# External Pentest Script

This script automates penetration testing against a list of external IP addresses.

## Prerequisites

* **JupiterOne:**  Access to JupiterOne with permissions to query for AWS EIPs.
* **jq:** Command-line JSON processor.
* **tmux:** Terminal multiplexer (highly recommended).

## Workflow

1. **Obtain External IP Addresses**
    * Run the following query in JupiterOne:
      ```jupiterone
      FIND aws_eip
      ```
    * Download the results as a JSON file (e.g., `eips.json`).
    * Extract the IP addresses:
      ```bash
      jq '.data[].entity.publicIpAddress // .data[].properties.publicIpAddress' *.json | grep -v 2600 | cut -d '"' -f 2 > external_ips.txt
      ```

2. **Clone the Repository**
    ```bash
    git clone {your_git_repository_address} 
    ```

3. **Prepare the Script**
    * Move `external_ips.txt` into the cloned repository directory:
      ```bash
      mv external_ips.txt external_pentest/
      ```
    * Navigate to the script directory:
      ```bash
      cd external_pentest
      ```
    * Make the script executable:
      ```bash
      chmod +x external_pentest.sh
      ```

4. **Run the Script**
    * **Recommended:** Use `tmux` to prevent interruptions:
      ```bash
      tmux new -s pentest
      sudo ./external_pentest.sh external_ips.txt
      ```
    * Alternatively:
      ```bash
      sudo bash external_pentest.sh external_ips.txt
      ```

5. **Archive Raw Data**
    *  Compress the raw output files (found in the relevant subfolders) for future reference:
       ```bash
       tar -jcvf pentest_results.tar.bz2 {folder_name} 
       ```
       (Replace `{folder_name}` with the actual folder name.)

## Output

The script generates a PDF report (`pentest_report.pdf`) containing the penetration testing results.


**Note:** This README assumes basic familiarity with Linux command-line operations.