Skip to content

Instantly share code, notes, and snippets.

@todmephis
Last active August 12, 2020 07:46
Show Gist options
  • Save todmephis/e036aa41d791512eb16002c71b180be7 to your computer and use it in GitHub Desktop.
Save todmephis/e036aa41d791512eb16002c71b180be7 to your computer and use it in GitHub Desktop.
Automating scanning with fish shell
=======================HOST DISCOVERY===========================================
Host discovery con PING:
$ for octect in (seq 0 254)
echo "Pinging [X.X.X.$octect]"
ping -c 2 10.150.150.$octect | grep "bytes from" | awk '{print $4}' | uniq -d | cut -d ":" -f 1 | tee -a targets.list
end
Host discovery con NMAP IMCP o ARP
$sudo nmap -vv -sn -PE 10.150.150.0/24 -oG HOSTDISCOVERY_ICMP.gnmap
ó
$sudo nmap -vv -sn -PR 10.150.150.0/24 -oG HOSTDISCOVERY_ARP.gnmap
$grep Up HOSTDISCOVERY_ARP.gnmap | awk '{print $2}' | tee -a targets.list
================================================================================
Scan FULL TCP a list of IP addresses.
$ for ip in (cat targets.list)
mkdir $ip
echo Scanning host: $ip
sudo nmap -vv -T4 -Pn -n -sSV --reason -p- $ip -oA $ip/{$ip}_FULL-TCP_(times)
echo -e "================================================================================\n"
end
Get the grepeable files for further scans:
# $ find . -name \*.gnmap | cut -d "/" -f 2 | tee -a full_TCP.list #FOR PWD
$ find . -name \*.gnmap | tee -a full_TCP.list #FOR DIRECTORY PATHS
Scan only open ports with NSE.
$ for file in (cat full_TCP.list)
echo Using file $file for scanning
set ports (grep open $file | grep -Eo '[0-9]+/open' | cut -d "/" -f 1 | sed ':a;N;$!ba;s/\n/,/g')
set ip (grep Up $file | awk '{print $2}')
echo "Scanning [$ip] and ports [$ports]"
sudo nmap -vv -T4 -Pn -n -sSV -A --reason --script="banner,exploit,vuln and not brute or dos" -p$ports $ip -oA $ip/{$ip}_TCP-SCRIPT_(times)
end
@iheartsgalaxy
Copy link

iheartsgalaxy commented Aug 4, 2020

Hi! I have some questions to ask you and i felt you might be able to help me. I hope you can drop me an email, jasminechoong.15@gmail.com (Jasmine). Thank you! :)

*i have replied you, let me know if you received it :)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment