[vc_row type=”in_container” full_screen_row_position=”middle” scene_position=”center” text_color=”dark” text_align=”left” overlay_strength=”0.3″][vc_column column_padding=”no-extra-padding” column_padding_position=”all” background_color_opacity=”1″ background_hover_color_opacity=”1″ width=”2/3″ tablet_text_alignment=”default” phone_text_alignment=”default”]
One tool that simplifies the Penetration Test process of network infrastructures.
SPARTA is a python GUI application which simplifies network infrastructure penetration testing by aiding the penetration tester in the scanning and enumeration phase. It allows the tester to save time by having point-and-click access to his toolkit and by displaying all tool output in a convenient way. If little time is spent setting up commands and tools, more time can be spent focusing on analysing results.
Some features of SPARTA:
- Allows you to run nmap from SPARTA or import to XML output.
- It allows to execute nmap in a transparent and stepped way: obtaining results quickly and obtaining a complete coverage.
- Configurable contextual menu for each service. You can configure what to run in the services. Any tool that can be executed from a terminal, can be executed from SPARTA.
- Any script or tool can be run on a service to all hosts, with just a mouse click.
- Define automated tasks for services (ie Run nikto on each HTTP service or sslscan on each ssl service).
- Default credentials check most common services. Of course, this can also be configured to run automatically.
- Identify the reuse of the password in the proven infrastructure. If any of the usernames and passwords are found by Hydra, they are stored in lists of internal words that can be used in other objectives of the same network.
- Ability to dial the hosts you have worked with so you do not waste time trying again.
- Allow screenshots of websites to waste time on less interesting web servers.
- At the moment, SPARTA can be configured by editing the “sparta.conf” file located in the SPARTA root folder. At launch, SPARTA checks to see if this file exists, and if not, a new file is created with default values. Apart from the tools, it is not advisable to remove any line of “sparta.conf” as it could break functionality. Also, note that the setting values are case-sensitive.
SPARTA separates actions in classes:
- Host actions are invoked by right-clicking on a host and the output of the invoked tools will be stored and displayed in SPARTA
- Port actions are invoked by right-clicking on a port or service and their output from the invoked tools will be stored and displayed in SPARTA (for example: Nikto)
- Terminal actions are invoked by right-clicking on a port and generating an external terminal window (for example: Connect with netcat).
It is recommended that Kali Linux is used as it already has most tools installed, however SPARTA would most likely also work in Debian based systems.
apt-get install python-elixir
Ubuntu 12.04+ (untested)
apt-get install python-elixir python-qt4 xsltproc
Other than these, the following tools are required for SPARTA to have its minimum functionality:
– nmap (for adding hosts)
– hydra (for the brute tab)
– cutycapt (for screenshots)
In Kali Linux these can be installed with:
apt-get install nmap hydra cutycapt
In Kali, to ensure that you have all the tools used by SPARTA’s default configuration use:
apt-get install ldap-utils rwho rsh-client x11-apps finger
Please clone the latest version of SPARTA from github:
git clone https://github.com/secforce/sparta.git
Alternatively, download the latest zip file here.
learn, learning, the best security practice, ethical hacking, IT, Admin, Administrator, Server, User, Kali Linux, Phone, Download, Blog, WordPress, Free, Lab, Pentest, Pentester, Sparta, Penetration, Testing, Pentest, Network