Update README.md

README.md

@@ -1,50 +1,66 @@
-## JupiterOne Query to Find a list of all external IP Addresses
-```
-FIND aws_eip
-```
-Download the above as a json file and run the following command to get a complete list of all external IP addresses and export them to a text file. 
+# External Pentest Script
 
-```bash
-jq '.data[].entity.publicIpAddress // .data[].properties.publicIpAddress' *.json | grep -v 2600 | cut -d '"' -f 2 >> external_ips.txt
-```
+This script automates penetration testing against a list of external IP addresses.
 
-## Script Execution Instructions
+## Prerequisites
 
-1. 
-Because of How long this script will take to run it is **HIGHLY** recommended to run this in a tmux session in case the connection gets killed so it will keep running in the background.
-```bash
-tmux new -s pentest
-```
-2.
-```bash
-git clone {placeholder for git address}
-```
-3. 
-Move the `external_ips.txt` file into the directory greated from the git clone.
-```bash
-mv external_ips.txt external_pentest/
-```
-4.
-Change Directories
-```bash
-cd external_pentest
-```
-5.
-```bash
-chmod +x external_pentest.sh
-```
-6.
-```bash
-sudo ./external_pentest.sh external_ips.txt
-```
-or
-```bash
-sudo bash external_pentest.sh external_ips.txt
-```
+* **JupiterOne:**  Access to JupiterOne with permissions to query for AWS EIPs.
+* **jq:** Command-line JSON processor.
+* **tmux:** Terminal multiplexer (highly recommended).
 
-All of the raw files are retained from this script in the relevant folders, please tar these up and save them in google drive for reference later if needed.
-```bash
-tar -jcvf name.tar.bz2 folder_to_be_compressed
-```
+## Workflow
 
-Finally, the results are going to be automatically put into a PDF for easy consumption a quick review.
+1. **Obtain External IP Addresses**
+    * Run the following query in JupiterOne:
+      ```jupiterone
+      FIND aws_eip
+      ```
+    * Download the results as a JSON file (e.g., `eips.json`).
+    * Extract the IP addresses:
+      ```bash
+      jq '.data[].entity.publicIpAddress // .data[].properties.publicIpAddress' *.json | grep -v 2600 | cut -d '"' -f 2 > external_ips.txt
+      ```
+
+2. **Clone the Repository**
+    ```bash
+    git clone {your_git_repository_address} 
+    ```
+
+3. **Prepare the Script**
+    * Move `external_ips.txt` into the cloned repository directory:
+      ```bash
+      mv external_ips.txt external_pentest/
+      ```
+    * Navigate to the script directory:
+      ```bash
+      cd external_pentest
+      ```
+    * Make the script executable:
+      ```bash
+      chmod +x external_pentest.sh
+      ```
+
+4. **Run the Script**
+    * **Recommended:** Use `tmux` to prevent interruptions:
+      ```bash
+      tmux new -s pentest
+      sudo ./external_pentest.sh external_ips.txt
+      ```
+    * Alternatively:
+      ```bash
+      sudo bash external_pentest.sh external_ips.txt
+      ```
+
+5. **Archive Raw Data**
+    *  Compress the raw output files (found in the relevant subfolders) for future reference:
+       ```bash
+       tar -jcvf pentest_results.tar.bz2 {folder_name} 
+       ```
+       (Replace `{folder_name}` with the actual folder name.)
+
+## Output
+
+The script generates a PDF report (`pentest_report.pdf`) containing the penetration testing results.
+
+
+**Note:** This README assumes basic familiarity with Linux command-line operations.