Skip to content

A wrapper for Nmap to automate the pentest

License

Notifications You must be signed in to change notification settings

hackzaid/trigmap

 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

14 Commits
 
 
 
 
 
 
 
 

Repository files navigation

Release Language License LastUpdate TestedOn




About

Trigmap is a wrapper for Nmap. You can use it to easily start Nmap scan and especially to collect informations into a well organized directory hierarchy. The use of Nmap makes the script portable (easy to run not only on Kali Linux) and very efficient thanks to the optimized Nmap algorithms.

Details

Trigmap can performs several tasks using Nmap scripting engine (NSE):

  • Port Scan
  • Service and Version Detection
  • Web Resources Enumeration
  • Vulnerability Assessment
  • Common Vulnerabilities Test
  • Common Exploits Test
  • Dictionary Attacks Against Active Services
  • Default Credentials Test

Usage

Trigmap can be used in two ways:

  • Interactive mode:

trigmap [ENTER], and the script does the rest

  • NON-interactive mode:

trigmap -h|--host <target/s> [-tp|--tcp TCP ports] [-up|--udp UDP ports] [-f|--file file path] [-s|--speed time profile] [-n|--nic NIC] [-p|--phase phases]


If you want to see the help:

trigmap --help to print this helper


For more screenshots see the relative directory of the repository.

Dir Hierarchy

Customization

It's possible to customize the script by changing the value of variables at the beginning of the file. In particularly you can choose the wordlists used by the Nmap scripts and the most important Nmap scan parameters (ping, scan, timing and script).

##############################################
###              PARAMETERS                ###
##############################################
GENERAL_USER_LIST='general_user_wordlist_short.txt'
WIN_USER_LIST='win_user_wordlist_short.txt'
UNIX_USER_LIST='unix_user_wordlist_short.txt'
SHORT_PASS_LIST='fasttrack.txt'
LONG_PASS_LIST='rockyou.txt'

##############################################
###             NMAP SETTING               ###
##############################################

# PE (echo req), PP (timestamp-request)
# you can add a port on every ping scan
NMAP_PING='-PE -PS80,443,22,25,110,445 -PU -PP -PA80,443,22,25,110,445'

NMAP_OTHER='-sV --allports -O --fuzzy --min-hostgroup 256'

SCRIPT_VA='(auth or vuln or exploit or http-* and not dos)'

SCRIPT_BRUTE='(auth or vuln or exploit or http-* or brute and not dos)'

SCRIPT_ARGS="userdb=$GENERAL_USER_LIST,passdb=$SHORT_PASS_LIST"

CUSTOM_SCAN='--max-retries 3 --min-rate 250'	# LIKE UNICORNSCAN

Twin Brother

This project is very similar to Kaboom, but it has a different philosophy; infact, it uses only Nmap, while Kaboom uses different tools, one for each task. The peculiarity of Trigmap is the portability and the efficient, but it's recommended to use both the tools to scan the targets in a such way to gather more evidence with different tools (redundancy and reliability).




Disclaimer:

Author assume no liability and are not responsible for any misuse or damage caused by this program.

Trigmap is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.

License:

Trigmap is released under GPLv3 license. See LICENSE for more details.

About

A wrapper for Nmap to automate the pentest

Resources

License

Stars

Watchers

Forks

Packages

No packages published

Languages

  • Shell 100.0%