Update README.md
This commit is contained in:
66
README.md
66
README.md
@@ -1,50 +1,66 @@
|
||||
## JupiterOne Query to Find a list of all external IP Addresses
|
||||
```
|
||||
# External Pentest Script
|
||||
|
||||
This script automates penetration testing against a list of external IP addresses.
|
||||
|
||||
## Prerequisites
|
||||
|
||||
* **JupiterOne:** Access to JupiterOne with permissions to query for AWS EIPs.
|
||||
* **jq:** Command-line JSON processor.
|
||||
* **tmux:** Terminal multiplexer (highly recommended).
|
||||
|
||||
## Workflow
|
||||
|
||||
1. **Obtain External IP Addresses**
|
||||
* Run the following query in JupiterOne:
|
||||
```jupiterone
|
||||
FIND aws_eip
|
||||
```
|
||||
Download the above as a json file and run the following command to get a complete list of all external IP addresses and export them to a text file.
|
||||
|
||||
* Download the results as a JSON file (e.g., `eips.json`).
|
||||
* Extract the IP addresses:
|
||||
```bash
|
||||
jq '.data[].entity.publicIpAddress // .data[].properties.publicIpAddress' *.json | grep -v 2600 | cut -d '"' -f 2 >> external_ips.txt
|
||||
jq '.data[].entity.publicIpAddress // .data[].properties.publicIpAddress' *.json | grep -v 2600 | cut -d '"' -f 2 > external_ips.txt
|
||||
```
|
||||
|
||||
## Script Execution Instructions
|
||||
2. **Clone the Repository**
|
||||
```bash
|
||||
git clone {your_git_repository_address}
|
||||
```
|
||||
|
||||
1.
|
||||
Because of How long this script will take to run it is **HIGHLY** recommended to run this in a tmux session in case the connection gets killed so it will keep running in the background.
|
||||
```bash
|
||||
tmux new -s pentest
|
||||
```
|
||||
2.
|
||||
```bash
|
||||
git clone {placeholder for git address}
|
||||
```
|
||||
3.
|
||||
Move the `external_ips.txt` file into the directory greated from the git clone.
|
||||
3. **Prepare the Script**
|
||||
* Move `external_ips.txt` into the cloned repository directory:
|
||||
```bash
|
||||
mv external_ips.txt external_pentest/
|
||||
```
|
||||
4.
|
||||
Change Directories
|
||||
* Navigate to the script directory:
|
||||
```bash
|
||||
cd external_pentest
|
||||
```
|
||||
5.
|
||||
* Make the script executable:
|
||||
```bash
|
||||
chmod +x external_pentest.sh
|
||||
```
|
||||
6.
|
||||
|
||||
4. **Run the Script**
|
||||
* **Recommended:** Use `tmux` to prevent interruptions:
|
||||
```bash
|
||||
tmux new -s pentest
|
||||
sudo ./external_pentest.sh external_ips.txt
|
||||
```
|
||||
or
|
||||
* Alternatively:
|
||||
```bash
|
||||
sudo bash external_pentest.sh external_ips.txt
|
||||
```
|
||||
|
||||
All of the raw files are retained from this script in the relevant folders, please tar these up and save them in google drive for reference later if needed.
|
||||
5. **Archive Raw Data**
|
||||
* Compress the raw output files (found in the relevant subfolders) for future reference:
|
||||
```bash
|
||||
tar -jcvf name.tar.bz2 folder_to_be_compressed
|
||||
tar -jcvf pentest_results.tar.bz2 {folder_name}
|
||||
```
|
||||
(Replace `{folder_name}` with the actual folder name.)
|
||||
|
||||
Finally, the results are going to be automatically put into a PDF for easy consumption a quick review.
|
||||
## Output
|
||||
|
||||
The script generates a PDF report (`pentest_report.pdf`) containing the penetration testing results.
|
||||
|
||||
|
||||
**Note:** This README assumes basic familiarity with Linux command-line operations.
|
||||
Reference in New Issue
Block a user