Interlace - Easily Plough Unmarried Threaded Ascendence Describe Of Piece Of Job Applications Into Fast, Multi Threaded Ones Amongst Cidr As Well As Glob Support
Easily plough unmarried threaded command line applications into fast, multi threaded application amongst CIDR in addition to glob support.
Setup
Install using:
$ python3 setup.py installinterlace.Usage
| Argument | Description |
|---|---|
| -t | Specify a target or domain refer either inward comma format, CIDR notation, or equally an private host. |
| -tL | Specify a listing of targets or domain names |
| -threads | Specify the maximum release of threads to run at whatsoever 1 fourth dimension (DEFAULT:5) |
| -timeout | Specify a timeout value inward seconds for whatsoever 1 thread (DEFAULT:600) |
| -c | Specify a unmarried ascendency to execute over each target or domain |
| -cL | Specify a listing of commands to execute over each target or domain |
| -o | Specify an output folder variable that tin move hold upwards used inward commands equally _output_ |
| -p | Specify a listing of port variable that tin move hold upwards used inward commands equally _port_. This tin move hold upwards a unmarried port, a comma delimited list, or exercise dash notation |
| -rp | Specify a existent port variable that tin move hold upwards used inward commands equally _realport_ |
| --no-cidr | If ready in addition to thence CIDR musical note inward a target file volition non hold upwards automatically hold upwards expanded into private hosts. |
| --no-color | If ready in addition to thence whatsoever foreground or background colours volition hold upwards stripped out |
| --silent | If ready in addition to thence solely of import information volition hold upwards displayed in addition to banners in addition to other information volition hold upwards redacted. |
| -v | If ready in addition to thence verbose output volition hold upwards displayed inward the terminal |
Further information regarding ports (-p)
| Example | Notation Type |
|---|---|
| 80 | Single port |
| 1-80 | Dash notation, perform a ascendency for each port from 1-80 |
| 80,443 | Perform a ascendency for both port 80, in addition to port 443 |
Further information regarding targets (-t or -tL)
Both
-t in addition to -tL volition hold upwards processed the same. You tin move move yesteryear targets the same equally y'all would when using nmap. This tin move hold upwards done using CIDR notation, dash notation, or a comma delimited listing of targets. Influenza A virus subtype H5N1 unmarried target listing file tin move besides exercise dissimilar musical note types per line.Variable Replacements
The next varaibles volition hold upwards replaced inward commands at runtime:
| Variable | Replacement |
|---|---|
| _target_ | Replaced amongst the expanded target listing that the electrical flow thread is running against |
| _host_ | Works the same equally _target_, tin move hold upwards used interchangably. |
| _output_ | Replaced amongst the output folder variable from interlace |
| _port_ | Replaced amongst the expanded port variable from interlace |
| _realport_ | Replaced amongst the existent port variable from interlace |
Usage Examples
Run Nikto Over Multiple Sites
Let's assume that y'all had a file
targets.txt that had the next contents:bugcrowd.com hackerone.com➜ /tmp interlace -tL ./targets.txt -threads five -c "nikto --host _target_ > ./_target_-nikto.txt" -v ============================================== Interlace v1.0 yesteryear Michael Skelton (@codingo_) ============================================== [14:33:23] [THREAD] [nikto --host hackerone.com > ./hackerone.com-nikto.txt] Added to Queue [14:33:23] [THREAD] [nikto --host bugcrowd.com > ./bugcrowd.com-nikto.txt] Added to Queue > operator thence results won't hold upwards fed dorsum to the terminal, nonetheless this is desired functionality equally otherwise nosotros wouldn't hold upwards able to attribute which target Nikto results were returning for.For applications where y'all wishing feedback but move yesteryear commands equally y'all usually would (or exercise
tee).Run Nikto Over Multiple Sites in addition to Ports
Using the inward a higher house example, let's assume y'all wishing independant scans to hold upwards run for both ports
80 in addition to 443 for the same targets. You would in addition to thence exercise the following:➜ /tmp interlace -tL ./targets.txt -threads five -c "nikto --host _target_:_port_ > ./_target_-_port_-nikto.txt" -p 80,443 -v ============================================== Interlace v1.0 yesteryear Michael Skelton (@codingo_) ============================================== [14:33:23] [THREAD] [nikto --host hackerone.com:80 > ./hackerone.com-nikto.txt] Added to Queue [14:33:23] [THREAD] [nikto --host bugcrowd.com:80 > ./hackerone.com-nikto.txt] Added to Queue [14:33:23] [THREAD] [nikto --host bugcrowd.com:443 > ./bugcrowd.com-nikto.txt] Added to Queue [14:33:23] [THREAD] [nikto --host hackerone.com:443 > ./hackerone.com-nikto.txt] Added to Queue Run a List of Commands against Target Hosts
Often amongst penetration tests there's a listing of commands y'all wishing to run on near every job. Assuming that listing includes testssl.sh, nikto, in addition to sslscan, y'all could relieve a ascendency listing amongst the next inward a file called
commands.txt:nikto --host _target_:_port_ > _output_/_target_-nikto.txt sslscan _target_:_port_ > _output_/_target_-sslscan.txt testssl.sh _target_:_port_ > _output_/_target_-testssl.txtexample.com y'all could run each of these commands against this target using the following:interlace -t example.com -o /Engagements/example/ -cL ./commands.txt -p 80,443CIDR musical note amongst an application that doesn't back upwards it
Interlace automatically expands CIDR musical note when starting threads (unless the --no-cidr flag is passed). This allows y'all to move yesteryear CIDR musical note to a diverseness of applications:
To run a virtual host scan against every target inside 192.168.12.0/24 using a at 1 time ascendency y'all could use:
interlace -t 192.168.12.0/24 -c "vhostscan _target_ -oN _output_/_target_-vhosts.txt" -o /scans/ -threads 50Glob musical note amongst an application that doesn't back upwards it
Interlace automatically expands glob ranges when starting threads. This allows y'all to move yesteryear glob ranges to a diverseness of applications:
To run a virtual host scan against every target inside 192.168.12.* using a at 1 time ascendency y'all could use:
interlace -t 192.168.12.* -c "vhostscan _target_ -oN _output_/_target_-vhosts.txt" -o /scans/ -threads 50Threading Support for an application that doesn't back upwards it
Run a virtual host scan against each host inward a file (target-lst.txt), whilst besides limiting scans at whatsoever 1 fourth dimension to l maximum threads.
This could hold upwards done using a at 1 time command:
interlace -tL ./target-list.txt -c "vhostscan -t _target_ -oN _output_/_target_-vhosts.txt" -o /scans/ -threads 50interlace -cL ./vhosts-commands.txt -tL ./target-list.txt -threads l -o /scansvhostscan -t $target -oN _output_/_target_-vhosts.txtAuhors in addition to Thanks
Originally written yesteryear Michael Skelton (codingo) in addition to Sajeeb Lohani (sml555) amongst attention from Charelle Collett (@Charcol0x89) for threading refactoring in addition to overall appraoch, in addition to Luke Stephens (hakluke) for testing in addition to approach.
