Guidelines for the crimson_IPcon module usage.
This article will describe how to use the
crimson_IPcon most optimally.
The module is used for reconnaissance and vulnerability scanning using IP.
It is good to start the module before the Nessus. It is much quicker and free.
CRIMSON IPCON GUIDELINES
Issue a single IP address(
-i) or the file with the IP addresses(
-l) to start.
#EXAMPLE FILE WITH IP ADDRESSES FOR -l FLAG
-tflag stands for TCP scanning (1–65535).
First Rustscan is checking which ports are opened, and then output is piped to the Nmap which does the banner grabbing.
-uflag stands for UPD scanning (only top 1000 ports).
Nmap with banner grabbing.
-pflag stands for ICMP sweep.
It is useful if you got big range of IP addresses and want to check quickly which are alive. However, the scanning is performed even if the host does not respond to the ICMP packets (is considered not alive).
-kflag stands for Kerberos User enumeration if there is Kerberos.
You can use your wordlist with the usernames inside the
By default module uses
-vflag stands for vulnerability scanning.
Nuclei template scan against IP addresses and discovered HTTP services, Nmap NSE scripts, ssh-audit and mailspoof checks.
-bflag stands for brute-forcing the discovered services.
Brutespray with the default wordlist, and erbrute if there is Kerberos available.