Penetration testing automation
In this section, I will show you how to develop a fully functioning application that can automatically perform a TCP scan and perform a service enumeration as well. The application will first execute an Nmap TCP scan, then we will check whether the FTP or HTTP ports are opened, and finally we will enumerate those services. I have limited this application to only FTP and HTTP ports, but you can add more services to your liking.
Automate.py in action
I highly encourage you to go ahead and try to download the source code from https://github.com/PacktPublishing/Practical-Web-Penetration-Testing. Be sure to install gobuster
in Kali (using the apt-get install gobuster
command).
In Kali Linux, open the Terminal window and execute the following command in your Terminal window (make sure you are in the same directory):
python Automate.py

After executing the command, you will enter the target IP address that you want to scan, and the application will show you the progress...