Leprechaun : Tool Used To Map Out Network Data Flow To Help Penetration Testers

Leprechaun purpose of this tool is to help penetration testers identify potentially valuable targets on the internal network environment. By aggregating netstat routes from multiple hosts, you can easily figure out what’s going on within.

These instructions will get you a copy of the project up and running on your local machine for development and testing purposes. See deployment for notes on how to deploy the project on a live system.

Prerequisites

You’ll need a few Ruby gems to get started – if you don’t have them already, that is.

gem install ‘securerandom’
gem install ‘terminal-table’
gem install ‘getopt’

Lastly, make sure you have Graphviz installed. You can install that with the following command:

apt install graphviz -y

Also Read – Evil-Winrm : The Ultimate WinRM Shell For Hacking/Pentesting

Tool Help Menu

If you run the script without any arguments, you’ll see the following help menu:

[root:vonahisec-kali:~/scripts/leprechaun]# ./leprechaun.rb

————————————————————————————————-
Leprechaun v1.0 – Alton Johnson (@altonjx)
————————————————————————————————-

Usage: ./leprechaun.rb -f /path/to/netstat_results.txt -p

-f File containing the output of netstat results
-p Port you’re interested in. e.g., 80. Specify “all”, “common”, or separate ports with commas
-e The type of destination IP addresses you want to see connections to (e.g. external/internal/all)

Example: ./leprechaun.rb -f netstat_output.txt -p 80
Example: ./leprechaun.rb -f netstat_output.txt -p all
Example: ./leprechaun.rb -f netstat_output.txt -p common
Example: ./leprechaun.rb -f netstat_output.txt -p 80,443 -t external

Example Outputs

+--------------+-----------------------------+----------------------------+
| Server       | Number of connected clients | Highest traffic destination port |
+--------------+-----------------------------+----------------------------+
| 192.12.70.71 | 4                           | 80/tcp (4 clients)               |
| 192.12.70.18 | 2                           | 443/tcp (2 clients)              |
| 192.12.70.45 | 1                           | 445/tcp (1 clients)              |
+--------------+-----------------------------+----------------------------+

Credit: Alton Johnson

Download
R K

Share
Published by
R K
Tags: LeprechaunNetwork DataPenetration
7 years ago

Recent Posts

Install Gitea Ubuntu: Complete Setup Guide for Developers

Managing source code efficiently is essential for modern software development, and Install Gitea Ubuntu is…

2 hours ago

Install Ruby Ubuntu – 3 Easy Ways to Set Up Ruby on Ubuntu 20.04

Ruby remains one of the most popular programming languages for web development, automation, and software…

3 hours ago

Plex Media Server Setup: Install and Configure on Ubuntu 20.04

A Plex Media Server Setup on Ubuntu 20.04 is one of the easiest ways to…

4 hours ago

Why Deploying AI Is Just the Beginning: The Case for Ongoing AI Operations Monitoring

Most enterprise AI programs treat deployment as the destination. The business case is built around…

22 hours ago

Bash Scripting Best Practices Every Beginner Should Know

Introduction Bash scripting is a powerful way to automate Linux tasks, but writing a script…

6 days ago

How To Create A Self-Signed SSL Certificate Using Bash And OpenSSL

Introduction A self-signed SSL certificate is a certificate that is created and signed by the…

6 days ago