For Full Documentation: Read : https://www.linkedin.com/pulse/advanced-network-vulnerability-assessment-approach-using-fagun
This repository contains an advanced Bash script for conducting a comprehensive network vulnerability assessment. The script empowers security professionals to identify potential weaknesses and vulnerabilities in both network infrastructure and web applications, strengthening an organization's overall security posture.
-
Parallel Processing: The script utilizes parallel processing to optimize the scanning process and expedite the assessments.
-
Multiple Scans: The tool integrates powerful security tools such as Nessus, Nmap, Nikto, SQLMap, BeEF, Metasploit, and more, to ensure a holistic security evaluation.
-
Methodologies from TCM Security: Inspired by TCM Security's Web Application Testing approach, the script follows proven techniques for comprehensive assessments.
-
Logs and Reports: The tool saves scan results in dedicated log files, ensuring easy access to valuable information.
- Bash shell
- Nessus (For Nessus scan)
- Nmap (For Nmap scan)
- Nikto (For Nikto scan)
- SQLMap (For SQLMap scan)
- BeEF (For BeEF scan)
- Metasploit (For Metasploit scan)
- sslyze (For Qualys SSL scan)
- Clone the repository to your local machine.
git clone https://github.com/fagun18/Web-Application-Testing.git
-
Ensure all required tools (Nessus, Nmap, Nikto, SQLMap, BeEF, Metasploit, and sslyze) are installed and accessible in your system's PATH.
-
Give execute permissions to the script.
chmod +x pentest_script.sh
./pentest_script.sh <target_ip>
Provide the target IP address as a command-line argument. The script will execute various security scans, saving the results in separate log files.
Please ensure that you have proper authorization and permission to conduct vulnerability assessments on the target network. Unauthorized or illegal use of this tool is strictly prohibited.
We welcome contributions to enhance the tool's capabilities and make it even more effective. If you have any suggestions or found a bug, feel free to raise an issue or submit a pull request.
This project is licensed under the MIT License.
We extend our gratitude to TCM Security (https://tcm-sec.com) for their insights and methodologies in Web Application Testing, which inspired the development of this tool.
For any inquiries or feedback, please reach out to us at fagun.115946@gmail.com.
Disclaimer: This tool is provided for educational and learning purposes only. Usage for any illegal activities or unauthorized assessments is strictly prohibited. The developers of this tool are not responsible for any misuse or consequences arising from its use. Always obtain proper authorization before conducting security assessments on any network or application. END )