What is Phactive

Phactive is a little script written in bash, it’s to aid in a red team workflow, Since red team is mostly about continuous monitoring and simulation of a real life attack. unlike in Penetration testing where you just have to run a scan and submit a report the explain your findings, which can be accomplished within a short time missing out new risks and vulnerabilities. For example: During a penetration testing you can run an Nmap scan on port “22” during your scan and its closed. Which might then be opened tomorrow for probably a technical support. So this is where red team idea comes in handing.

So Phactive runs an Nmap scan every morning at 10am with the use of cron job, it then compares the result of Yesterday’s scan result with Todays result using Ndiff. If they are any new open ports or changes in the scan it’s send a report of the new findings to your specified Telegram bot.

This is a very basic red teaming script that runs nmap every day at 10AM using cronjon that Scans 0-65535 with "-A -Pn -v -T4 -F -sV" Flags then uses ndiff to compare the result. If there's any difference it send's a notification to your specified Telegram bot about new ports discovered.

Download, setup, and usage

You must have Nmap and Ndiff Installed

git clone https://github.com/Phexcom/phactive.git /opt/phactive

sudo nano /opt/phactive/main.sh

Add the host you want to scan and monitor

TARGETS="127.0.0.1" # Target eg: (Ex: scanme.nmap.org, microsoft.com/24, 192.168.0.1; 10.0.0-255.1-254)

Add your telegram chat id and Token

chat_id="<Telegram chat id>" # Telegram Chat id tg_token="<Telegram Bot Token" # Telegram bot Token

To setup a telegram token and chat id Check out this Post

Setup a cron job

Once you done with the setup. You can run a cron job that runs every morning at 10am or your desirable time. Here is an Example:

sudo nano /etc/crontab

Then copy and paste then save

00 10 * * * root bash /opt/phactive/main.sh

If you have any contribution to make the script better, Please leave it in the Comment below.