Page 53 - index
P. 53







./scripts/network #directory for network tools

./output #temporary directory where the reports are generated

./websites.txt #Website list

./ips.txt #IPs/Networks list

./plugin #plugin or library necessary for ./scripts/

./config.py #global configuration



The following is the nmap script

./scripts/network/nmap

NAME="nmap_$(date +%s).xml"
${CS_NMAP:=nmap} -iL $1 -oX $2$NAME


It very simply takes two parameters, the first is the target and the second the output directory for the
report, it can be programmed in any languages, the following tools are available:

./scripts/web/burp.sh

./scripts/web/zap.sh

./scripts/web/nikto.sh
./scripts/web/w3af.sh

./scripts/network

./scripts/network/nmap.sh

./scripts/network/openvas.sh

./scripts/network/nessus.sh

Before starting to use it, review ./config.py as it contains specific configurations that can change
your system, some include the path of the tools, openvas/nessus credentials, etc.



Schedule:
The last step is configure how regularly you are going to run the tool.

A simple example would be using cron each day at midnight executing the tool and moving the
reports to the workspace "workspace_name"


53 Cyber Warnings E-Magazine – October 2015 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide

   48   49   50   51   52   53   54   55   56   57   58