[scan]
This commit is contained in:
164
scan.yml
164
scan.yml
@@ -4,7 +4,7 @@
|
||||
become: true
|
||||
gather_facts: true
|
||||
vars:
|
||||
fqdn: orbital23.com
|
||||
fqdn: colinauto.ro
|
||||
ansible_user: stephane
|
||||
user: staffadmin
|
||||
token: !vault |
|
||||
@@ -15,15 +15,7 @@
|
||||
3961303030373531380a343061326437343066663665613833623533376437326630326432363566
|
||||
37653135666331633532653436656461396131623736353962643632316135633562346631313036
|
||||
6137356332636431643830666461333862613835336631333037
|
||||
#TODO target in list
|
||||
# 163.172.0.0/24
|
||||
# 163.172.80.0/28
|
||||
target_network: 163.172.16.0/20
|
||||
# 163.172.0.0/20
|
||||
# 163.172.16.0/20
|
||||
# 163.172.31.0/20
|
||||
# 163.172.48.0/20
|
||||
# 163.172.63.254/20
|
||||
cloud_upload: true
|
||||
ansible_password: stephane
|
||||
ansible_become_password: stephane
|
||||
username: jingohalert
|
||||
@@ -34,12 +26,21 @@
|
||||
65366439343135636634393832636436353764303066653530346232323164376265313039373630
|
||||
3863613961373430340a303866363962353262623030373061616134303366336237346631383539
|
||||
3130
|
||||
PDCP_API_KEY: !vault |
|
||||
$ANSIBLE_VAULT;1.2;AES256;prod
|
||||
33346636623263376335323265323163643534613835643363386630316666663336333435323438
|
||||
3135313264626663663436346239306264666563303463380a643366633161326634316662313465
|
||||
31646466666531656565356565383932356162323030346330356563323266396361376339313437
|
||||
6637633235633635330a353539333366346331303134373433346462343736316437306136633361
|
||||
37346537373861313361656338616438646533666639623533323433353365363836656532323938
|
||||
3139363338653666656339303763333837313731383739363164
|
||||
tasks:
|
||||
- community.docker.docker_image_pull:
|
||||
name: "{{ item }}"
|
||||
loop:
|
||||
- projectdiscovery/subfinder
|
||||
- projectdiscovery/httpx
|
||||
- projectdiscovery/dnsx
|
||||
- projectdiscovery/nuclei
|
||||
|
||||
- ansible.builtin.git:
|
||||
@@ -49,29 +50,134 @@
|
||||
force: true
|
||||
become_user: root
|
||||
|
||||
- name: PREPARE SCAN {{ fqdn }}
|
||||
shell: "{{ item }}"
|
||||
become_user: root
|
||||
ignore_errors: true
|
||||
loop:
|
||||
- mkdir $HOME/scan/{{ fqdn }}
|
||||
- touch $HOME/scan/{{ fqdn }}/{{ fqdn }}__nuclei.json
|
||||
- name: Remove all before
|
||||
ansible.builtin.file:
|
||||
path: $HOME/scan/{{ fqdn }}
|
||||
state: absent
|
||||
|
||||
- name: RUN HTTPX SCAN {{ fqdn }}
|
||||
shell: "{{ item }}"
|
||||
- name: Create a directory if it does not exist
|
||||
ansible.builtin.file:
|
||||
path: "{{ item.path }}"
|
||||
state: "{{ item.state |default('touch') }}"
|
||||
loop:
|
||||
- path: $HOME/scan/{{ fqdn }}
|
||||
state: directory
|
||||
- path: $HOME/scan/{{ fqdn }}/{{ fqdn }}__nuclei.json
|
||||
- path: $HOME/scan/{{ fqdn }}/{{ fqdn }}__httpx.json
|
||||
- path: $HOME/scan/{{ fqdn }}/{{ fqdn }}__httpx.txt
|
||||
# - path: $HOME/scan/{{ fqdn }}/{{ fqdn }}__httpx__full.txt
|
||||
- path: $HOME/scan/{{ fqdn }}/{{ fqdn }}__dnsx.json
|
||||
- path: $HOME/scan/{{ fqdn }}/{{ fqdn }}__dnsx.txt
|
||||
# - path: $HOME/scan/{{ fqdn }}/{{ fqdn }}__dnsx__full.txt
|
||||
- path: $HOME/scan/{{ fqdn }}/{{ fqdn }}__subfinder.txt
|
||||
become_user: root
|
||||
ignore_errors: true
|
||||
loop:
|
||||
- docker run --rm projectdiscovery/subfinder -d {{ fqdn }} -silent > $HOME/scan/{{ fqdn }}/{{ fqdn }}__subfinder.txt
|
||||
- docker run -v --rm $HOME/scan/{{ fqdn }}/{{ fqdn }}__subfinder.txt:/{{ fqdn }}__subfinder.txt projectdiscovery/httpx -silent -l {{ fqdn }}__subfinder.txt > $HOME/scan/{{ fqdn }}/{{ fqdn }}__httpx.txt
|
||||
- docker run -v --rm $HOME/scan/{{ fqdn }}/{{ fqdn }}__subfinder.txt:/{{ fqdn }}__subfinder.txt projectdiscovery/httpx -silent -sc -title -td -method -bp -server -ip -location -cname -asn -probe -j -l {{ fqdn }}__subfinder.txt > $HOME/scan/{{ fqdn }}/{{ fqdn }}__httpx.json
|
||||
|
||||
- name: RUN NUCLEI SCAN {{ fqdn }}
|
||||
shell: "{{ item }}"
|
||||
- name: subfinder
|
||||
community.docker.docker_container:
|
||||
image: projectdiscovery/subfinder
|
||||
name: subfinder
|
||||
command: "-d {{ fqdn }} -silent -o /{{ fqdn }}__subfinder.txt"
|
||||
recreate: true
|
||||
auto_remove: true
|
||||
volumes:
|
||||
- /root/scan/{{ fqdn }}/{{ fqdn }}__subfinder.txt:/{{ fqdn }}__subfinder.txt:rw
|
||||
become_user: root
|
||||
|
||||
- name: dnsx
|
||||
community.docker.docker_container:
|
||||
image: projectdiscovery/dnsx
|
||||
name: "{{ item.name }}"
|
||||
command: "{{ item.command }}"
|
||||
recreate: true
|
||||
auto_remove: true
|
||||
volumes: "{{ item.volumes }}"
|
||||
become_user: root
|
||||
ignore_errors: true
|
||||
loop:
|
||||
- docker run -v --rm $HOME/scan/{{ fqdn }}/{{ fqdn }}__httpx.txt:/{{ fqdn }}__httpx.txt -v $HOME/scan/{{ fqdn }}/{{ fqdn }}__nuclei.json:/{{ fqdn }}__nuclei.json projectdiscovery/nuclei -l {{ fqdn }}__httpx.txt -j -o {{ fqdn }}__nuclei.json
|
||||
- command: -silent -l /{{ fqdn }}__subfinder.txt -o /{{ fqdn }}__dnsx.txt
|
||||
name: dnsx
|
||||
volumes:
|
||||
- /root/scan/{{ fqdn }}/{{ fqdn }}__subfinder.txt:/{{ fqdn }}__subfinder.txt:rw
|
||||
- /root/scan/{{ fqdn }}/{{ fqdn }}__dnsx.txt:/{{ fqdn }}__dnsx.txt:rw
|
||||
# - command: -silent -a -cname -asn -resp -l /{{ fqdn }}__subfinder.txt -o /{{ fqdn }}__dnsx__full.txt
|
||||
# volumes:
|
||||
# - /root/scan/{{ fqdn }}/{{ fqdn }}__subfinder.txt:/{{ fqdn }}__subfinder.txt:rw
|
||||
# - /root/scan/{{ fqdn }}/{{ fqdn }}__dnsx__full.txt:/{{ fqdn }}__dnsx__full.txt:rw
|
||||
- command: -silent -a -cname -asn -resp -l /{{ fqdn }}__subfinder.txt -j -o /{{ fqdn }}__dnsx.json
|
||||
name: dnsx-json
|
||||
volumes:
|
||||
- /root/scan/{{ fqdn }}/{{ fqdn }}__subfinder.txt:/{{ fqdn }}__subfinder.txt:rw
|
||||
- /root/scan/{{ fqdn }}/{{ fqdn }}__dnsx.json:/{{ fqdn }}__dnsx.json:rw
|
||||
loop_control:
|
||||
#* seconds
|
||||
pause: 30
|
||||
|
||||
|
||||
# - name: httpx
|
||||
# community.docker.docker_container:
|
||||
# image: projectdiscovery/httpx
|
||||
# name: httpx
|
||||
# command: -silent -l /{{ fqdn }}__dnsx.txt -o {{ fqdn }}__httpx.txt
|
||||
# recreate: true
|
||||
# auto_remove: true
|
||||
# volumes:
|
||||
# - /root/scan/{{ fqdn }}/{{ fqdn }}__dnsx.txt:/{{ fqdn }}__dnsx.txt:rw
|
||||
# - /root/scan/{{ fqdn }}/{{ fqdn }}__httpx.txt:/{{ fqdn }}__httpx.txt:rw
|
||||
# become_user: root
|
||||
|
||||
# - name: httpx
|
||||
# community.docker.docker_container:
|
||||
# image: projectdiscovery/httpx
|
||||
# name: httpx
|
||||
# command: -silent -sc -title -td -method -bp -server -ip -location -cname -asn -probe -l /{{ fqdn }}__dnsx.txt -o {{ fqdn }}__httpx.json -j
|
||||
# recreate: true
|
||||
# auto_remove: true
|
||||
# volumes:
|
||||
# - /root/scan/{{ fqdn }}/{{ fqdn }}__dnsx.txt:/{{ fqdn }}__dnsx.txt:rw
|
||||
# - /root/scan/{{ fqdn }}/{{ fqdn }}__httpx.json:/{{ fqdn }}__httpx.json:rw
|
||||
# become_user: root
|
||||
|
||||
# - name: httpx
|
||||
# community.docker.docker_container:
|
||||
# image: projectdiscovery/httpx
|
||||
# name: httpx
|
||||
# command: "PDCP_API_KEY={{ PDCP_API_KEY }} -silent -sc -title -td -method -bp -server -ip -location -cname -asn -probe -l /{{ fqdn }}__dnsx.txt -dashboard"
|
||||
# recreate: true
|
||||
# auto_remove: true
|
||||
# volumes:
|
||||
# - /root/scan/{{ fqdn }}/{{ fqdn }}__dnsx.txt:/{{ fqdn }}__dnsx.txt:rw
|
||||
# become_user: root
|
||||
|
||||
- name: httpx
|
||||
community.docker.docker_container:
|
||||
image: projectdiscovery/httpx
|
||||
name: "{{ item.name }}"
|
||||
command: "{{ item.command }}"
|
||||
recreate: true
|
||||
auto_remove: true
|
||||
volumes: "{{ item.volumes }}"
|
||||
become_user: root
|
||||
loop:
|
||||
- command: -silent -l /{{ fqdn }}__dnsx.txt -o {{ fqdn }}__httpx.txt
|
||||
name: httpx
|
||||
volumes:
|
||||
- /root/scan/{{ fqdn }}/{{ fqdn }}__dnsx.txt:/{{ fqdn }}__dnsx.txt:rw
|
||||
- /root/scan/{{ fqdn }}/{{ fqdn }}__httpx.txt:/{{ fqdn }}__httpx.txt:rw
|
||||
- command: -silent -sc -title -td -method -bp -server -ip -location -cname -asn -probe -l /{{ fqdn }}__dnsx.txt -o {{ fqdn }}__httpx.json -j
|
||||
name: httpx_json
|
||||
volumes:
|
||||
- /root/scan/{{ fqdn }}/{{ fqdn }}__dnsx.txt:/{{ fqdn }}__dnsx.txt:rw
|
||||
- /root/scan/{{ fqdn }}/{{ fqdn }}__httpx.json:/{{ fqdn }}__httpx.json:rw
|
||||
- command: "PDCP_API_KEY={{ PDCP_API_KEY }} -silent -sc -title -td -method -bp -server -ip -location -cname -asn -probe -l /{{ fqdn }}__dnsx.txt -dashboard"
|
||||
name: httpx_dashboard
|
||||
volumes:
|
||||
- /root/scan/{{ fqdn }}/{{ fqdn }}__dnsx.txt:/{{ fqdn }}__dnsx.txt:rw
|
||||
- command: "PDCP_API_KEY={{ PDCP_API_KEY }} -silent -sc -title -td -method -bp -server -ip -location -cname -asn -probe -l /{{ fqdn }}__dnsx.txt -dashboard"
|
||||
name: httpx_dashboard
|
||||
volumes:
|
||||
- /root/scan/{{ fqdn }}/{{ fqdn }}__dnsx.txt:/{{ fqdn }}__dnsx.txt:rw
|
||||
loop_control:
|
||||
#* seconds
|
||||
pause: 60
|
||||
|
||||
- ansible.builtin.shell: |
|
||||
git config user.email "stephane.gratiasquiquandon@gmail.com"
|
||||
@@ -107,7 +213,7 @@
|
||||
dest: /opt/dockerapps/appdata/ivre/ivre-share/{{ item.split('/')[-1] }}
|
||||
remote_src: true
|
||||
loop:
|
||||
- /home/{{ ansible_user }}/scan/{{ fqdn }}/{{ fqdn }}__nuclei.json
|
||||
# - /home/{{ ansible_user }}/scan/{{ fqdn }}/{{ fqdn }}__nuclei.json
|
||||
- /home/{{ ansible_user }}/scan/{{ fqdn }}/{{ fqdn }}__httpx.json
|
||||
delegate_to: scaleway
|
||||
when: push_git.changed is true
|
||||
|
||||
Reference in New Issue
Block a user