Skip to content
/ Kickoff Public

Simple automation and enumeration script for CTF environments.

0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

nathansb2022/Kickoff

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

15 Commits
kickoffwAI
kickoffwAI
 
 
kickoffwFerox
kickoffwFerox
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 
kickoff.py
kickoff.py
 
 

Repository files navigation

Kickoff

Simple automation and enumeration script for CTF environments. Focus is on one host at a time.

Stores contents in robots.txt, webPageScrape.txt, owaspzapscan.html, portScan.txt, and directBruteForce.txt. Requires xterm, gnome-terminal, rustscan, OWASP Zap proxy in a container, nmap, gobuster, and dirb/big.txt file. There is audio notifications to alert you when starting and completing.

IMPORTANT

Completely enhanced this tool. Just added chatGPT to the mix as a helper with the scan results. See kickoffwAI folder for python3 script. Read comments in header of the py file that has required packages. Furthermore, I have incorporated a version with Feroxbuster (See kickoffwFerox folder). Update: new python package for openai has been incorporated. Example markdown files have been provided in the kickoffwAI folder.

Terminal Output

First, the terminal starts off with Rustscan output showing ports and services. Next, a curl request will be made to the robots.txt file of a website and another request to page scrape the site itself. Gobuster will start with some directory brute forcing. All of the command outputs will be stored in txt files for further review.

Sed command will kick off in another xterm or gnome-terminal window and exit when finished. This is clearing the portScan file of unwanted lines. OWASP ZAP will run at the end of the script and results will be stored in the respective html file.

Remember

First, remember to change the version of Rustscan in your script if needed. For script to run correctly, big.txt must be stored in directory: /usr/share/wordlists/dirb/ and ZAP proxy to be cloned with the github repository for ZAP proxy to /opt directory. If you choose different paths for files called, remember to change them in the script.

Links below:

Rustscan

OWASP ZAP Proxy

Gobuster

Feroxbuster

ChatGPT

How to Use

Example Usage:

Add IP as argument

python3 kickoff.py 10.10.10.10

Or without

python3 kickoff.py

Install Requirements

To grab Rustscan with docker do:

sudo docker pull rustscan/rustcan:latest

To grab zaproxy do:

cd /opt; sudo git clone https://github.com/zaproxy/zaproxy.git

To grab Feroxbuster with docker do:

sudo docker pull epi052/feroxbuster:latest

To grab additional software:

sudo apt install espeak alsa-utils jackd2 python3-audio xterm gobuster gnome-terminal

To grab python requirements do:

sudo pip3 install pyfiglet pyttsx3 openai pandas tenacity nltk

About

Simple automation and enumeration script for CTF environments.

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages