GET YOUR VULNERABILITY AND THREAT DATABASE SUBSCRIPTION
EKOLABS 2016


Tools

Published on June 12th, 2017 | by MaxiSoler

0

PTNotes v1.0.3 – Taking Notes

PTNotes is a simple tool for taking notes in a pentest. PTNotes uses data from imported Nessus and Nmap files along with the built-in attack data to build a list of hosts, open ports, and potential attack vectors. It then allows you to add notes to each host and each attack vector. You can then view all attack notes or all host notes at one time. PTNotes allows you to create a separate project for each penetration test.

Pentest Notes allows testers to keep track of what can be done, has been done, and still needs to be done during a network penetration test. To use Pentest Notes, create a new project using the Projects tab. Next, select the newly created project and import any Nessus or Nmap XML files into the project. The imported data will be organized by hosts and attacks. Select a host to get detailed information about it. Select an attack to get more details about the attack including the hosts that may be vulnerable to the attack.

Prerequisites

You will need to install the flask framework: pip install flask

Usage

From the ptnotes folder run ./server then connect to the server on http://127.0.0.1:5000. For security purposes, the server runs on local host by default. If you need to collaborate with other users, you can run PTNotes on a central server and create SSH tunnels to the server. If that is not an option, you must configure the Flask server to run with HTTPS to secure the data in transit. Use the following syntax to create an SSH tunnel to the server:

ssh -L 5000:127.0.0.1:5000 <username>@<ssh_server>

You can then connect to the PTNotes server on http://127.0.0.1:5000.

Creating New Attacks

To add new attacks to PTNotes edit the data/attacks.json file. Each attack uses the following structure:

{
 "name": "SMB Brute-force.",
 "description": "Attempt to brute-force the local administrator account on these SMB servers.",
 "keywords": ["--smb-os-discovery--", "--11011--"]
}

An attack needs a name and description along with a list of keywords that signify a machine may vulnerable to the attack. When data is imported to PTNotes the Nessus plugin id or the Nmap script name are extracted along with the plugin/script output. You can search for vulnerabilities using the plugin id or script name surrounded by — as seen in the example above. You can also use any text from the plugin or script output. Multiple keywords are joined with OR to create the final query.

More Information: here

Thanks to AverageSecurityGuy for sharing this tool with us.

Tags: , , ,


About the Author

ToolsWatcher :) @maxisoler



Leave a Reply

Your email address will not be published. Required fields are marked *

Back to Top ↑