Skip to content

Instantly share code, notes, and snippets.

Last active August 12, 2020 07:46
  • Star 4 You must be signed in to star a gist
  • Fork 1 You must be signed in to fork a gist
Star You must be signed in to star a gist
What would you like to do?
Automating scanning with fish shell
=======================HOST DISCOVERY===========================================
Host discovery con PING:
$ for octect in (seq 0 254)
echo "Pinging [X.X.X.$octect]"
ping -c 2 10.150.150.$octect | grep "bytes from" | awk '{print $4}' | uniq -d | cut -d ":" -f 1 | tee -a targets.list
Host discovery con NMAP IMCP o ARP
$sudo nmap -vv -sn -PE -oG HOSTDISCOVERY_ICMP.gnmap
$sudo nmap -vv -sn -PR -oG HOSTDISCOVERY_ARP.gnmap
$grep Up HOSTDISCOVERY_ARP.gnmap | awk '{print $2}' | tee -a targets.list
Scan FULL TCP a list of IP addresses.
$ for ip in (cat targets.list)
mkdir $ip
echo Scanning host: $ip
sudo nmap -vv -T4 -Pn -n -sSV --reason -p- $ip -oA $ip/{$ip}_FULL-TCP_(times)
echo -e "================================================================================\n"
Get the grepeable files for further scans:
# $ find . -name \*.gnmap | cut -d "/" -f 2 | tee -a full_TCP.list #FOR PWD
$ find . -name \*.gnmap | tee -a full_TCP.list #FOR DIRECTORY PATHS
Scan only open ports with NSE.
$ for file in (cat full_TCP.list)
echo Using file $file for scanning
set ports (grep open $file | grep -Eo '[0-9]+/open' | cut -d "/" -f 1 | sed ':a;N;$!ba;s/\n/,/g')
set ip (grep Up $file | awk '{print $2}')
echo "Scanning [$ip] and ports [$ports]"
sudo nmap -vv -T4 -Pn -n -sSV -A --reason --script="banner,exploit,vuln and not brute or dos" -p$ports $ip -oA $ip/{$ip}_TCP-SCRIPT_(times)
Copy link

iheartsgalaxy commented Aug 4, 2020

Hi! I have some questions to ask you and i felt you might be able to help me. I hope you can drop me an email, (Jasmine). Thank you! :)

*i have replied you, let me know if you received it :)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment