White Hat Institute

Network scanning and enumeration using Sparta

Sparta is a python based GUI application that streamlines network infrastructure penetration testing by helping the security analyzer in the scanning and enumeration stage.

It enables the analyzer to spare time by having point-and-click access to his toolbox and by showing all tool output conveniently. This application automates scanning, information gathering, and vulnerability assessment with tools like Nikto, WhatWeb, Nmap, Telnet, Dirbuster, and Netcat.

Type “sparta” in the terminal and the GUI version of Sparta will start automatically. Click on the “File” tab and select the “Add host(s) to scope” option.

scanning, enumeration, sparta 1

Sparta can filter a scope of IP addresses on a system; however, it can likewise examine website domain names too. Specify the IP address of your target or provide the network range and click the “Add to scope” button.

sparta 2

The Nmap scan will be launched immediately, examining default ports to check whether anything is open and accessible.

sparta 3

From that point forward, Nmap and Nikto will run a succession of different sweeps taking a gander at less regular ports, and screen captures will endeavor. On the off chance that you open the “Services” tab, you can view services like HTTP, HTTPS, and UPnP; and in the “Tools” tab, you can see the outcomes on the objective scans performed by Nikto and others.

sparta 4

This tool can also perform an SNMP enumeration. As it is shown in the screenshot below, it found a full directory path to the “unix_users.txt” file.

sparta 5

If the target device runs the database server, Sparta will try to enumerate it too. It can retrieve the default usernames/passwords and display them in the main window.

sparta 6

This type of enumeration can be performed on multiple services if they are configured with the default credentials. For instance, our target device runs the FTP service with default credentials, and Sparta was able to retrieve it too.

sparta 7

Sparta’s graphical interface makes it simple to explore various services and ports found by Nikto, Nmap, and Hydra. Anybody new to these devices will acknowledge how Sparta brings them all together in an intuitive, straightforward way. Sparta is fundamental for beginners who need to automate and expand their tool-set.