Pentesting notes and snippets
Recon Copy pasta stuff I use for recon - both inside and outside of a target. Host Discovery Ping Sweeping: IP_RANGE='192.168.0.0' SUBNET_MASK='/24' nmap -sn -oA onlineHosts "${IP_RANGE}/${SUBNET_MASK}" -sn: Use ping scan for host discovery (don’t run a port scan) -oA: Store output in normal, XML, and grepable file formats Parse IP Addresses from gnmap file grep "^Host: " onlineHosts.gnmap | grep "Status: Up" | \ cut -d " " -f 2 | sort -n | uniq Skip ICMP checks...