Cyber Security Pilot
From Chaos to Cadence : A modern approach to cyber security.
At Cyber Security Pilot, we custom-build an ever-evolving, comprehensive framework that brings together industry standards into a clear, actionable roadmap. Our platform not only guides you through best practices for validating and enhancing your security posture but also connects you with a community of peers regardless of size or geography to share insights and solutions. Whether you're managing a small or a large fleet, we simplify the complex world of cyber security so you can focus on what matters most: protecting your organization today and preparing for tomorrow.
External Domain Baseline
DNS record monitoring
Website monitoring
Domain email emumeration
Internal and Process Baseline
Realtime Communication
Device audits for CIS v8 lvl 1, 2 ,3 compliance
Vulnerability scanning
Project Management
Custom Solution Development
Long term projects and custom outcomes.
# Fast alive host discovery
sudo nmap -sn 192.168.0.0/22 -oG ping.gnmap
# Extract alive hosts
grep "Up" ping.gnmap | awk '{print $2}' > alive.txt
# Top 1000 port scan with version detection
sudo nmap -sV --top-ports 1000 -iL alive.txt -oX nmap_services.xml
# Optional: Vulners
sudo nmap -sV --script vulners -iL alive.txt -p22,80,443 -oX vulners.xml
head -n 1 alive.txt | while read ip; do
sudo nmap -sV --script vulners --top-ports 1000 -oX "$ip.xml" $ip
done
#!/bin/bash
customer="techmore"
remote_host="root@159.89.53.69"
remote_dir="/var/www/html/nmap_scans/$customer"
scan_dir="scans"
mkdir -p "$scan_dir"
logfile="scanlog_$(date +%F-%H%M).log"
# create SSH key? Customer name / domain address
[ -f ~/.ssh/id_ed25519 ] || ssh-keygen -t ed25519 -C "admin@techmore.co"
cat ~/.ssh/id_ed25519.pub
# Copy it to Digital Ocean .ssh/authorized keys
# Login, copy and bash curl to bash, sets up client.
curl https://nmap.org/dist/nmap-7.97.dmg -o nmap-7.97.dmg
hdiutil attach nmap-7.97.dmg
sudo installer -pkg /Volumes/Nmap-7.97/Nmap-7.97.mpkg -target /
hdiutil detach /Volumes/Nmap-7.97
nmap --version
curl -o /usr/local/share/nmap/scripts/vulners.nse https://raw.githubusercontent.com/vulnersCom/nmap-vulners/master/vulners.nse
sudo nmap --script-updatedb
while true; do
read -rp "Continue? (y/q): " answer
case "$answer" in
[Yy]) break ;; # Continue the script
[Qq]) echo "Quitting."; exit 0 ;;
*) echo "Please enter 'y' or 'q'." ;;
esac
done
# Step 1: Discover live hosts
echo "[*] Starting ping sweep..." | tee -a "$logfile"
sudo nmap -sn 192.168.0.0/22 -oG ping.gnmap | tee -a "$logfile"
grep "Up" ping.gnmap | awk '{print $2}' > alive.txt
# Step 2: Per-host vuln scan + SCP upload
while read ip; do
ts=$(date +%F-%H%H%M)
outfile="$scan_dir/${ip}_$ts.xml"
echo "[*] Scanning $ip..." | tee -a "$logfile"
if sudo nmap -sV --script vulners --top-ports 1000 -oX "$outfile" "$ip"; then
echo "[+] Scan success: $ip → $outfile" | tee -a "$logfile"
else
echo "[!] Scan failed for $ip" | tee -a "$logfile"
continue
fi
echo "[*] Uploading $outfile to $remote_host:$remote_dir" | tee -a "$logfile"
if scp "$outfile" "$remote_host:$remote_dir"; then
echo "[+] Upload success for $ip" | tee -a "$logfile"
else
echo "[!] Upload failed for $ip" | tee -a "$logfile"
fi
done < alive.txt
#!/bin/bash
# Capture customer name and API key from command-line arguments
CUSTOMER=$1
API_KEY=$2
NETWORK_INTERFACE=${3:-en0}
# Check if arguments are provided
if [ -z "$CUSTOMER" ] || [ -z "$API_KEY" ]; then
echo "Error: Please provide customer name and API key."
echo "Usage: bash <(curl -sSL https://your-server.com/setup.sh)
exit 1
fi
# Step 1: Download Multipass installer
if command -v multipass > /dev/null; then
echo "Multipass is already installed. Skipping installation."
else
echo "Downloading Multipass installer..."
curl -o multipass.pkg -L https://github.com/canonical/multipass/releases/download/v1.16.0/multipass-1.16.0+mac-Darwin.pkg
# Step 2: Install Multipass (requires sudo privileges)
echo "Installing Multipass (you may need to enter your password)..."
sudo installer -pkg multipass.pkg -target /
fi
# Step 3: Create cloud-init.yaml for VM configuration
echo "Configuring VM with Nmap, Vulners, and scanning script..."
cat > cloud-init.yaml <
package_update: true
packages:
- nmap
- curl
write_files:
- path: /etc/scan_config.sh
content: |
CUSTOMER="$CUSTOMER"
UPLOAD_URL="https://scans.yourdomain.com/\${CUSTOMER}/upload"
API_KEY="$API_KEY"
runcmd:
- curl -o /usr/share/nmap/scripts/vulners.nse https://raw.githubusercontent.com/vulnersCom/nmap-vulners/master/vulners.nse
- nmap --script-updatedb
- echo '#!/bin/bash\nsource /etc/scan_config.sh\nwhile true; do\n logfile="scanlog_\$(date +%F-%H%M).log"\n sudo nmap -sn 192.168.0.0/22 -oG ping.gnmap | tee -a "\$logfile"\n grep "Up" ping.gnmap | awk "{print \$2}" > alive.txt\n while read ip; do\n ts=\$(date +%F-%H%M)\n outfile="scan_\$ip_\$ts.xml"\n sudo nmap -sV --script vulners --top-ports 1000 -oX "\$outfile" "\$ip" | tee -a "\$logfile"\n curl -X POST -H "Authorization: Bearer \$API_KEY" -F "file=@\$outfile" "\$UPLOAD_URL" || echo "Upload failed" | tee -a "\$logfile"\n done < alive.txt\n sleep 3600\n done' > /usr/local/bin/scan.sh
- chmod +x /usr/local/bin/scan.sh
- /usr/local/bin/scan.sh
EOF
# Step 4: Launch the VM
echo "Launching VM 'scanner'..."
multipass launch --name scanner --cloud-init cloud-init.yaml --network $NETWORK_INTERFACE
echo "Setup complete! The VM 'scanner' is now running and scanning."
4e3a0c668d60aa3ba9e36cde96d6098f