@Nitrax and @zSec have jumped in and been a tremendous help lately. We’ve pushed through a few bugs, tightened up the core a bit, and the guys have started work on expanding my nmap lego into a full-blown net-tools package.
@pry0cc and friends have started a great discussion in an issue on the repo about how to even do chatops for attackers while @sprtn has provided good insight into how current tools work, what would be valuable to integrate, and how he does his work.
I would suggest that a module capable of detecting web apps and their versions could be priceless. Something that is very basic to do from a human standpoint, but is fairly difficult to automate.
Being able to detect web apps and versions, you could automatically load up exploits for unpatched versions of the software. Passive shodan scans are possible as well.
I think it would be good to focus mostly on recon. Once we have a solid recon platform in chatops, we can move onto the next steps.
@ricksanchez I’m not a coder as well, but this is the reason why I started learning python. And already with 1 hour of python experience I was able to write a module.
Of course I couldn’t do it without the help of our extremely talented people like @fraq and @Nitrax (thanks again guys!), but I bet you will be able to create something awesome as well.
Just try it, you only can learn from this and this is a really terrific project!
