Trigmap - A Wrapper For Nmap To Automate The Pentest
Trigmap is a wrapper for Nmap. You tin sack purpose it to easily start Nmap scan in addition to especially to collect informations into a good organized directory hierarchy. The purpose of Nmap makes the script portable (easy to run non entirely on Kali Linux) in addition to real efficient thank y'all to the optimized Nmap algorithms.
Details
Trigmap tin sack performs several tasks using Nmap scripting engine (NSE):
- Port Scan
- Service in addition to Version Detection
- Web Resources Enumeration
- Vulnerability Assessment
- Common Vulnerabilities Test
- Common Exploits Test
- Dictionary Attacks Against Active Services
- Default Credentials Test
Usage
Trigmap tin sack endure used inward 2 ways:
- Interactive mode:
trigmap [ENTER], in addition to the script does the rest
- NON-interactive mode:
trigmap -h|--host [-tp|--tcp TCP ports] [-up|--udp UDP ports] [-f|--file file path] [-s|--speed fourth dimension profile] [-n|--nic NIC] [-p|--phase phases] If y'all desire to come across the help:
trigmap --help to impress this helperFor to a greater extent than screenshots come across the relative directory of the repository.
Dir Hierarchy
It's possible to customize the script past times changing the value of variables at the kickoff of the file. In specially y'all tin sack direct the wordlists used past times the Nmap scripts in addition to the closed to of import Nmap scan parameters (ping, scan, timing in addition to script).
############################################## ### PARAMETERS ### ############################################## GENERAL_USER_LIST='general_user_wordlist_short.txt' WIN_USER_LIST='win_user_wordlist_short.txt' UNIX_USER_LIST='unix_user_wordlist_short.txt' SHORT_PASS_LIST='fasttrack.txt' LONG_PASS_LIST='rockyou.txt' ############################################## ### NMAP SETTING ### ############################################## # PE (echo req), PP (timestamp-request) # y'all tin sack add together a port on every ping scan NMAP_PING='-PE -PS80,443,22,25,110,445 -PU -PP -PA80,443,22,25,110,445' NMAP_OTHER='-sV --allports -O --fuzzy --min-hostgroup 256' SCRIPT_VA='(auth or vuln or exploit or http-* in addition to non dos)' SCRIPT_BRUTE='(auth or vuln or exploit or http-* or animate beingness in addition to non dos)' SCRIPT_ARGS="userdb=$GENERAL_USER_LIST,passdb=$SHORT_PAS S_LIST" CUSTOM_SCAN='--max-retries iii --min-rate 250' # LIKE UNICORNSCANTwin Brother
This projection is real like to Kaboom, merely it has a dissimilar philosophy; infact, it uses entirely Nmap, spell Kaboom uses dissimilar tools, 1 for each task. The peculiarity of Trigmap is the portability in addition to the efficient, merely it's recommended to purpose both the tools to scan the targets inward a such agency to get together to a greater extent than show amongst dissimilar tools (redundancy in addition to reliability).
