diff --git a/README.md b/README.md index 1ebfdef..d3aabcf 100644 --- a/README.md +++ b/README.md @@ -20,6 +20,9 @@ Well, now you are ready to use the script, so enjoy it! ## DNS record query +**Usage**: `$ python3 pentesting-multitool.py -d -r ` +**Options**: `-f ` + **Warning**: _Not all DNS records are implemented so check on this table what DNS records are available._ | RECORDS | STATUS | @@ -35,20 +38,31 @@ Well, now you are ready to use the script, so enjoy it! ## Whois function -The whois function generates a dictionary with the information but I recommend to check the availability of the keys for the specified domain, anyway if the key isn't available an error message will be shown. +**Usage**: `$ python3 pentesting-multitool.py -w ` +**Options**: `-f ` + +The whois function generates a dictionary with the information, you can write the information on a file with the -f option or print it. Sometimes the information is hidden so keep that possibility in mind. ## Shodan search function +**Usage**: `$ python3 pentesting-multitool.py -s ` +**Options**: `-f , -u(full information flag)` + +_Note: If **-u** flag is set, you will get full information about the devices or services found. Otherwise, you will get only the IP._ + The Shodan search function (ssearch) uses the Shodan external library in order to integrate Shodan browser in our script. The script implements a "simple search"(is simple as you want), for the search query parameters we will put exactly the same that if we were searching using Shodan website but with the filters separated by "-" here is an example of search query: -```"ip:8.8.8.0/24-ports:22"``` +`"ip:8.8.8.0/24-ports:22"` ## Banner grabbing function +**Usage**: `# python3 pentesting-multitool.py -b -p ` +**Options**: `-f ` + The banner grabbing function first creates a socket with the specified IP and port, so we can use a list of ports (separated by `:`). **Warning**: _Not all services are implemented so check on this table what service is available._ @@ -64,18 +78,25 @@ The banner grabbing function first creates a socket with the specified IP and po ## Flooding using PCAP function +**Usage**: `# python3 pentesting-multitool.py -o -f ` +**Options**: `-g (Generator mode flag)` + The flooding function have two options. The first option is the generator mode that creates a PCAP file with a specified amount of packets and name. Those packets have two layers IP and ICMP (Echo request). For the flood mode, using TCPReplay, we will send the list of packets included on the PCAP file in a loop of _n_ iterations. It's recommended to add 200 packets to the file for DOS Attack and 100 packets to generate latency increase but that varies between networks and AP's. ## Fuzzing function +**Usage**: `# python3 pentesting-multitool.py -z -ng -n -l -f ` + The fuzzing function will generate a number of random packets with UDP, TCP or ICMP layer as indicated by the user, _n_ times (number of generations parameter). After sending the packet it will wait for a response one second, if there is no response then a default packet will be created. All packets will be stored in a PCAP afterwards, where the first packet is the sent packet and the second one is the response of this packet. Also, is obvius that you have to set the target IP because it useless to set it by using Scapy RandIP function. ## Man-in-the-Middle function +**Usage**: `# python3 pentesting-multitool.py -m -v -a ` + Well, first I want to clarify that it is not a tool designed to attack, it is a tool to check if our network is vulnerable to a mitm scheme attack using ARP Spoofing. Using ARP Spoofing we indicate to the router that the victim's IP is in our MAC Address and at the same time we indicate to the victim that the gateway's IP address is in our MAC address so we are intercepting all the traffic between the victim and the router.