Discover: A Custom Bash Scripts Used To Perform Pentesting Tasks With Metasploit

About discover: discover is a custom bash scripts used to automate various penetration testing tasks including recon, scanning, parsing, and creating malicious payloads and listeners with Metasploit Framework. For use with Kali Linux, Parrot Security OS and the Penetration Testers Framework (PTF).

About authors:

• Lee Baird: @discoverscripts
• Jay "L1ghtn1ng" Townsend: @jay_townsend1
• Jason Ashton: @ninewires

discover Installation and Updating

About RECON in discover
   Domain

RECON

1. Passive
2. Active
3. Import names into an existing recon-ng workspace
4. Previous menu

   Passive uses ARIN, dnsrecon, goofile, goog-mail, goohost, theHarvester, Metasploit Framework, URLCrazy, Whois, multiple websites, and recon-ng.

   Active uses dnsrecon, WAF00W, traceroute, Whatweb, and recon-ng.
   [*] Acquire API keys for Bing, Builtwith, Fullcontact, GitHub, Google, Hashes, Hunter, SecurityTrails, and Shodan for maximum results with recon-ng and theHarvester.

API key locations:

recon-ng
   show keys
   keys add bing_api <value>

theHarvester
   /opt/theHarvester/api-keys.yaml

   Person: Combines info from multiple websites.

RECON

First name:
Last name:

   Parse salesforce: Gather names and positions into a clean list.

Create a free account at salesforce (https://connect.data.com/login).
Perform a search on your target company > select the company name > see all.
Copy the results into a new file.

Enter the location of your list:

About SCANNING in discover
   Generate target list: Use different tools to create a target list including Angry IP Scanner, arp-scan, netdiscover and nmap pingsweep.

SCANNING

1. Local area network
2. NetBIOS
3. netdiscover
4. Ping sweep
5. Previous menu


   CIDR, List, IP, Range, or URL

Type of scan:

1. External
2. Internal
3. Previous menu

• External scan will set the nmap source port to 53 and the max-rrt-timeout to 1500ms.
• Internal scan will set the nmap source port to 88 and the max-rrt-timeout to 500ms.
• Nmap is used to perform host discovery, port scanning, service enumeration and OS identification.
• Matching nmap scripts are used for additional enumeration.
• Addition tools: enum4linux, smbclient, and ike-scan.
• Matching Metasploit auxiliary modules are also leveraged.

About WEB in discover
   Insecure direct object reference

Using Burp, authenticate to a site, map & Spider, then log out.
Target > Site map > select the URL > right click > Copy URLs in this host.
Paste the results into a new file.


Enter the location of your file:

   Open multiple tabs in Firefox

Open multiple tabs in Firefox with:

1. List
2. Directories from robots.txt.
3. Previous menu

• Use a list containing IPs and/or URLs.
• Use wget to pull a domain's robot.txt file, then open all of the directories.

   Nikto

Run multiple instances of Nikto in parallel.

1. List of IPs.
2. List of IP:port.
3. Previous menu

   SSL: Use sslscan and sslyze to check for SSL/TLS certificate issues.

Check for SSL certificate issues.

Enter the location of your list:

About MISC in discover
   Parse XML

Parse XML to CSV.

1. Burp (Base64)
2. Nessus (.nessus)
3. Nexpose (XML 2.0)
4. Nmap
5. Qualys
6. revious menu

   Generate a malicious payload

Malicious Payloads

1. android/meterpreter/reverse_tcp
2. cmd/windows/reverse_powershell
3. java/jsp_shell_reverse_tcp (Linux)
4. java/jsp_shell_reverse_tcp (Windows)
5. linux/x64/meterpreter_reverse_https
6. linux/x64/meterpreter_reverse_tcp
7. linux/x64/shell/reverse_tcp
8. osx/x64/meterpreter_reverse_https
9. osx/x64/meterpreter_reverse_tcp
10. php/meterpreter/reverse_tcp
11. python/meterpreter_reverse_https 12. python/meterpreter_reverse_tcp
13. windows/x64/meterpreter_reverse_https
14. windows/x64/meterpreter_reverse_tcp
15. Previous menu

   Start a Metasploit listener

Metasploit Listeners

1. android/meterpreter/reverse_tcp
2. cmd/windows/reverse_powershell
3. java/jsp_shell_reverse_tcp
4. linux/x64/meterpreter_reverse_https
5. linux/x64/meterpreter_reverse_tcp
6. linux/x64/shell/reverse_tcp
7. osx/x64/meterpreter_reverse_https
8. osx/x64/meterpreter_reverse_tcp
9. php/meterpreter/reverse_tcp
10. python/meterpreter_reverse_https
11. python/meterpreter_reverse_tcp
12. windows/x64/meterpreter_reverse_https
13. windows/x64/meterpreter_reverse_tcp
14. Previous menu



Download discover

Related news

1. Pentest Automation Tools
2. Hacker Tools For Ios
3. Android Hack Tools Github
4. Hackers Toolbox
5. Hackers Toolbox
6. Android Hack Tools Github
7. Hacking Tools For Games
8. How To Make Hacking Tools
9. Hack App
10. Hack Tools For Pc
11. Hacking Tools Online
12. Tools For Hacker
13. Pentest Tools List
14. What Are Hacking Tools
15. Pentest Tools Kali Linux
16. Termux Hacking Tools 2019
17. Hacker Tools For Windows
18. Hacking Tools For Pc
19. Hack Tools Online
20. Hacker Tools 2020
21. Hacking Tools Pc
22. Hack Tools For Mac
23. Hack Tools 2019
24. Best Hacking Tools 2020
25. Pentest Tools Apk
26. Hack Tools Online
27. Pentest Reporting Tools
28. Pentest Tools
29. Pentest Box Tools Download
30. Hacking Tools
31. Nsa Hack Tools Download
32. Hacker Tools Windows
33. Pentest Tools Linux
34. Best Hacking Tools 2020
35. Hacker Tools Free Download
36. Hack Tools Online
37. Hacker Tools For Mac
38. Pentest Tools Website
39. How To Hack
40. Hacking Tools And Software
41. Hacker Tools
42. Hacker Tools 2019
43. Pentest Tools Free
44. Hacker Hardware Tools
45. Hacker Tools Free Download
46. Pentest Tools Website Vulnerability
47. Hack Tools Download
48. How To Hack
49. Hacking Tools Pc
50. Pentest Tools Android
51. Kik Hack Tools
52. Hack Tools For Mac
53. Hack Tools Github
54. Hack Tools
55. Hak5 Tools
56. Pentest Box Tools Download
57. Hacking Tools Software
58. Hacker Tools Free Download
59. Hacker Tools For Windows
60. Hack Tools For Windows
61. Pentest Tools Website Vulnerability
62. Nsa Hack Tools Download
63. Pentest Tools Port Scanner
64. Hacker Tools For Ios
65. Blackhat Hacker Tools
66. Pentest Tools Linux
67. Pentest Tools Free
68. Hacking Tools Github
69. Ethical Hacker Tools
70. Hack Tools
71. Pentest Tools Website
72. Hacker
73. Hacker Security Tools
74. Pentest Tools For Mac
75. Hack Tools For Games
76. Easy Hack Tools
77. Black Hat Hacker Tools
78. Best Hacking Tools 2019
79. Black Hat Hacker Tools
80. Hacker Tools For Pc
81. Pentest Tools Website Vulnerability
82. Hackrf Tools
83. Hack Tool Apk
84. Hackers Toolbox
85. Pentest Tools Subdomain
86. Hacking Tools For Kali Linux
87. Hacker Tools Software
88. Hack Rom Tools
89. Hacking Tools Windows 10
90. Hacking Tools Usb
91. Hacker Tools For Windows
92. Hacker Tools Free Download
93. Hacker Tools For Mac
94. Hacking App
95. Blackhat Hacker Tools
96. Pentest Tools For Android
97. Pentest Tools For Ubuntu
98. Ethical Hacker Tools
99. Black Hat Hacker Tools
100. Pentest Tools List
101. Tools 4 Hack
102. Hacking Tools For Windows
103. Pentest Tools Alternative
104. Hacking Tools For Mac
105. Pentest Tools Website
106. Hacking App
107. Pentest Tools For Mac
108. Hacker Tools 2020
109. Pentest Tools Bluekeep
110. How To Hack
111. Kik Hack Tools
112. Hacker Tools Apk
113. Pentest Tools Github
114. Hack Rom Tools
115. Tools Used For Hacking
116. New Hack Tools
117. Install Pentest Tools Ubuntu
118. Hacking App
119. What Are Hacking Tools
120. Hacking Tools Online
121. Hacker Tools Linux
122. Pentest Tools Github
123. Pentest Tools Bluekeep
124. Hacking Tools Pc
125. Pentest Tools Android
126. Computer Hacker
127. Pentest Tools Website Vulnerability
128. Github Hacking Tools
129. Hack Tools
130. Nsa Hack Tools
131. Tools Used For Hacking
132. Free Pentest Tools For Windows
133. Hacker Security Tools
134. Hacking Tools Name
135. Pentest Tools Kali Linux
136. Ethical Hacker Tools
137. Free Pentest Tools For Windows
138. Hacking Tools Github
139. Hacking Tools Mac
140. Hack Apps
141. Hack Tool Apk No Root
142. Hackers Toolbox
143. Nsa Hacker Tools
144. Hacking Tools Online
145. Hacking Apps
146. Blackhat Hacker Tools