Skip to content

feat: NullSec Infrastructure Recon - Network topology and security assessment#706

Open
bad-antics wants to merge 1 commit intohak5:masterfrom
bad-antics:nullsec-infrarecon
Open

feat: NullSec Infrastructure Recon - Network topology and security assessment#706
bad-antics wants to merge 1 commit intohak5:masterfrom
bad-antics:nullsec-infrarecon

Conversation

@bad-antics
Copy link
Contributor

@bad-antics bad-antics commented Mar 5, 2026

New Payload: NullSec Infrastructure Recon

Description

Comprehensive network infrastructure reconnaissance payload for Linux/macOS targets. Uses exclusively native system tools for zero-dependency operation.

Data Collection

  • System: OS version, kernel, hostname, user context
  • Network Interfaces: All adapters with IPs, MACs, link state
  • Routing: Full routing table with metrics
  • ARP Table: Neighbor cache with MAC resolution
  • DNS: Resolver configuration
  • Services: All listening ports with associated processes
  • Active Connections: Established TCP sessions
  • Firewall: iptables/ufw/pf ruleset dump
  • Network Shares: SMB and NFS exports
  • SSH: Server config audit, authorized keys count, known hosts
  • Subnet Discovery: Parallel ping sweep of gateway /24
  • Containers: Docker and Podman running instances
  • Scheduled Tasks: Cron jobs

LED Status Indicators

LED Meaning
Magenta (solid) Setup
Yellow (blink) Attack running
Green (blink) Complete
Red (blink) Error

Output

Timestamped report: udisk/loot/nullsec-infrarecon/infrarecon_YYYYMMDD_HHMMSS.txt

Key Features

  • Zero external dependencies
  • Parallel ping sweep (~15s for /24)
  • Comprehensive security posture assessment
  • Clean, organized report format

Author: NullSec (bad-antics)

@bad-antics
feat: add NullSec Infrastructure Recon payload
54c387f 
- Comprehensive network infrastructure reconnaissance for Linux/macOS
- Collects: system info, interfaces, routing, ARP, DNS, services, connections,
  firewall rules, shares, SSH config, subnet ping sweep, containers, cron jobs
- Zero external dependencies - native tools only
- Parallel ping sweep for speed
- LED status indicators
- Loot saved to timestamped report file
@bad-antics bad-antics mentioned this pull request Mar 5, 2026
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@bad-antics