NEET – Network Enumeration and Exploitation Tool

Neet is a versatile, multi-threaded instrument for community penetration trying out. It runs on Linux and co-ordinates using a lot of different open-supply community gear, with the purpose of amassing as a lot community knowledge as imaginable in transparent, simple-to-use codecs. The core scanning engine unearths and identifies community services and products, the modules check or enumerate the ones services and products, and the Neet Shell supplies an built-in atmosphere for processing the consequences and exploiting identified vulnerabilities. As such, it sits someplace between manually operating your personal port scans and next exams, and operating an absolutely computerized vulnerability evaluation (VA) instrument. It has many choices which permit the consumer to music the check parameters for community scanning in the best and sensible method.
Set up
git clone https://github.com/JonnyHightower/neet.git
cd neet
sudo bash set up.sh
Neet is aimed toward skilled penetration testers, inside IT safety groups and community directors who want to know extra about what is in truth on their community infrastructure. You may want to check out it out in case you fall into one of the ones classes.
It’s been written (and remains to be advanced) by way of a qualified penetration tester over years of engagements, and has been designed explicitly to do the leg-give you the results you want and to make it handy and protected to get your fingers on helpful community knowledge ahead of the buyer brings your first cup of tea of the day.
Neet has a easy and versatile command-line interface, and gathers numerous information concerning the networks inside of its scope. It is going to provide you with an up-to-the second one view of what number of services and products it is discovered at the community, what kinds of services and products they’re, what kinds of hosts, what their hostnames are, whether or not they belong to domain names, and many others. If the modules are enabled (as they’re by way of default) then it is going to carry out exams in opposition to positive services and products – searching for default SNMP group strings and enumerating no matter is imaginable from SMB services and products, as an example. It is going to additionally test for obvious safety vulnerabilities and assist you to exploit them in case you so make a choice.
All of the knowledge collected is saved in human-readable textual content information so they are able to be grepped and awked because the consumer sees have compatibility and, in addition to storing the uncooked information, Neet aggregates numerous it into information of comparable knowledge for more uncomplicated processing.
There may be additionally a personalized shell which takes numerous the typical duties you would typically carry out and rolls them into easy instructions. For instance, the win command lists the Home windows hosts at the community, and go-references them in opposition to problems and vulnerabilities discovered to provide you with a color-coded record of reside Home windows hosts, and the testshares command assessments for unauthenticated get admission to to SMB stocks.
There could also be documentation. Take a look at the person pages, the lend a hand command within the neet shell, and the HTML documentation in /choose/neet/document. Additionally, please take a look at the undertaking web page for the newest information and factor monitoring/characteristic requests.
In abstract, Neet isn’t some degree-and-click on hacking or vulnerability evaluation instrument. This can be a console-based totally atmosphere very best run underneath X Home windows, designed for the operator to realize perception into the elements, relationships and operation of the community underneath check. Additionally it is designed to lend a hand reporting by way of amassing as a lot proof as imaginable.
One of the crucial primary options come with:
  • Unmarried interface to co-ordinate many gear;
  • Port scans and carrier id are achieved in batches, so helpful effects seem early on;
  • Simple to specify levels to incorporate and exclude, each for IP addresses and ports;
  • Does not create extra site visitors than is exactly essential;
  • Detailed, timestamped logging;
  • All uncooked instrument output to be had, in addition to sensibly-organized output in textual content structure;
  • Customisable velocity and depth;
  • Dependable scanning from more than one interfaces and over VPNs;
  • Scan regulate permits you to pause / resume the scan;
  • Cancel scans on person hosts;
  • Observe growth of the scanning;
  • Very configurable;
  • Neet shell (neetsh) is bash shell with many aliases for buying thru effects temporarily;
  • Exploitation for particular exploits integrated within the Neet shell;
  • Sell off credentials from far flung hosts immediately into your Neet effects with out manually shunting information and instructions between machines;
  • On-line incremental updates with no need to do a complete reinstall each and every time;
  • Documentation: guy pages, HTML lend a hand and the lend a hand command within the Neet shell;
  • Many extra.

Marshmallow

Marshmallow Man, AppMarsh.com blog spiritual leader, has strived to make AppMarsh an independent and free blog from world monetary system. He and his followers are exiled by Google monster.