Sparta

Sparta学习稿

1、下载和安装

介绍页面在http://sparta.secforce.com/#Download

在Kali中的安装命令：

git clone https://github.com/secforce/sparta.git

apt-get installpython-elixir

apt-get install nmaphydra cutycapt

apt-get installldap-utils rwho rsh-client x11-apps finger

2、启动

在终端中进入/root/sparta文件夹

然后启动sparta.py脚本文件，可以启动软件界面

3、Features/功能

– Run nmap from SPARTAor import nmap XML output.

在Sparta中运行Nmap或者导入Nmap的XML输出文件

– Transparent stagednmap: get results quickly and achieve thorough coverage.

和Nmap进行交互，快速得到结果并且实现全面覆盖

– Configurable context menufor each service. You can configure what to run on discovered services. Anytool that can be run from a terminal, can be run from SPARTA.

为每个服务配置菜单。你可以配置运行可发现的服务，任何可以运行在终端中的工具，都可以运行在Sparta中

– You can run anyscript or tool on a service across all the hosts in scope, just with a click ofthe mouse.

你可以简单使用鼠标点击来对在范围内的所有主机上的服务上运行脚本和工具

– Define automatedtasks for services (ie. Run nikto on every HTTP service, or sslscan on everyssl service).

定义自动测试任务（对每一个HTTP服务或者HTTPS服务运行nikto）

– Default credentialscheck for most common services. Of course, this can also be configured to runautomatically.

默认凭据检查最常见的服务，当然了，这也可以自动运行

– Identify passwordreuse on the tested infrastructure. If any usernames/passwords are found byHydra they are stored in internal wordlists which can then be used on othertargets in the same network (breaking news: sysadmins reuse passwords).

标识密码可重用，如果一个用户名和密码对存在与Hydra中，就可以被运用到在同一网络中的其他目标

– Ability to mark hoststhat you have already worked on so that you don’twaste time looking at them again.

能够标记你早就探查过的主机帮助你避免再次探查以节约时间

– Website screenshottaker so that you don’t waste time on lessinteresting web servers.

网站快照帮助你不要浪费在不感兴趣的Web服务器上