Skip to content

Home

Jump to bottom
Riqky edited this page Jan 17, 2020 · 5 revisions

Spitzer wiki

Contents:

Getting Started

The short version is on the README of Spitzer. this will be a expanded version of that explanation.

First, you'll need to clone to project and install it:

git clone https://github.com/Riqky/Spitzer
cd Spitzer
pip3 install .

pip3: command not found

These command's are untested on anything other than Kali, so necessary usage of sudo is unknown.

Now, you should be able to start the script:

spitzer

It will show some ASCII-art, and probably a orange warning about the IP or Interface. You can ignore the warning for now, we'll get to this later. For now just type help. This will show you a list of the available command's. help <command> will give you more info about the command. For even more info per command, see Usage

Starting scanning

Now, first we need to set everything you need to scan. Do this by running the options command. This will give an output similar to this:

> options
ip                   10.10.10.0/24        The ip-adress or CIDR to scan 
nmapFlags            -sC                  Flags used by nmap (-sV and -Pn are added automatically)
ports                top1                 amount of ports to scan, top1 equals top1000 and top10 equals top10000. options: top1, top10, all, list or an format accepted by nmap
wordlist             common               wordlist for dirb             
interface            tun0                 The interface that can reach the ip
verbose              2                    The verbosity of the tools. Options: -1, 0, 1 etc. -1 is no output, anything above 0 is the amount of added v's
times                2                    Amount of times to run Masscan
rate                 10000                Rate for Masscan to use       
threads              5                    The amount of threads the multiprocessed tool use
categories           safe                 safe, heavy and/or intrusive. Defines how heavy the exploits can go

In order to scan a range or target, set interface and ip to the correct values. The rest doesn't matter yet. As soon as you set your interface, Spitzer will change your ip to the current range of this interface. If you want to scan a single host, or don't want to use Masscan, you can set the times to 0. Next, we run the scan. You can only scan the network with scan, as soon as the scanning is done, you can check the results for exploits with exploit. Or you can run both commands with run.

Clone this wiki locally