb.sh"

echo "#!/bin/bash" > ${NIKTO_FILE}
echo "#!/bin/bash" > ${DIRB_FILE}

cat ${INPUT_FILE} | while read -r URL; do

    IP=$(echo ${URL} | sed 's/ht.*\/\///g' | cut -d':' -f1)
    PORT=$(echo ${URL} | sed 's/ht.*\/\///g' | cut -d':' -f2)

    SSL_TEST=$(echo ${URL} | grep -c https)


    if [ "${SSL_TEST}" -gt "0" ]; then
        echo "${NIKTO_EXE} -useragent \"${AGENT_STRING}\" -timeout 5 -ssl -evasion 1 -Format txt -C all -host $URL -output ${BASE}/nikto/${IP}_${PORT}_ssl.txt" >> ${NIKTO_FILE}
    else
        echo "${NIKTO_EXE} -useragent \"${AGENT_STRING}\" -timeout 5 -nossl -evasion 1 -Format txt -C all -host $URL -output ${BASE}/nikto/${IP}_${PORT}.txt" >> ${NIKTO_FILE}
    fi

    echo "${DIRB_EXE} ${URL} ${DIRB_LIST} -a \"${AGENT_STRING}\" -o ${BASE}/dirb/${IP}_${PORT}.txt -S" >> ${DIRB_FILE}

done