Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Linux Post-Exploitation Automation
Python
Branch: master

Fetching latest commit…

Cannot retrieve the latest commit at this time

Failed to load latest commit information.
Changes Updated to reflect recent changes
Intersect2-Beta.py Fixed issue #3
README
ToDoList Update ToDoList

README

Intersect 2.0 - Linux Post-Exploitation Automation
ohdae | bindshell[at]live[dot]com
http://bind.shell.la/

This project is ongoing. If you find any errors or bugs, please let me know so I can work on fixing them.
More support for multiple distro's is being implemented and will be out shortly.

*** DISCLAIMER: This project and all source included is only for authorized testing purposes and can only be used where
prior authorization and consent has been given. The developers take no responsibility for your use of this project
outside of this disclaimer. Long story short, do not use any part of the project for illegal activity. ***

Background
----------

Intersect 2.0 is a Python script written to perform automated Post-Exploitation information gathering and reporting.
The general idea is that after you have exploited a target, you run this script and it performs a variety of tasks
that you would normally need to perform manually. Intersect will collect password files, copy SSH keys, enumerate 
processes and installed applications, gather detailed network information, map the hosts internal network (for pivoting),
locate and identify common anti-virus and firewall applications and much more.

The original version of Intersect was a private script and did not have nearly as many features as this version.
One of the big advantages of this version is the capability to find live hosts on the target network and enumerate
services that can be used to pivot access to other systems. Also, I will be adding the ability to transfer the final 
reports and files to a remote system of your choosing. This can be done by using an SFTP transfer or HTTP tunnel.
This version can also scan the system for common anti-virus, firewalls, IDS/IPS and many other applications. 
You will be notified of which applications are installed and where they are located.

This is an ongoing project. You can find a list of upcoming changes and features in the ToDoList file. If you find any
bugs, glitches, errors or any problems with this code please send me an email and let me know so I can fix it.
Thanks for checking out my project and I hope you enjoy it. Check back often for updates!


Features
---------

General
*Run application as background process
*Generate report text files for each section of features
*Create archive containing final reports (tar.gz)
*Send individual reports and/or archive to remote host (upcoming)

Operating System & User Information
*OS, Distro, Kernel Info.
*Running Processes
*List Of Installed Applications
*Scheduled Tasks/Cronjobs
*Mounts and Attached Devices
*Listings of Home Directories
*File System & Memory Information

Passwords & Credentials
*Password files(passwd, shadow, gshadow, master.passwd)
*SSH Keys (private and public)
*Sudoers list
*SSH Known Hosts
*SSH Authorized Keys
*GNUPG/PGP Keys (private and public)
*Mail Aliases
*Bash Histories
*User Groups
*Last Logs
*SSHD Config
*DB Enumeration & Passwords (upcoming feature)

Network Information
*Network Services & Protocols
*Internal/External IP Address
*Network Interfaces
*Active Connections
*IPTables Rules
*VPN/Proxy Info (upcoming feature)

Internal Network
*Identify Live Hosts via ARP Scan
*Port-Scanning of live-hosts (upcoming)
*See the ToDoList for the full list of changes coming to this section

Protection Information(AV/FW)
*Identify and locates: TrueCrypt, BullDog, IPTables, Snort, UFW, LogRotate & LogWatch,
Chkrootkit, ClamAV, FireStarter, Avast! Anti-Virus, Tiger Security Tool, JailKit, Lynis, Rootkit-Hunter, Bastille

Will be soon when this feature is reworked: SaGator, TuxGuardian, Nagios, nLiveCare, SmoothWall, Prelude, 
StrongSwan, IPCop, Nessus, Tripwire, Shorewall, Stack-Protection, Sentry-Tools(port-sentry, logcheck), 
Sophos, Honeyd, Webmin

Extra Information & Tools
Searches for useful apps and other services
*TCPDump
*Netcat
*Perl
*Python
*GCC
*Nmap
*WireShark
*ProxyChains
*Apache & Config Pull (todo)
*Nginx & Config Pull (todo)
*Lighttpd & Config Pull (todo)
*SQL Enum & Configs (todo)
Something went wrong with that request. Please try again.