This project forked from null--/aaron
aaron: Draw your taget network's topology (connectivity) graph from netstat results of clients (victims)
License: GNU General Public License v3.0
aaron
======
In loving memory of tireless Internet activist, "Aaron Swartz".
======
Find a way to go deep inside your target network to get the "Arkenstone".
Designed for hacktists, professional penetration testers and APT teams.
#About
Imagine those hard times that you were inside an unknown network
trying to discover how things work by looking at anything,
just to find out a way to go deeper and deeper inside that jungle of
connected electronic devices. Going deeper means you need
to find new targets, but how? Yes! That cool netstat -an command,
shows valuable network information. But, did you ever try to
analyze 10000 lines of netstat result? THAT'S HELL OF A HARD WORK!
so you may use grep, awk, cut, sort, uniq and a bunch of | (pipes)
trying to make one those magical single line commands and reduce
the netstat result to 1000 lines! That's geek but you need s
omething more visual!
Any advanced hacking or black-box penetration testing project starts
with a short list of known targets. After exploiting one of those known
targets, you should use all the information found inside that target
to find new targets. Discovering new HVTs is a key point for
a successful security breach because you can go deeper and deeper.
aaron helps you do that in a more visual way!
#Why?
- You can understand data-flow inside your target network.
- You don't need to install it on remote target (e.g. libpcap)
=> less suspicious.
- Find high value targets by looking at a graphical map!
#Features
Core
- Parse netstat results
- Search!
- Automated OS detection (based on netstat results)
- Add/Edit/Remove Hosts/Connections
- rdoc
Graph
- Draw network graph of your local machine
- Draw a network graph based on results collected
from several remote hosts
- Update an existing network graph
- Export graphs in png and pdf formats
Advanced Targeting
- Add hosts to metasploit database
- Supports SSH ans PSExec (SMB) protocols
- Supports "adb shell" (android devices)
#Installation:
Ruby dependencies:
1. thor
2. net-ssh
3. graphviz
4. sqlite3
5. activerecord
6. highline
7. termios
General dependencies:
1. metasploit: msfconsole
2. android tools: adb
Install on a Debian or kali Linux:
$ sudo aptitude install ruby-thor ruby-net-ssh ruby-highline
$ sudo aptitude install ruby-graphviz libsqlite3-ruby ruby-termios
$ sudo aptitude install ruby-activerecord android-tools-adb
Note 1:
Make sure metasploit is installed and msfdb (postgresql on port
5432 and 5433) is up.
Note 2:
I think there shouldn't be any difficulties installing aaron on
other GNU/Linux, BSD or other Unix families, However there are
some issues (like adb, psexec, etc.) installing aaron on a
windows machine but fixing those issues wouldn't be a
headache for a professional user.
Third Party Tools:
1. xdot to view .dot file
2. sqlitebrowser to modify .axa file
#TODO
- aaron search + regex
- IPv6 netstat regex
- BSD test
- test, test, test
#more
- Sqlite3 Database (.axa file):
+----------------+ +-----------------+
| Host | | Edge |
+----------------+ +-----------------+
| id (PK) | | id (PK) |
| name | | src_ip_id (FK) |
| info | | dst_ip_id |
| deepinfo | | src_tag |
| comment | | dst_tag |
| | | proto |
| | | type_tag |
| | | comment |
+----------------+ +-----------------+
^ | |
| | |
| | |
| +----------------+ | |
| | IP | | |
| +----------------+ | |
| | id (PK) |<---+ |
+----| host_id (FK) |<-----+
| addr |
| comment |
| |
+----------------+
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
Django
The Web framework for perfectionists with deadlines.
Laravel
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
Microsoft
Open source projects and samples from Microsoft.
Google
Google โค๏ธ Open Source for everyone.
Alibaba
Alibaba Open Source for everyone
D3
Data-Driven Documents codes.
Tencent
China tencent open source team.