Scripts

AMGAMG
2 min read

I am very new to Linux, Offensive and Defensive security and as such, I've been learning a lot about Python, bash and scripting in general. I'm also finding a lot of repetitive tasks, especially in the enumeration space which may be able to be automated a little. I made these not just to perhaps save a little time (which I know it won't save all that much) but more to practice scripting, I'm going to use this article to list them out and tweak them as I go, as well as keep an ongoing list of sites/tools that I have found online which have helped so far:

Add site to Hosts File:

#!/bin/bash
# Prompt the user for an IP address
read -p "Enter the IP address: " ip_address
# Prompt the user for a name
read -p "Enter the name: " name

# Validate that the IP address is not empty
if [ -z "$ip_address" ]; then
  echo "Error: IP address cannot be empty."
  exit 1
fi
# Validate that the name is not empty
if [ -z "$name" ]; then
  echo "Error: Name cannot be empty."
  exit 1
fi

# Add the entry to the hosts file
echo "$ip_address   $name" | sudo tee -a /etc/hosts > /dev/null
echo "Entry added to /etc/hosts:"
echo "$ip_address   $name"

nmap enumeration:

#!/bin/bash

echo "Enter the target IP address: "
read target

echo "Choose the switches to use for the scan: "
echo "1. Enumerate open ports and services"
echo "2. Vulnerability scan"
echo "3. Enumerate open ports, services and vulnerability scan"
read option

# Perform the scan based on the user's choice
if [ $option -eq 1 ]; then
  nmap -sC -sV $target
elif [ $option -eq 2 ]; then
  nmap --script vuln $target
else
  nmap -sV --script vuln $target
fi

gobuster enumeration:

#!/bin/bash

echo "Enter the target IP address: "
read target

# Start gobuster scan with common wordlist
gobuster dir -u http://$target -w /usr/share/wordlists/dirb/common.txt -t 100 -o scan_output.txt

# Extract useful information
echo -e "\n[*] Directories found:"
cat scan_output.txt | grep "Status: 200" | awk '{print $1}'

echo -e "\n[*] Possible virtual hosts found:"
cat scan_output.txt | grep "Status: 301" | awk '{print $1}'

echo -e "\n[*] Possible domain enumeration: "
cat scan_output.txt | grep "Status: 301" | awk '{print $2}' | awk -F'/' '{print $3}'

# Clean up the output file
rm scan_output.txt
0
Subscribe to my newsletter

Read articles from AMG directly inside your inbox. Subscribe to the newsletter, and don't miss out.

Written by

AMG
AMG