You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
We could introduce a plugin (e. g. reptor cmd alias reptor c to make it shorter) that takes tool commands and executes them: reptor c sudo nmap -p 80
The plugin creates a data structure like...
---
cmd: sudo nmap -p 80started: 2023-08-03T08:50:07+00:00finished: 2023-08-03T08:55:07+00:00exit_code: 0stdout: open port 80stderr: starting nmap...
This allows us to create a protocol of pentesting activities.
We could create a timeline from this and upload it to the notes. (If we add a plugin to our markdown renderer, we could even create a nice visual timeline: https://www.npmjs.com/package/hexo-tag-mdline)
It could also allow us to dynamically find out, if there is a corresponding plugin that is able to process the output. The plugin could define a list of command name (cmds = ["nmap", "masscan"]) that is dynamically expanded (cmds = ["nmap", "masscan", "sudo nmap", "su -c nmap", "sudo masscan", "su -c masscan"]) to detect if the tool output can be processed.
(It might also be possible to add some conditionals, like if it contains "-oX" it must use xml parsing, or we iterate through all possible parsing algos.)
We could add an option that uploaded should be done right after execution (e. g. reptor c --upload sudo nmap -p 80).
If this was not specified, the user could upload later (e. g. reptor nmap --upload --cmd). The cmd switch defines that the input should be taken from the cmd outputs. This takes the cmd output that matches the command with the newest "started" timestamp and a valid "finished" timestamp. If the user wants to use a different output, he must specify a number (e. g. --cmd 1 for the second to last run).
The text was updated successfully, but these errors were encountered:
We could introduce a plugin (e. g.
reptor cmdaliasreptor cto make it shorter) that takes tool commands and executes them:reptor c sudo nmap -p 80The plugin creates a data structure like...
This allows us to create a protocol of pentesting activities.
We could create a timeline from this and upload it to the notes. (If we add a plugin to our markdown renderer, we could even create a nice visual timeline: https://www.npmjs.com/package/hexo-tag-mdline)
It could also allow us to dynamically find out, if there is a corresponding plugin that is able to process the output. The plugin could define a list of command name (
cmds = ["nmap", "masscan"]) that is dynamically expanded (cmds = ["nmap", "masscan", "sudo nmap", "su -c nmap", "sudo masscan", "su -c masscan"]) to detect if the tool output can be processed.(It might also be possible to add some conditionals, like if it contains "-oX" it must use xml parsing, or we iterate through all possible parsing algos.)
We could add an option that uploaded should be done right after execution (e. g.
reptor c --upload sudo nmap -p 80).If this was not specified, the user could upload later (e. g.
reptor nmap --upload --cmd). The cmd switch defines that the input should be taken from the cmd outputs. This takes the cmd output that matches the command with the newest "started" timestamp and a valid "finished" timestamp. If the user wants to use a different output, he must specify a number (e. g.--cmd 1for the second to last run).The text was updated successfully, but these errors were encountered: