Skip to content

Commit 3077d4e

Browse files
committed
Updated README
1 parent adbb5ef commit 3077d4e

1 file changed

Lines changed: 123 additions & 1 deletion

File tree

README.md

Lines changed: 123 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1 +1,123 @@
1-
# automated_pentest
1+
# APT2 - An Automated Penetration Testing Toolkit
2+
3+
```
4+
dM. `MMMMMMMb. MMMMMMMMMM
5+
,MMb MM `Mb / MM \
6+
d'YM. MM MM MM ____
7+
,P `Mb MM MM MM 6MMMMb
8+
d' YM. MM .M9 MM MM' `Mb
9+
,P `Mb MMMMMMM9' MM ,MM
10+
d' YM. MM MM ,MM'
11+
,MMMMMMMMb MM MM ,M'
12+
d' YM. MM MM ,M'
13+
_dM_ _dMM_MM_ _MM_MMMMMMMM
14+
15+
16+
An Automated Penetration Testing Toolkit
17+
```
18+
This tool will perform an NMap scan, or import the results of a scan from Nexpose, Nessus, or NMap. The processesd results will be used to launch exploit and enumeration modules according to the configurable Safe Level and enumerated service information.
19+
20+
All module results are stored on localhost and are part of APT2's Knowledge Base (KB). The KB is accessible from within the application and allows the user to view the harvested results of an exploit module.
21+
22+
## Setup
23+
24+
On Kali Linux install python-nmap library: `pip install python-nmap`
25+
26+
## Configuration (Optional)
27+
APT2 uses the *default.cfg* file in the root directory. Edit this file to configure APT2 to run as you desire.
28+
29+
Current options include:
30+
- metasploit
31+
- nmap
32+
- threading
33+
34+
##### Metasploit RPC API (metasploit)
35+
APT2 can utuilize your host's Metasploit RPC interface (MSGRPC). Additional Information can be found here: https://help.rapid7.com/metasploit/Content/api-rpc/getting-started-api.html
36+
37+
##### NMAP
38+
Configure NMAP scan settings to include the target, scan type, scan port range, and scan flags. These settings can be configured while the program is running.
39+
40+
##### Threading
41+
Configure the number of the threads APT2 will use.
42+
43+
## Run:
44+
#### No Options:
45+
`python apt2` or `./apt2`
46+
#### With Configuration File
47+
`python apt2 -C <config.txt>`
48+
#### Import Nexpose, Nessus, or NMap XML
49+
`python apt2 -f <nmap.xml>`
50+
#### Specify Target Range to Start
51+
`python apt2 -f 192.168.1.0/24`
52+
53+
## Safe Level
54+
Safe levels indicate how safe a module is to run againsts a target. The scale runs from 1 to 5 with 5 being the safest. The default configuration uses a Safe Level of 4 but can be set with the `-s` or `--safelevel` command line flags.
55+
56+
## Usage:
57+
```
58+
usage: apt2.py [-h] [-C <config.txt>] [-f [<input file> [<input file> ...]]]
59+
[--target] [--ip <local IP>] [-v] [-s SAFE_LEVEL] [-b]
60+
[--listmodules]
61+
62+
optional arguments:
63+
-h, --help show this help message and exit
64+
-v, --verbosity increase output verbosity
65+
-s SAFE_LEVEL, --safelevel SAFE_LEVEL
66+
set min safe level for modules
67+
-b, --bypassmenu bypass menu and run from command line arguments
68+
69+
inputs:
70+
-C <config.txt> config file
71+
-f [<input file> [<input file> ...]]
72+
one of more input files seperated by spaces
73+
--target initial scan target(s)
74+
75+
ADVANCED:
76+
--ip <local IP> defaults to ip of interface
77+
78+
misc:
79+
--listmodules list out all current modules
80+
81+
```
82+
83+
## Modules
84+
```
85+
-----------------------
86+
LIST OF CURRENT MODULES
87+
-----------------------
88+
nmaploadxml Load NMap XML File
89+
hydrasmbpassword Attempt to bruteforce SMB passwords
90+
nullsessionrpcclient Test for NULL Session
91+
msf_snmpenumshares Enumerate SMB Shares via LanManager OID Values
92+
nmapbasescan Standard NMap Scan
93+
impacketsecretsdump Test for NULL Session
94+
msf_dumphashes Gather hashes from MSF Sessions
95+
msf_smbuserenum Get List of Users From SMB
96+
anonftp Test for Anonymous FTP
97+
searchnfsshare Search files on NFS Shares
98+
crackPasswordHashJohnTR Attempt to crack any password hashes
99+
msf_vncnoneauth Detect VNC Services with the None authentication type
100+
nmapsslscan NMap SSL Scan
101+
nmapsmbsigning NMap SMB-Signing Scan
102+
responder Run Responder and watch for hashes
103+
msf_openx11 Attempt Login To Open X11 Service
104+
nmapvncbrute NMap VNC Brute Scan
105+
msf_gathersessioninfo Get Info about any new sessions
106+
nmapsmbshares NMap SMB Share Scan
107+
userenumrpcclient Get List of Users From SMB
108+
httpscreenshot Get Screen Shot of Web Pages
109+
httpserverversion Get HTTP Server Version
110+
nullsessionsmbclient Test for NULL Session
111+
openx11 Attempt Login To Open X11 Servicei and Get Screenshot
112+
msf_snmplogin Attempt Login Using Common Community Strings
113+
msf_snmpenumusers Enumerate Local User Accounts Using LanManager/psProcessUsername OID Values
114+
httpoptions Get HTTP Options
115+
nmapnfsshares NMap NFS Share Scan
116+
msf_javarmi Attempt to Exploit A Java RMI Service
117+
anonldap Test for Anonymous LDAP Searches
118+
ssltestsslserver Determine SSL protocols and ciphers
119+
gethostname Determine the hostname for each IP
120+
sslsslscan Determine SSL protocols and ciphers
121+
nmapms08067scan NMap MS08-067 Scan
122+
msf_ms08_067 Attempt to exploit MS08-067
123+
```

0 commit comments

Comments
 (0)