Hey! I'm back at it and I wanted to share a small script that I use in my pentesting practice.
When I really want to dig into a port scan I will go to my defacto tool, nmap. However, before I get to this point I want to determine a few key things about a paying client.
What is the low hanging fruit?
In a previous post I highlighted how we can use web scraping to grab a geolocation of a public IP address. Maybe it's just me but I love knowing where I am pinging too.
The tool I will be highlighting here is another one for the preliminary information gathering process of penetration testing.
In the above image you will find the script. It is super straight forward (I love python so much).
First I use my geo.py to find where the IP address is. (I have attached a general picture of the area where the public IP is that I am working with)
The next step is to use the scan.py
Immediately I know that this machine has a port of interest.
With this info I would want to go further with nmap and check versioning and OS etc etc. However it appears that we may have a fairly good avenue into this machine
Another quick way is with netcat (nc -vn [IP][port]) this actually can return service and version but hey!
This a post about python!!!
This script could be easily modified to scan a slew of popular ports. I wouldn't go to crazy with ports because nmap is a much better tool for recon. However something quick and easy like this is a nice way to gather initial information.