Trigmap is a wrapper for Nmap. You can use it to easily start Nmap scan and especially to collect information into a well organised directory hierarchy.
The use of Nmap makes the script portable (easy to run not only on Kali Linux) and very efficient thanks to the optimised Nmap algorithms. Trigmap can performs several tasks using Nmap scripting engine (NSE):
Also Read – Mquery : YARA Malware Query Accelerator
Usage
Trigmap can be used in two ways:
Interactive mode:
trigmap [ENTER], and the script does the rest
NON-interactive mode:
trigmap -h|–host [-tp|–tcp TCP ports] [-up|–udp UDP ports] [-f|–file file path] [-s|–speed time profile] [-n|–nic NIC] [-p|–phase phases]
If you want to see the help:
trigmap –help to print this helper
Dir Hierarchy
Customization
It’s possible to customize the script by changing the value of variables at the beginning of the file.
In particularly you can choose the wordlists used by the Nmap scripts and the most important Nmap scan parameters (ping, scan, timing and script).
##################################################
PARAMETERS
##################################################
GENERAL_USER_LIST=’general_user_wordlist_short.txt’
WIN_USER_LIST=’win_user_wordlist_short.txt’
UNIX_USER_LIST=’unix_user_wordlist_short.txt’
SHORT_PASS_LIST=’fasttrack.txt’
LONG_PASS_LIST=’rockyou.txt’
##################################################
NMAP SETTING
##################################################
PE (echo req), PP (timestamp-request)
you can add a port on every ping scan
NMAP_PING=’-PE -PS80,443,22,25,110,445 -PU -PP -PA80,443,22,25,110,445′
NMAP_OTHER=’-sV –allports -O –fuzzy –min-hostgroup 256′
SCRIPT_VA='(auth or vuln or exploit or http-* and not dos)’
SCRIPT_BRUTE='(auth or vuln or exploit or http-* or brute and not dos)’
SCRIPT_ARGS=”userdb=$GENERAL_USER_LIST,passdb=$SHORT_PASS_LIST”
CUSTOM_SCAN=’–max-retries 3 –min-rate 250′ # LIKE UNICORNSCAN
Disclaimer:
Author assume no liability and are not responsible for any misuse or damage caused by this program. Trigmap is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
bomber is an application that scans SBOMs for security vulnerabilities. So you've asked a vendor…
Embed a payload within a PNG file by splitting the payload across multiple IDAT sections.…
Exploit-Street, where we dive into the ever-evolving world of cybersecurity with a focus on Local…
Shadow Dumper is a powerful tool used to dump LSASS (Local Security Authority Subsystem Service)…
shadow-rs is a Windows kernel rootkit written in Rust, demonstrating advanced techniques for kernel manipulation…
Extract and execute a PE embedded within a PNG file using an LNK file. The…