Slack Commands For Security Professionals

At work we  are moving to slack as a communication method and since I am spending so much time in the tool I decided it was time to start building in some of the tools I use on a regular basis.  So far I have put together the following tools:

/NMAP

Nmap-For-Slack runs a basic scan (nmap –top-ports 50 –open) against a host and returns the results.  I have to do such a basic scan because the timeout is 3000ms so it limits what I can do.

Screen Shot 2016-05-15 at 3.31.44 PM

/DNSRECON

DNSRecon-for-slack allows your to run a basic DNSRecon scan from inside of  Slack.

Screen Shot 2016-05-15 at 3.43.28 PM

/IPINFO

ipinfo-for-slack looks up and displays information from ipinfo.io.

Screen Shot 2016-05-15 at 3.36.01 PM

/HOSTLOOKUP

Hostlookup-for-slack grabs all the A records for a domain and displays them.

Screen Shot 2016-05-15 at 3.42.15 PM

Technical Configuration:

 

download

 

This configuration needs the following: 
Slack team.
Publically Accessible Web Server Running:
Apache
PHP
Valid DNS Record and TLS Cert
I really like a $5 DigitalOcean droplet for this.
A list of APIs you want to query or installed local security tools (nmap, dnsrecon) you want to run. 

To Do List:

Figure out how to display json blobs as flat text in html.
Figure out how to bypass 3000 ms timeout to run more complex commands.
Build a bunch more of these tools (nessus, shodan, censys.io are on the list).
If you want to help me on any of these please reach out to me on twitter at @jgamblin or via email.

Site Footer