About discover: discover is a custom bash scripts used to automate various penetration testing tasks including recon, scanning, parsing, and creating malicious payloads and listeners with Metasploit Framework. For use with Kali Linux, Parrot Security OS and the Penetration Testers Framework (PTF).
About authors:
- Lee Baird: @discoverscripts
- Jay "L1ghtn1ng" Townsend: @jay_townsend1
- Jason Ashton: @ninewires
discover Installation and Updating
About RECON in discover
Domain
Domain
RECON
1. Passive2. Active3. Import names into an existing recon-ng workspace4. Previous menuPassive uses ARIN, dnsrecon, goofile, goog-mail, goohost, theHarvester, Metasploit Framework, URLCrazy, Whois, multiple websites, and recon-ng.
Active uses dnsrecon, WAF00W, traceroute, Whatweb, and recon-ng.
[*] Acquire API keys for Bing, Builtwith, Fullcontact, GitHub, Google, Hashes, Hunter, SecurityTrails, and Shodan for maximum results with recon-ng and theHarvester.
[*] Acquire API keys for Bing, Builtwith, Fullcontact, GitHub, Google, Hashes, Hunter, SecurityTrails, and Shodan for maximum results with recon-ng and theHarvester.
API key locations:
recon-ng show keys keys add bing_api <value>
theHarvester /opt/theHarvester/api-keys.yamlPerson: Combines info from multiple websites.
RECON
First name:Last name: Parse salesforce: Gather names and positions into a clean list.
Create a free account at salesforce (https://connect.data.com/login).Perform a search on your target company > select the company name > see all.Copy the results into a new file.
Enter the location of your list:About SCANNING in discover
Generate target list: Use different tools to create a target list including Angry IP Scanner, arp-scan, netdiscover and nmap pingsweep.
SCANNING
1. Local area network2. NetBIOS3. netdiscover4. Ping sweep5. Previous menuCIDR, List, IP, Range, or URL
Type of scan:
1. External2. Internal3. Previous menu- External scan will set the nmap source port to 53 and the max-rrt-timeout to 1500ms.
- Internal scan will set the nmap source port to 88 and the max-rrt-timeout to 500ms.
- Nmap is used to perform host discovery, port scanning, service enumeration and OS identification.
- Matching nmap scripts are used for additional enumeration.
- Addition tools: enum4linux, smbclient, and ike-scan.
- Matching Metasploit auxiliary modules are also leveraged.
About WEB in discover
Insecure direct object reference
Using Burp, authenticate to a site, map & Spider, then log out.
Target > Site map > select the URL > right click > Copy URLs in this host.Paste the results into a new file.
Enter the location of your file:Open multiple tabs in Firefox
Open multiple tabs in Firefox with:
1. List2. Directories from robots.txt.3. Previous menu- Use a list containing IPs and/or URLs.
- Use wget to pull a domain's robot.txt file, then open all of the directories.
Nikto
Run multiple instances of Nikto in parallel.
1. List of IPs.2. List of IP:port.3. Previous menuSSL: Use sslscan and sslyze to check for SSL/TLS certificate issues.
Check for SSL certificate issues.
Enter the location of your list:About MISC in discover
Parse XML
Parse XML to CSV.
1. Burp (Base64)2. Nessus (.nessus)3. Nexpose (XML 2.0)4. Nmap5. Qualys6. revious menuGenerate a malicious payload
Malicious Payloads
1. android/meterpreter/reverse_tcp2. cmd/windows/reverse_powershell3. java/jsp_shell_reverse_tcp (Linux)4. java/jsp_shell_reverse_tcp (Windows)5. linux/x64/meterpreter_reverse_https6. linux/x64/meterpreter_reverse_tcp7. linux/x64/shell/reverse_tcp8. osx/x64/meterpreter_reverse_https9. osx/x64/meterpreter_reverse_tcp10. php/meterpreter/reverse_tcp11. python/meterpreter_reverse_https 12. python/meterpreter_reverse_tcp13. windows/x64/meterpreter_reverse_https14. windows/x64/meterpreter_reverse_tcp15. Previous menuStart a Metasploit listener
Metasploit Listeners
1. android/meterpreter/reverse_tcp2. cmd/windows/reverse_powershell3. java/jsp_shell_reverse_tcp4. linux/x64/meterpreter_reverse_https5. linux/x64/meterpreter_reverse_tcp6. linux/x64/shell/reverse_tcp7. osx/x64/meterpreter_reverse_https8. osx/x64/meterpreter_reverse_tcp9. php/meterpreter/reverse_tcp10. python/meterpreter_reverse_https11. python/meterpreter_reverse_tcp12. windows/x64/meterpreter_reverse_https13. windows/x64/meterpreter_reverse_tcp14. Previous menu
More information
- Hacking Tools For Windows Free Download
- Pentest Tools Find Subdomains
- Nsa Hacker Tools
- Hacker Tools Online
- Pentest Tools Port Scanner
- Hackrf Tools
- Hack Tools For Mac
- Hacker Tools Hardware
- Free Pentest Tools For Windows
- Hackrf Tools
- Hacking Tools And Software
- Hacking Tools 2020
- Underground Hacker Sites
- Hack App
- Pentest Tools Free
- Hack Rom Tools
- Game Hacking
- Hack And Tools
- Hacker Tools Linux
- Pentest Tools Alternative
- Pentest Tools Alternative
- Hacker Hardware Tools
- Hacking Tools Mac
- Growth Hacker Tools
- Hack Tools For Mac
- Hack Tools For Windows
- Pentest Tools List
- Hacker Tools Github
- Pentest Tools Url Fuzzer
- Pentest Recon Tools
- Game Hacking
- Hacking Tools Kit
- Hackrf Tools
- Pentest Tools Android
- Pentest Automation Tools
- Hacker Hardware Tools
- Physical Pentest Tools
- Hack Tools Pc
- Pentest Tools Url Fuzzer
- Growth Hacker Tools
- Hacking Tools For Windows
- Hacking Tools 2020
- Hack Tool Apk No Root
- Hacker Hardware Tools
- Tools 4 Hack
- Hacker Tools Free
- Pentest Tools Github
- Pentest Tools Windows
- Underground Hacker Sites
- Hacks And Tools
- World No 1 Hacker Software
- Hacking Tools For Windows
- Best Hacking Tools 2019
- Hack App
- Pentest Tools Online
- Hackrf Tools
- Pentest Tools Android
- Pentest Tools Subdomain
- Pentest Automation Tools
- Pentest Reporting Tools
- Blackhat Hacker Tools
- Pentest Tools For Windows
- Hacker Hardware Tools
- Top Pentest Tools
- Hack Tools For Pc
- Hacking Tools Windows
- Hack Tools For Ubuntu
- Hack Rom Tools
- Hacker Tools For Ios
- Tools For Hacker
- Pentest Tools Url Fuzzer
- Hacking Tools Kit
- Hack Tools For Pc
- Hacker Techniques Tools And Incident Handling
- Hack Tools Download
- Hack Apps
- Underground Hacker Sites
- Pentest Tools
- Pentest Tools Alternative
- Best Hacking Tools 2019
- Hackrf Tools
- Hacker Tool Kit
- Android Hack Tools Github
- Install Pentest Tools Ubuntu
- Hack Tools Online
- Hack Tools For Ubuntu
- Black Hat Hacker Tools
- Hacking Tools For Games
- Hacker Tools Apk Download
- Hacker Tools Mac
- Hacking Tools For Windows
- Wifi Hacker Tools For Windows
- Tools For Hacker
- Kik Hack Tools
- Beginner Hacker Tools
- Pentest Tools Apk
- Hack Tools Download
- Hacker Tools Software
- Pentest Tools Find Subdomains
- Hack Tools Github
- Hacker Tools Online
- World No 1 Hacker Software
- Hacker Tools Windows
- Hacker Tools Linux
- Pentest Tools Find Subdomains
- Hacking Tools For Windows Free Download
- Hack Tool Apk No Root
- Hacker Tools Linux
- Hacking Tools 2019
- Pentest Tools Subdomain
- Hacker Tools Apk Download
- Pentest Tools Alternative
- Hacking App
- Pentest Tools For Mac
- Hack Tools Online
- Easy Hack Tools
- Blackhat Hacker Tools
- Hacker Tools Github
- Growth Hacker Tools
- Hack Tools Download
- Hack Tools Online
- Github Hacking Tools
- Tools For Hacker
- Wifi Hacker Tools For Windows
- World No 1 Hacker Software
- Hacker Tools
- Pentest Reporting Tools
- Pentest Tools Windows
- New Hacker Tools
- Beginner Hacker Tools
- Hacking Tools For Games
- New Hack Tools
- Hacker Security Tools
- Pentest Tools Online
- Blackhat Hacker Tools
- Pentest Tools Github
- Hacking Tools Windows
- World No 1 Hacker Software
- Hack Tools Pc
- Android Hack Tools Github
- New Hacker Tools
- Pentest Tools Windows
- Hack Tools For Mac
- Hacker Tools For Pc
- Pentest Tools Website
- Pentest Tools
- Hacker Tools List
- Hack Tools Github
- Hacker Tools For Ios
- Hacking Tools For Windows 7
- Nsa Hack Tools
- Hack Tool Apk No Root
- What Is Hacking Tools
- Usb Pentest Tools
- Physical Pentest Tools
No comments:
Post a Comment