Giter VIP home page Giter VIP logo

fir's Introduction

FIR

Fast Initial Recon

This tool is ropey as sin. I suggest you don't use it and find a better way. The latest set of fixes were put in place as a stop gap to make it work for a particular purpose. YMMV

This is a new project designed to automate early enumeration tasks. Inspired by, amongst other things, Sparta (https://github.com/SECFORCE/sparta). It is designed for time-constrained penetration tests, needless to say, this isn't exactly subtle - so I wouldn't use it if you are trying to stay under the radar. It currently performs the following tasks:

  • A targeted TCP and UDP port scan
  • Checks to see if IPs are in rDNS and extracts hostnames and domain names where possible
  • An NBT Scan
  • Checks which SMB Version is available and pulls certain details
  • Looks for non-standard SMB file shares
  • Checks to see what access the anonymous user has to SMB file shares
  • Checks whether the target is vulnerable to MS17-010
  • Checks which SSH protocol version is in place
  • Checks if AXFR is enabled on any DNS servers for known domains
  • Attempts to enumerate user accounts on the Finger service
  • Checks for SMTP enumeration of a given list of users

This is at beta stages in its development - please report bugs (or better still, submit pull requests)

Installation / dependancies

This project is written for Python3, so make sure you have the below dependencies installed:

  • python3-netaddr
  • python3-psutil
  • python3-nmap
  • python3-texttable
  • python3 readchar

On ubuntu-based distributions (including Kali) you can use:

sudo apt update
sudo apt upgrade -y
sudo apt install -y python3-netaddr python3-nmap python3-texttable python3-psutil
sudo apt install -y smtp-user-enum
sudo pip install readchar

Consider installing the following Kali metapackage if you are going into a disconnected environment:

suco apt install -y kali-linux-everything

You will also need to have Metasploit in good working order to take advantage of the hints provided if it discovers something interesting

Future features (To do list)

To make this a minimum viable product for Fast Initial (noisey) Recon the following must be in place:

  • ftp anonymous login checking
  • ftp anonymous access rights
  • identify IIS / Apache versions (and associated exploitDB data)

Thanks and acknowledgments

Thanks must go to the following people and code repositories as they have been invaluable in making this project:

fir's People

Contributors

yg-ht avatar

Stargazers

Ihebski avatar

fir's Issues

DNS Timeout Required

The application works correctly when an answer is returned, or a complete reject message is produced, however, if the DNS service been queried simply timesout, the process ends up taking a VERY long time.

Uncaught exceptions

The following functions need further testing as there have been instances of uncaught exceptions:

self.checkMSSQLDefaultCreds()
self.checkFingerUsers()
self.checkSMTPForDomains()
self.checkSMTPUserEnum()

Enhancement: Threading

It would be nice to make this threaded so that longer actions can continue in the background whilst the application is still being useful in the foreground. For example, this would allow a full top-to-bottom nmap of each host.

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.