nmapAutomator: automate all of the process of recon/enumeration

nmapAutomator

A script that you can run in the background!

Summary

The main goal for the nmapAutomator script is to automate all of the processes of recon/enumeration that are run every time and instead focus our attention on real pen-testing.

This will ensure two things:
1) Automate nmap scans. 2) Always have some recon running in the background.

Once initial ports are found ‘in around 10 seconds‘, we can start manually looking into those ports, and let the rest run in the background with no interaction from our side whatsoever.

Features:

1. Quick: Shows all open ports quickly (~15 seconds)
2. Basic: Runs Quick Scan, then runs a more thorough scan on found ports (~5 minutes)
3. UDP: Runs “Basic” on UDP ports (~5 minutes)
4. Full: Runs a full range port scan, then runs a thorough scan on new ports (~5-10 minutes)
5. Vulns: Runs CVE scan and nmap Vulns scan on all found ports (~5-15 minutes)
6. Recon: Runs “Basic” scan “if not yet run”, then suggests recon commands “i.e. gobuster, nikto, smbmap” based on the found ports, then prompts to automatically run them
7. All: Runs all the scans consecutively (~20-30 minutes)

Installation

Requirement

Gobuster v3.0 or higher, which we can install with:

or ffuf, which we can install with:

Other Recon tools used within the script include:

• nmap Vulners
• sslscan
• nikto
• joomscan
• wpscan
• droopescan
• smbmap
• enum4linux
• dnsrecon
• odat

Install

git clone https://github.com/21y4d/nmapAutomator.git
sudo ln -s $(pwd)/nmapAutomator/nmapAutomator.sh /usr/local/bin/

Use

Example

./nmapAutomator.sh -h

Usage: ./nmapAutomator.sh --host <TARGET-IP> --type <TYPE> [--dns <DNS SERVER>]



./nmapAutomator.sh --host 10.1.1.1 --type All

./nmapAutomator.sh -H 10.1.1.1 -t Basic

./nmapAutomator.sh -H www.github.com -t Recon -d 1.1.1.1

Copyright (c) 2021 21y4d

Source: https://github.com/21y4d/