Page 53 - index
P. 53
./scripts/network #directory for network tools
./output #temporary directory where the reports are generated
./websites.txt #Website list
./ips.txt #IPs/Networks list
./plugin #plugin or library necessary for ./scripts/
./config.py #global configuration
The following is the nmap script
./scripts/network/nmap
NAME="nmap_$(date +%s).xml"
${CS_NMAP:=nmap} -iL $1 -oX $2$NAME
It very simply takes two parameters, the first is the target and the second the output directory for the
report, it can be programmed in any languages, the following tools are available:
./scripts/web/burp.sh
./scripts/web/zap.sh
./scripts/web/nikto.sh
./scripts/web/w3af.sh
./scripts/network
./scripts/network/nmap.sh
./scripts/network/openvas.sh
./scripts/network/nessus.sh
Before starting to use it, review ./config.py as it contains specific configurations that can change
your system, some include the path of the tools, openvas/nessus credentials, etc.
Schedule:
The last step is configure how regularly you are going to run the tool.
A simple example would be using cron each day at midnight executing the tool and moving the
reports to the workspace "workspace_name"
53 Cyber Warnings E-Magazine – October 2015 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide