66 lines
1.8 KiB
Markdown
66 lines
1.8 KiB
Markdown
# External Pentest Script
|
|
|
|
This script automates penetration testing against a list of external IP addresses.
|
|
|
|
## Prerequisites
|
|
|
|
* **JupiterOne:** Access to JupiterOne with permissions to query for AWS EIPs.
|
|
* **jq:** Command-line JSON processor.
|
|
* **tmux:** Terminal multiplexer (highly recommended).
|
|
|
|
## Workflow
|
|
|
|
1. **Obtain External IP Addresses**
|
|
* Run the following query in JupiterOne:
|
|
```jupiterone
|
|
FIND aws_eip
|
|
```
|
|
* Download the results as a JSON file (e.g., `eips.json`).
|
|
* Extract the IP addresses:
|
|
```bash
|
|
jq '.data[].entity.publicIpAddress // .data[].properties.publicIpAddress' *.json | grep -v 2600 | cut -d '"' -f 2 > external_ips.txt
|
|
```
|
|
|
|
2. **Clone the Repository**
|
|
```bash
|
|
git clone {your_git_repository_address}
|
|
```
|
|
|
|
3. **Prepare the Script**
|
|
* Move `external_ips.txt` into the cloned repository directory:
|
|
```bash
|
|
mv external_ips.txt external_pentest/
|
|
```
|
|
* Navigate to the script directory:
|
|
```bash
|
|
cd external_pentest
|
|
```
|
|
* Make the script executable:
|
|
```bash
|
|
chmod +x external_pentest.sh
|
|
```
|
|
|
|
4. **Run the Script**
|
|
* **Recommended:** Use `tmux` to prevent interruptions:
|
|
```bash
|
|
tmux new -s pentest
|
|
sudo ./external_pentest.sh external_ips.txt
|
|
```
|
|
* Alternatively:
|
|
```bash
|
|
sudo bash external_pentest.sh external_ips.txt
|
|
```
|
|
|
|
5. **Archive Raw Data**
|
|
* Compress the raw output files (found in the relevant subfolders) for future reference:
|
|
```bash
|
|
tar -jcvf pentest_results.tar.bz2 {folder_name}
|
|
```
|
|
(Replace `{folder_name}` with the actual folder name.)
|
|
|
|
## Output
|
|
|
|
The script generates a PDF report (`pentest_report.pdf`) containing the penetration testing results.
|
|
|
|
|
|
**Note:** This README assumes basic familiarity with Linux command-line operations. |