Add files via upload

Added Auto Screen Shot Generation - Added Big list to default attack plan - added Nmap timeouts at 20m
frizb · Apr 22, 2018 · 324d07b · 324d07b
1 parent 7bd2db2
commit 324d07b
Show file tree

Hide file tree

Showing 2 changed files with 126 additions and 85 deletions.
diff --git a/attackplan.ini b/attackplan.ini
@@ -20,7 +20,7 @@ Order: Nmap Scan All TCP
 [Enumeration Plan]
 Order: Information Gathering,User Enumeration,Web Site Scanning,Password List Generation,User Enumeration Bruteforce
 [Post Enumeration Plan]
-Order: Metasploit Database Start,Metasploit Database Import,Metasploit Report Generation,Web Content Detection,Web Exploitation,Nmap HTTP Scan,Brute Forcing Lite,Vulnerablity Analysis,Vulnerability Validation,Web Site Nikto Tests,Brute Forcing
+Order: Metasploit Database Start,Metasploit Database Import,Metasploit Report Generation,Web Content Detection,Capture Screenshots,Web Exploitation,Nmap HTTP Scan,Brute Forcing Lite,Vulnerablity Analysis,Vulnerability Validation,Web Site Nikto Tests,GoBuster Web Content Bruteforce,Brute Forcing
 
 #= Nmap Phases ============
 # The following sections detail the specific commands that will be run (found in the config.ini) at each nmap phase
@@ -69,14 +69,17 @@ ms-sql-s: MS-SQL-S Nmap MS-SQL Info
 http: HTTP What Web,HTTP Wordpress Scan 1,HTTP Wordpress Scan 2,HTTP BlindElephant Guess,HTTP Cewl Password List,HTTP Robots
 https: HTTPS What Web,HTTPS Wordpress Scan 1,HTTPS Wordpress Scan 2,HTTPS BlindElephant Guess,HTTPS Cewl Password List,HTTPS Robots
 [Web Site Nikto Tests]
-http: HTTP Nikto Tests,HTTP GoBuster Findings All Dicts
-https: HTTPS Nikto Tests,HTTPS GoBuster Findings All Dicts
+http: HTTP Nikto Tests
+https: HTTPS Nikto Tests
 [Web Content Detection]
 http: HTTP GoBuster,HTTP What Web All Urls,HTTP BlindElephant Guess All Urls,HTTP Wordpress Scan All Urls,HTTP Method Check
 https: HTTPS GoBuster,HTTPS What Web All Urls,HTTPS BlindElephant Guess All Urls,HTTPS Wordpress Scan All Urls,HTTPS Method Check
+[Capture Screenshots]
+http: Screenshot,Screenshot Rel
+https: Screenshot S,Screenshot RelS
 [Web Exploitation]
-http: HTTP Nmap SQL Injection Scan,HTTP Nmap SQL Injection Findings List Scan
-https: HTTP Nmap SQL Injection Scan,HTTPS Nmap SQL Injection Findings List Scan
+http: HTTP Nmap SQL Injection Scan,HTTP Nmap SQL Injection Findings List Scan,HTTP Webdav,HTTP Webdav All URLS
+https: HTTP Nmap SQL Injection Scan,HTTPS Nmap SQL Injection Findings List Scan,HTTPS Webdav,HTTPS Webdav All URLS
 webmin: Webmin Passwd Exploit,Webmin Shadow Exploit
 [GoBuster Web Content Bruteforce]
 http: HTTP GoBuster All Dicts