A Bash script designed to scan and attack different targets on your own LAN in order to test your SIEM monitoring and response.

The script performs the following operations:

• Detects the user's system's network interfaces and gives the user the option to choose the interface they want to use.
• Gives the user a choice between a Fast Nmap scan, a full scan (all ports +UDP) and a vulnerability scan (service detection + vuln script).
• Scans all endpoints on the local network based on the scan. Scanning data is saved inside /var/log in all file formats available for Nmap.
• Gives the user the choice to either attack an IP address from a lits of scanned targets, or have the script select a random target.
• Gives the user a choice between a Brute Force attack, Man-in-the-Middle (MITM) attack, a Denial-of-Service (DoS) attack, or have the script select a random attack
• Attacks and their results are saved in /tmp.
• The user can repeat the attack, choose a different attack, change targets, or conclude and exit.
• All scanning and attack data is saved inside /var/log/attack_log.txt
• If the user chooses to exit, the script gives the option of creating a timestamped folder and gathering all the logs and attack results for convenience.
• If the user chooses to create a folder, an html file is produced out of the .xml Nmap scan file to make the scan results more presentable.

Notes: The script was tested on Metasploitable and Windows Server 2019 VM's as a proof of concept.

Full Script Run:

Generated Folder:

Log Examples:

Man-in-the-Middle attack .pcap Result Example: