Suggests binaries to run against services found during the enumeration phase of a Pentest
While studying for the Offensive Security Certified Profesional (OSCP) certification I found it hard to keep track of which commands to run during the enumeration phase for specific services.
The purpose of this tool is easily keep track of those commands.
git clone https://github.com/ssstonebraker/Pentest-Service-Enumeration
cd Pentest-Service-Enumeration
./install.sh
Pentest Service Enumeration: 0.0.2
----------------------------------------------------------------------------------------------------
LISTING EXISTING COMMANDS:
Usage: pse <service-name> (Ex: ftp, rdp, http)
-v: verbose - print command description
Examples
[*] pse ftp
[*] pse -v ftp (for verbose)
----------------------------------------------------------------------------------------------------
STORING A NEW COMMAND WITH ARGUMENTS
Usage: pse -a <service-name> '<command> <arg1> <argX>'
note: You must use single quotes around your command
Examples
[*] pse -a rpc 'rpcinfo $IP'
[*] pse -a smb 'smbexec.py $HOST/$USERNAME:$PASSWORD@$IP'
----------------------------------------------------------------------------------------------------
To view basic usage just type:
pse
pse -l
[*] listing all services that have pse stored commands
ftp
http
linpriv
mimikatz
rpc
smb
smtp
snmp
ssh
webdav
pse <service-name>
Example:
pse smb
The default view does not include descriptions for commands
The verbose view includes descriptions for commands
pse -v <service-name>
Example:
pse -v smb
In this example I am adding the dirb command for the https service
I'm listing out what already exists for the http service
Add command dirb for service http
pse -a http 'dirb http://$IP -r -o $OUTPUTFILE'
A view of the commands for the http service after I've added the dirb http command:
Currently only $IP and $PORT will be expanded (if set)
Example:
IP=10.11.1.10 pse http