External Pentest Script
This script automates penetration testing against a list of external IP addresses.
Prerequisites
- JupiterOne: Access to JupiterOne with permissions to query for AWS EIPs.
- jq: Command-line JSON processor.
- tmux: Terminal multiplexer (highly recommended).
Workflow
-
Obtain External IP Addresses
- Run the following query in JupiterOne:
FIND aws_eip - Download the results as a JSON file (e.g.,
eips.json). - Extract the IP addresses:
jq '.data[].entity.publicIpAddress // .data[].properties.publicIpAddress' *.json | grep -v 2600 | cut -d '"' -f 2 > external_ips.txt
- Run the following query in JupiterOne:
-
Clone the Repository
git clone {your_git_repository_address} -
Prepare the Script
- Move
external_ips.txtinto the cloned repository directory:mv external_ips.txt external_pentest/ - Navigate to the script directory:
cd external_pentest - Make the script executable:
chmod +x external_pentest.sh
- Move
-
Run the Script
- Recommended: Use
tmuxto prevent interruptions:tmux new -s pentest sudo ./external_pentest.sh external_ips.txt - Alternatively:
sudo bash external_pentest.sh external_ips.txt
- Recommended: Use
-
Archive Raw Data
- Compress the raw output files (found in the relevant subfolders) for future reference:
(Replace
tar -jcvf pentest_results.tar.bz2 {folder_name}{folder_name}with the actual folder name.)
- Compress the raw output files (found in the relevant subfolders) for future reference:
Output
The script generates a PDF report (pentest_report.pdf) containing the penetration testing results.
Note: This README assumes basic familiarity with Linux command-line operations.