I am very new to Linux, Offensive and Defensive security and as such, I've been learning a lot about Python, bash and scripting in general. I'm also finding a lot of repetitive tasks, especially in the enumeration space which may be able to be automated a little. I made these not just to perhaps save a little time (which I know it won't save all that much) but more to practice scripting, I'm going to use this article to list them out and tweak them as I go, as well as keep an ongoing list of sites/tools that I have found online which have helped so far:
Add site to Hosts File:
#!/bin/bash
# Prompt the user for an IP address
read -p "Enter the IP address: " ip_address
# Prompt the user for a name
read -p "Enter the name: " name
# Validate that the IP address is not empty
if [ -z "$ip_address" ]; then
echo "Error: IP address cannot be empty."
exit 1
fi
# Validate that the name is not empty
if [ -z "$name" ]; then
echo "Error: Name cannot be empty."
exit 1
fi
# Add the entry to the hosts file
echo "$ip_address $name" | sudo tee -a /etc/hosts > /dev/null
echo "Entry added to /etc/hosts:"
echo "$ip_address $name"
nmap enumeration:
#!/bin/bash
echo "Enter the target IP address: "
read target
echo "Choose the switches to use for the scan: "
echo "1. Enumerate open ports and services"
echo "2. Vulnerability scan"
echo "3. Enumerate open ports, services and vulnerability scan"
read option
# Perform the scan based on the user's choice
if [ $option -eq 1 ]; then
nmap -sC -sV $target
elif [ $option -eq 2 ]; then
nmap --script vuln $target
else
nmap -sV --script vuln $target
fi
gobuster enumeration:
#!/bin/bash
echo "Enter the target IP address: "
read target
# Start gobuster scan with common wordlist
gobuster dir -u http://$target -w /usr/share/wordlists/dirb/common.txt -t 100 -o scan_output.txt
# Extract useful information
echo -e "\n[*] Directories found:"
cat scan_output.txt | grep "Status: 200" | awk '{print $1}'
echo -e "\n[*] Possible virtual hosts found:"
cat scan_output.txt | grep "Status: 301" | awk '{print $1}'
echo -e "\n[*] Possible domain enumeration: "
cat scan_output.txt | grep "Status: 301" | awk '{print $2}' | awk -F'/' '{print $3}'
# Clean up the output file
rm scan_output.txt