Hello,
2 years ago I created this Bash script for my own (professional) needs:
I was looking for a way to quickly and efficiently identify all the ports available on different remote sites connected to the Internet. And I wanted to make sure, at the same time, there was no host that exposed a service with known vulnerabilities (CVE).
Maybe it could help someone on this forum ? and it’s fully compatible with Pwnbox from HTB.
Script strength
- Automatic installation of all the prerequisites (Debian OS family)
- 2 modes: automatic and Interactive
- Interactive mode: ports to scan, rate level and nmap script
- Extremely fast identification of open TCP/UDP ports (masscan)
- The output is sorted to gather all ports to be scanned by host
- Identification of services and vulnerabilities (nmap + vulners.nse)
- Multiple sessions in parallel, one session per host
- 2 generated reports: a global HTML and a TXT (vulnerable hosts)
- Detects if you are using multiple network interfaces
- Compatible with IPs and hostnames (input file)
- Possibility to exclude some hosts
- Possibility to combine several arguments
- …
Do not hesitate to contact me if you have any questions or if you notice any problems with the script, improvements etc …
David