From 39a0d73c26785ec4f28997e65dde9ccb38a3c045 Mon Sep 17 00:00:00 2001 From: daniel Date: Mon, 13 Jan 2025 22:05:56 +0000 Subject: [PATCH] Update README.md --- README.md | 106 +++++++++++++++++++++++++++++++----------------------- 1 file changed, 61 insertions(+), 45 deletions(-) diff --git a/README.md b/README.md index d9b76e9..d6b675f 100644 --- a/README.md +++ b/README.md @@ -1,50 +1,66 @@ -## JupiterOne Query to Find a list of all external IP Addresses -``` -FIND aws_eip -``` -Download the above as a json file and run the following command to get a complete list of all external IP addresses and export them to a text file. +# External Pentest Script -```bash -jq '.data[].entity.publicIpAddress // .data[].properties.publicIpAddress' *.json | grep -v 2600 | cut -d '"' -f 2 >> external_ips.txt -``` +This script automates penetration testing against a list of external IP addresses. -## Script Execution Instructions +## Prerequisites -1. -Because of How long this script will take to run it is **HIGHLY** recommended to run this in a tmux session in case the connection gets killed so it will keep running in the background. -```bash -tmux new -s pentest -``` -2. -```bash -git clone {placeholder for git address} -``` -3. -Move the `external_ips.txt` file into the directory greated from the git clone. -```bash -mv external_ips.txt external_pentest/ -``` -4. -Change Directories -```bash -cd external_pentest -``` -5. -```bash -chmod +x external_pentest.sh -``` -6. -```bash -sudo ./external_pentest.sh external_ips.txt -``` -or -```bash -sudo bash external_pentest.sh external_ips.txt -``` +* **JupiterOne:** Access to JupiterOne with permissions to query for AWS EIPs. +* **jq:** Command-line JSON processor. +* **tmux:** Terminal multiplexer (highly recommended). -All of the raw files are retained from this script in the relevant folders, please tar these up and save them in google drive for reference later if needed. -```bash -tar -jcvf name.tar.bz2 folder_to_be_compressed -``` +## Workflow -Finally, the results are going to be automatically put into a PDF for easy consumption a quick review. \ No newline at end of file +1. **Obtain External IP Addresses** + * Run the following query in JupiterOne: + ```jupiterone + FIND aws_eip + ``` + * Download the results as a JSON file (e.g., `eips.json`). + * Extract the IP addresses: + ```bash + jq '.data[].entity.publicIpAddress // .data[].properties.publicIpAddress' *.json | grep -v 2600 | cut -d '"' -f 2 > external_ips.txt + ``` + +2. **Clone the Repository** + ```bash + git clone {your_git_repository_address} + ``` + +3. **Prepare the Script** + * Move `external_ips.txt` into the cloned repository directory: + ```bash + mv external_ips.txt external_pentest/ + ``` + * Navigate to the script directory: + ```bash + cd external_pentest + ``` + * Make the script executable: + ```bash + chmod +x external_pentest.sh + ``` + +4. **Run the Script** + * **Recommended:** Use `tmux` to prevent interruptions: + ```bash + tmux new -s pentest + sudo ./external_pentest.sh external_ips.txt + ``` + * Alternatively: + ```bash + sudo bash external_pentest.sh external_ips.txt + ``` + +5. **Archive Raw Data** + * Compress the raw output files (found in the relevant subfolders) for future reference: + ```bash + tar -jcvf pentest_results.tar.bz2 {folder_name} + ``` + (Replace `{folder_name}` with the actual folder name.) + +## Output + +The script generates a PDF report (`pentest_report.pdf`) containing the penetration testing results. + + +**Note:** This README assumes basic familiarity with Linux command-line operations. \ No newline at end of file