Skip to content

Automate the scanning and enumeration of machines externally while maintaining complete control over scans shot to the targets with the speed and convenience of Tmux. Great for OSCP/HTB type Machines as well as penetration testing.

License

Notifications You must be signed in to change notification settings

CoolHandSquid/TmuxRecon

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

64 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

!!THIS PROJECT HAS MOVED!!

TmuxRecon has been integrated into TireFire.

This repository has been migrated and will no longer be updated or supported. Use TireFire in the future. Thank you for your support!

TmuxRecon

Automate the scanning and enumeration of machines while maintaining complete control over scans shot to targets. All the while applying the speed and convenience of tmux! Great for OSCP/HTB type Machines as well as penetration testing.

"The Metasploit of External Enumeration"

tweet

Contents

About

  • Think Metasploit, but for external enumeration...
  • TmuxRecon is a scalable and straightforward platform to place your operational workflow.
  • The database for TmuxRecon (Main.csv) is easily altered to support your methodologies as they are substituted and appended.
  • Great for HTB and OSCP like machines.
  • TmuxRecon is a product of 19% security solutions.

Demo

TmuxRecon

Kickoff

TmuxRecon 10.11.1.8

Methodology

  1. Kickoff TmuxRecon (TmuxRecon 10.10.10.5).
    alt text
  2. C-b w (Move into the TmuxRecon Session). alt text
  3. When prompted, type "Y" to kickoff a Quick, Banner, All-Port, and UDP nmap scan. alt text
  4. Notice that new windows were opened kicking off those scans. Depending upon the ports returned, run scans for those ports. alt text
  5. Change variables as you need to suit your target (Example: HTTP running on port 8500). alt text

ProTips

  • Run multiple commands from a table at once by splitting the command numbers with commas. EX: 0,1,2 (Spaces and periods work aswell)

Build

git clone https://github.com/CoolHandSquid/TmuxRecon.git
cd TmuxRecon
./Build.sh

Adding Modules

  • Open Main.csv with your favorite csv editor (I'm partial to ModernCSV and Excel).
  • When adding a command, keep in mind Name, Port, and Description are for the primary display screen; Cmd_Name, Cmd_Description, Cmd_Command, Cmd_Comment, and SubDisplayOrder are for the secondary display screen. alt text

Special Characters and Syntax

  • Cmd_Command has a few special characters including &&&&, #, ##, ?, and {}.

&&&&

  • &&&& Anywhere in the command will split the line and start each command individually in separate tabs.
  • Example: whoami &&&& id &&&& ifconfig will open three tabs and run the desired command in each. &&&& is useful if you initially run multiple separate commands every time you see a specific port open.

# and ##

  • "#" is for sending yourself notes to another tab.
  • "#" can be useful if you don't want to run a command, but you want to give yourself copy-paste notes for manual enumeration.
  • Set only the first character of the line to # if you want variables to be evaluated.
  • Set the first two characters of the line to ## if you do not want variables to be evaluated.

?

  • "?" is for sending a question to the user. The responce will be set to a numbered variable.
  • You can send multiple lines of questions for multiple variables.
  • Example:
?What is the location of the wp-login.php? Example: /Yeet/cannon/wp-login.php
?What is a known password you would like to brute force?
wpscan --url {Web_Proto}://{IP}{1} --enumerate u,tt,t,vp --password {2} -e 

{}

  • {} is for grabbing a variable from TmuxRecon.
  • Available variables can be viewed in the variables table.

Supporters

Stargazers repo roster for @coolhandsquid/TireFire Forkers repo roster for coolhandsquid/TireFire

Contact

Please contact me at [email protected] for contribution, suggestions, and ideas!

Back to top

About

Automate the scanning and enumeration of machines externally while maintaining complete control over scans shot to the targets with the speed and convenience of Tmux. Great for OSCP/HTB type Machines as well as penetration testing.

Topics

Resources

License

Stars

Watchers

Forks

Packages

No packages published