Interlace - Easily Plough Unmarried Threaded Ascendence Describe Of Piece Of Job Applications Into Fast, Multi Threaded Ones Amongst Cidr As Well As Glob Support


Easily plough unmarried threaded command line applications into fast, multi threaded application amongst CIDR in addition to glob support.

Setup
Install using:
$ python3 setup.py install
Dependencies volition in addition to thence hold upwards installed in addition to Interlace volition hold upwards added to your path equally interlace.

Usage
Argument Description
-t Specify a target or domain refer either inward comma format, CIDR notation, or equally an private host.
-tL Specify a listing of targets or domain names
-threads Specify the maximum release of threads to run at whatsoever 1 fourth dimension (DEFAULT:5)
-timeout Specify a timeout value inward seconds for whatsoever 1 thread (DEFAULT:600)
-c Specify a unmarried ascendency to execute over each target or domain
-cL Specify a listing of commands to execute over each target or domain
-o Specify an output folder variable that tin move hold upwards used inward commands equally _output_
-p Specify a listing of port variable that tin move hold upwards used inward commands equally _port_. This tin move hold upwards a unmarried port, a comma delimited list, or exercise dash notation
-rp Specify a existent port variable that tin move hold upwards used inward commands equally _realport_
--no-cidr If ready in addition to thence CIDR musical note inward a target file volition non hold upwards automatically hold upwards expanded into private hosts.
--no-color If ready in addition to thence whatsoever foreground or background colours volition hold upwards stripped out
--silent If ready in addition to thence solely of import information volition hold upwards displayed in addition to banners in addition to other information volition hold upwards redacted.
-v If ready in addition to thence verbose output volition hold upwards displayed inward the terminal

Further information regarding ports (-p)
Example Notation Type
80 Single port
1-80 Dash notation, perform a ascendency for each port from 1-80
80,443 Perform a ascendency for both port 80, in addition to port 443

Further information regarding targets (-t or -tL)
Both -t in addition to -tL volition hold upwards processed the same. You tin move move yesteryear targets the same equally y'all would when using nmap. This tin move hold upwards done using CIDR notation, dash notation, or a comma delimited listing of targets. Influenza A virus subtype H5N1 unmarried target listing file tin move besides exercise dissimilar musical note types per line.

Variable Replacements
The next varaibles volition hold upwards replaced inward commands at runtime:
Variable Replacement
_target_ Replaced amongst the expanded target listing that the electrical flow thread is running against
_host_ Works the same equally _target_, tin move hold upwards used interchangably.
_output_ Replaced amongst the output folder variable from interlace
_port_ Replaced amongst the expanded port variable from interlace
_realport_ Replaced amongst the existent port variable from interlace

Usage Examples

Run Nikto Over Multiple Sites
Let's assume that y'all had a file targets.txt that had the next contents:
bugcrowd.com hackerone.com
You could exercise interlace to run over whatsoever release of targets inside this file using: bash
➜  /tmp interlace -tL ./targets.txt -threads five -c "nikto --host _target_ > ./_target_-nikto.txt" -v ============================================== Interlace v1.0 yesteryear Michael Skelton (@codingo_) ============================================== [14:33:23] [THREAD] [nikto --host hackerone.com > ./hackerone.com-nikto.txt] Added to Queue  [14:33:23] [THREAD] [nikto --host bugcrowd.com > ./bugcrowd.com-nikto.txt] Added to Queue
This would run nikto over each host in addition to relieve to a file for each target. Note that inward the inward a higher house instance since we're using the > operator thence results won't hold upwards fed dorsum to the terminal, nonetheless this is desired functionality equally otherwise nosotros wouldn't hold upwards able to attribute which target Nikto results were returning for.
For applications where y'all wishing feedback but move yesteryear commands equally y'all usually would (or exercise tee).

Run Nikto Over Multiple Sites in addition to Ports
Using the inward a higher house example, let's assume y'all wishing independant scans to hold upwards run for both ports 80 in addition to 443 for the same targets. You would in addition to thence exercise the following:
➜  /tmp interlace -tL ./targets.txt -threads five -c "nikto --host _target_:_port_ > ./_target_-_port_-nikto.txt" -p 80,443 -v ============================================== Interlace v1.0 yesteryear Michael Skelton (@codingo_) ============================================== [14:33:23] [THREAD] [nikto --host hackerone.com:80 > ./hackerone.com-nikto.txt] Added to Queue  [14:33:23] [THREAD] [nikto --host bugcrowd.com:80 > ./hackerone.com-nikto.txt] Added to Queue  [14:33:23] [THREAD] [nikto --host bugcrowd.com:443 > ./bugcrowd.com-nikto.txt] Added to Queue  [14:33:23] [THREAD] [nikto --host hackerone.com:443 > ./hackerone.com-nikto.txt] Added to Queue

Run a List of Commands against Target Hosts
Often amongst penetration tests there's a listing of commands y'all wishing to run on near every job. Assuming that listing includes testssl.sh, nikto, in addition to sslscan, y'all could relieve a ascendency listing amongst the next inward a file called commands.txt:
nikto --host _target_:_port_ > _output_/_target_-nikto.txt sslscan _target_:_port_ >  _output_/_target_-sslscan.txt testssl.sh _target_:_port_ > _output_/_target_-testssl.txt
If y'all were in addition to thence given a target, example.com y'all could run each of these commands against this target using the following:
interlace -t example.com -o  /Engagements/example/ -cL ./commands.txt -p 80,443
This would in addition to thence run nikto, sslscan, in addition to testssl.sh for both port lxxx in addition to 443 against example.com in addition to relieve files into your engagements folder.

CIDR musical note amongst an application that doesn't back upwards it
Interlace automatically expands CIDR musical note when starting threads (unless the --no-cidr flag is passed). This allows y'all to move yesteryear CIDR musical note to a diverseness of applications:
To run a virtual host scan against every target inside 192.168.12.0/24 using a at 1 time ascendency y'all could use:
interlace -t 192.168.12.0/24 -c "vhostscan _target_ -oN _output_/_target_-vhosts.txt" -o  /scans/ -threads 50
This is despite VHostScan non having whatsoever inbuilt CIDR musical note support. Since Interlace expands the musical note earlier edifice a queue of threads, VHostScan for all intents is solely receiving a listing of at 1 time IP addresses to scan.

Glob musical note amongst an application that doesn't back upwards it
Interlace automatically expands glob ranges when starting threads. This allows y'all to move yesteryear glob ranges to a diverseness of applications:
To run a virtual host scan against every target inside 192.168.12.* using a at 1 time ascendency y'all could use:
interlace -t 192.168.12.* -c "vhostscan _target_ -oN _output_/_target_-vhosts.txt" -o  /scans/ -threads 50
Yet again, VHostScan does non having whatsoever inbuilt glob arrive at format support.

Threading Support for an application that doesn't back upwards it
Run a virtual host scan against each host inward a file (target-lst.txt), whilst besides limiting scans at whatsoever 1 fourth dimension to l maximum threads.
This could hold upwards done using a at 1 time command:
interlace -tL ./target-list.txt -c "vhostscan -t _target_ -oN _output_/_target_-vhosts.txt" -o  /scans/ -threads 50
Or, alternatively, to run the same ascendency equally above, but using a ascendency file, this would hold upwards done using:
interlace -cL ./vhosts-commands.txt -tL ./target-list.txt -threads l -o  /scans
This presumes that the contents of the ascendency file is:
vhostscan -t $target -oN _output_/_target_-vhosts.txt
This would output a file for each target inward the specified output folder. You could besides run multiple commands but yesteryear adding them into the ascendency file.

Auhors in addition to Thanks
Originally written yesteryear Michael Skelton (codingo) in addition to Sajeeb Lohani (sml555) amongst attention from Charelle Collett (@Charcol0x89) for threading refactoring in addition to overall appraoch, in addition to Luke Stephens (hakluke) for testing in addition to approach.


Popular posts from this blog

Telekiller - A Tool Session Hijacking In Addition To Stealer Local Passcode Telegram Windows

Image
H5N1 Tools Session Hijacking And Stealer Local passcode Telegram Windows. Features : Session Hijacking Stealer Local Passcode Keylogger Shell Bypass ii Step Verification Bypass Av (Coming Soon) Installation Windows git clone https://github.com/ultrasecurity/TeleKiller.git cd TeleKiller pip install -r requirements.txt python TeleKiller.py Dependency : python 2.7 pyHook pywin32 Video Tutorial Operating Systems Tested Windows 10 Windows 8.1 Windows 8 Windows 7 Contact WebSite Ultra Security Team: https://ultrasec.org Channel Telegram: https://t.me/UltraSecurity Thanks to Milad Ranjbar MrQadir Download TeleKiller
Read more

Efiguard - Disable Patchguard Together With Dse At Kicking Time

Image
EfiGuard is a portable x64 UEFI bootkit that patches the Windows kicking manager, kicking loader too center at kicking fourth dimension inward club to disable PatchGuard too Driver Signature Enforcement (DSE). Features Currently supports all EFI-compatible versions of Windows x64 e'er released, from Vista SP1 to Server 2019. Easy to use: tin live on booted from a USB stick via a loader application that automatically finds too boots Windows. The driver tin also live on loaded too configured manually using either the UEFI rhythm out or the loader. Makes extensive utilization of the Zydis disassembler library for fast runtime pedagogy decoding to back upwardly to a greater extent than robust analysis than what is possible amongst signature matching, which oftentimes requires changes amongst novel OS updates. Works passively: the driver does non charge or start the Windows kicking manager. Instead it acts on a charge of bootmgfw.efi yesteryear the firmware kicking ...
Read more

Cameradar V2.1.0 - Hacks Its Mode Into Rtsp Videosurveillance Cameras

Image
   An RTSP flow access tool that comes alongside its library Cameradar allows you lot to Detect opened upward RTSP hosts on whatever accessible target host Detect which device model is streaming Launch automated dictionary attacks to larn their stream route (e.g.: /live.sdp ) Launch automated lexicon attacks to larn the username in addition to password of the cameras Retrieve a consummate in addition to user-friendly study of the results Docker Image for Cameradar Install docker on your machine, in addition to run the next command: docker run -t ullaakut/cameradar -t <target> <other command-line options> See command-line options . e.g.: docker run -t ullaakut/cameradar -t 192.168.100.0/24 -l volition scan the ports 554 in addition to 8554 of hosts on the 192.168.100.0/24 subnetwork in addition to laid on the discovered RTSP streams in addition to volition output debug logs. YOUR_TARGET tin hold out a subnet (e.g.: 172.16.100.0/24 )...
Read more