Skip to content

Using checkBoundary.sh

Jump to bottom
FizzNomad edited this page Mar 21, 2023 · 3 revisions

Introduction:

This work instruction provides a step-by-step guide on how to use the checkBoundary script.

The script is designed to assist you on external network reviews by behaving like an interactive checklist that will ask you questions, displaying help texts that offer suggestions, and logging your responses so you hopefully leave no stone unturned!

Questions & Help Texts:

You will need to provide two files - a questions.txt and a help_texts.txt To add questions to the questions.txt file, follow these formatting guidelines:

  • Each question must be on a separate line.
  • There should be no blank lines or leading/trailing spaces in the file.
  • The order of questions in the file matters. The script will ask the questions in the same order they appear in the file.

To add help texts to the help_texts.txt file, follow these formatting guidelines:

  • The help text for each question must be on a separate line.
  • There should be no blank lines or leading/trailing spaces in the file.
  • The order of help texts in the file must match the order of questions in the questions.txt file.

Operation:

The script will ask a series of questions specific to External Network Pentesting (Boundary Reviews). For each question, respond with yes, no, skip, or help:

yes or no: Indicate whether the security measure in question is in place or not OR you have performed an appropriate test.
skip: Skip the question without recording an answer.
help: Display contextual help text for the given question.

If a question has been previously answered, the script will display the existing answer and offer the following options:

[a]ppend: Add a comment to the existing answer. (currently this is recorded above the previous answer)
[m]odify: Modify the existing answer with a new response. (changes your response, needs improvements)
[s]kip: Skip the question without making any changes.

Reviewing the Log:

The script stores the responses in a log file named checklist.log located in the logs directory that the script will create in the folder it is executed from.

Clone this wiki locally