For a number of years I maintained a small collection of open source security scripts, written in Bash. The main purpose of these scripts was to act as a wrapper around other open source tools. Why try to remember long and awkward command line parameters, when you can ask a script to do that for you ?
Bash was chosen, as it was distribution-independent. It works almost everywhere (although sometimes OSX support is troublesome, due to outdated Bash versions).
After more and more (requested) features crept in, the
analyze_hosts.shBash script became more and more complex. That's why I decided to port the script to Python. In my experience, it's at-least-as portable, and the usage of third party (pip) packages means that less time is spent on re-inventing the weel, and more on the actual functionality.
Yes, sometimes people talk about the dependency hell of Python, and in
some cases, the usage of third party packages means you have to be
careful of what you're doing.
However, when using virtual environments each Python script and its
dependencies can be safely separated from the 'main' Python. For
example, the following commands create a separate virtual environment
for the security scripts repo:
`` cd security-scripts virtualenv .``
Voila, a safe working environment. As Linux and Windows virtual
environments differ a bit, the following commands can be used to
switch to the virtual environment and works on either platform.
`` [[ -f bin/activate ]] && source bin/activate [[ -f Scripts/activate ]] && source Scripts/activate``
The following command installs the recommended pip packages (currently
only one):
`` pip install -r requirements.txt``
If you want to switch back to the main environment, use the command
deactivate.
Although the Python version of
analyze_hostsscript doesn't have all the functionality the Bash version has (yet), it already contains a significant number of other features, and is a bit smarter with regards to working on a large number of hosts.
For instance, when running the script on a subnet, it first creates a
queuefile containing all targeted hosts. If a host has been scanned,
it will automatically be removed from the queuefile. The script
doesn't handle forks and subprocesses (yet), but you can safely
execute it in parallel specifying different queue- and output files.
The script can be found on https://github.com/PeterMosmans/security-scripts/.
As always, feedback and pull requests are appreciated :smile:
Comments
comments powered by Disqus