| Follow @lancinimarco
Marco Lancini Reading time ~11 minutes

Have you ever been in a network penetration test where the scope is so huge you end up with dozens of files containing Nmap scan results, each of which, in turn, contains a multitude of hosts? If the answer is yes, you might be interested in this blog post.

Following is the process I recently went through to find a way to triage the results, while enabling concurrent collaboration between team mates. We will see how using traditional “defensive” tools for Offensive security data analysis has advantages over the traditional grep when parsing and analysing data.

Finally, I’m going to provide the full source code of the setup I ended up with. Hopefully this will give someone else with a similar need some help in the future.

Marco Lancini Reading time ~3 minutes

Everyone loves Burp, but sometimes moving around the Professional version among different virtual machines could be laborious.

That’s why I finally decided to port it to docker. Read along if you wanna know how to replicate the setup (or even to know how to run any GUI application from docker).

About

Hi, I'm Marco Lancini. I'm a Security Engineer, previously Security Consultant, mainly interested in: cloud, devops, netsec, appsec...  

Must Read

Offensive Infrastructure with Modern Technologies
Offensive ELK: Elasticsearch for Offensive Security

Recent Articles

Offensive ELK: Elasticsearch for Offensive Security
Robtex-Go: Go Client for the Robtex API
Introducing GoScan (aka a reason to learn Go)
Burp Pro as a Docker Container
Docker + Consul + Vault: A Practical Guide

Tags

Twitter Feed