Discover: Automate Penetration Testing Tasks
- git clone git://github.com/leebaird/discover.git /opt/discover/
- All scripts must be ran from this location.
- cd /opt/discover/
3. Parse salesforce
4. Generate target list
7. IP or domain
8. Open multiple tabs in Iceweasel
11. Crack WiFi
12. Parse XML
13. Start a Metasploit listener
RECON 1. Passive 2. Active 3. Previous menu
- Passive combines goofile, goog-mail, goohost, theHarvester, Metasploit, dnsrecon, URLCrazy, Whois and multiple webistes.
- Active combines Nmap, dnsrecon, Fierce, lbd, WAF00W, traceroute and Whatweb.
RECON First name: Last name:
- Combines info from multiple websites.
Create a free account at salesforce (https://connect.data.com/login). Perform a search on your target company > select the company name > see all. Copy the results into a new file. Enter the location of your list:
- Gather names and positions into a clean list.
Generate target list
SCANNING 1. Local area network 2. NetBIOS 3. netdiscover 4. Ping sweep 5. Previous menu
- Use different tools to create a target list including Angry IP Scanner, arp-scan, netdiscover and nmap pingsweep.
CIDR, List, IP or domain
Type of scan: 1. External 2. Internal 3. Previous menu
- External scan will set the nmap source port to 53 and the max-rrt-timeout to 1500ms.
- Internal scan will set the nmap source port to 88 and the max-rrt-timeout to 500ms.
- Nmap is used to perform host discovery, port scanning, service enumeration and OS identification.
- Matching nmap scripts are used for additional enumeration.
- Matching Metasploit auxiliary modules are also leveraged.
Discover: Automate Penetration Testing Tasks Reviewed by Ethical Hacking on 12:12 PM Rating: