A script that does all the initial enumeration for you.
- Add IP and domain to hosts file
- Create an organised directory structure
- Run a portscan with nmap's python3-nmap
- A web directory scan if port 80 or 8080 is open with Wfuzz
This script requires the following python3 modules:
- python3-nmap
- pprint
An optional feature of this script is termdown - the countdown feature. This is a visual countdown timer. Install:
pip install termdown
Github repo:
The script must be run as root to modify the hosts file.
sudo doenum.py -h
usage: doenum.py [-h] -t TARGET -d DIRECTORY -n NAME [-u USER]
Enumerate a host.
optional arguments:
-h, --help show this help message and exit
-t TARGET, --target TARGET
IP address of the host you want to enumerate
-d DIRECTORY, --directory DIRECTORY
Specify the parent directory. "-d tryhackme" will
enter ~/tryhackme/ and create a directory structure
there.
-n NAME, --name NAME The name of the host. This will be the child directory
created and will be added to /etc/hosts
-u USER, --user USER Set your current user. If not set, it will take the
user out of the absolute path (/home/user/..). User
will be root if script is confused.
sudo doenum.py -t TARGET -d DIRECTORY -n NAME -u USER
The script will create a directory for the specified /directory/name.
Example:
sudo enumerate.py -i 10.10.10.10 -d /home/user/hackthebox -n boxname -u user
The directory structure:
/home/user/hackthebox/boxname
├── nmap
│ └── nmap.out
└── wfuzz
└── wfuzz.out:80
└── wfuzz.out:8080