Scripting in Kali Linux

Kali Linux is relatively verbose—you can leverage bash scripting to create complex scripts, which you can then leverage for penetration testing.

A sample script that performs a Nmap scan is as follows:

read -p "Target IP/Range: " $targetIP
echo "$targetIP"
Nmap -sS -O -v "$targetIP"

In this script, we are telling the system to print out the read -p "Target IP/Range: text, which we tie to the variable of $targetIP. In the next line, we are displaying the IP range using the echo command, which is passed as an argument. In the last line, we perform a simple Nmap scan, using the switches of -sS, which performs a TCP SYN port scan; the -O, which performs remote operating system detection; and -v, which increases the verbosity level, as shown in Figure 23:

During the course of this book, we will explore additional scripts (for example, in Chapter 3, Performing Information Gathering, using a script to search Shodan, and more). As you progress on your penetration testing journey, you will likely develop your own useful list of scripts.