Awesome

Contents

• About
• Demo
• Kickoff
• Methodology
• ProTips
• Build
• Adding Modules
• Supporters
• Contact

About

• Think Metasploit, but for external enumeration...
• TireFire is a scalable and straightforward platform to place your operational workflow.
• Based on the terminal emulator Tilix to give a GUI feel with the convenience of CLI.
• The database for TireFire (Main.csv) is easily altered to support your methodologies as they are substituted and appended.
• Great for HTB and OSCP like machines.
• TireFire is a product of 19% security solutions.

Demo

Kickoff

sudo TireFire 10.10.10.5

Methodology

1. Kickoff TireFire (TireFire 10.10.10.5).
2. When prompted, type "Y" to kickoff a Quick, Banner, All-Port, and UDP nmap scan.
3. Depending upon the ports returned, run scans for those ports.
4. Choose lower numbered scans for the corresponding port and then higher ones as you need to get more specific.
5. Change variables as you need to suit your target (Example: HTTP running on port 8500).

ProTips

• Run multiple commands from a table at once by splitting the command numbers with commas. EX: 0,1,2 (Spaces and periods work aswell)
• Ctrl+Z will bring you back to the main TireFire Page.
• Ctrl+PageUp/PageDown will allow you to peruse through open tabs.
• Ctrl+S will split the screen.
• Ctrl+T for a new tab.
• Ctrl+h for help.

Build

git clone https://github.com/CoolHandSquid/TireFire.git
cd TireFire
sudo ./Build.sh

Adding Modules

• Open Main.csv with your favorite csv editor (I'm partial to ModernCSV and Excel).
• When adding a command, keep in mind Name, Port, and Description are for the primary display screen; Cmd_Name, Cmd_Description, Cmd_Command, Cmd_Comment, and SubDisplayOrder are for the secondary display screen.

Special Characters and Syntax

• Cmd_Command has a few special characters including &&&&, #, ##, ?, and {}.

&&&&

• &&&& Anywhere in the command will split the line and start each command individually in separate tabs.
• Example: whoami &&&& id &&&& ifconfig will open three tabs and run the desired command in each. &&&& is useful if you initially run multiple separate commands every time you see a specific port open.

# and ##

• "#" is for sending yourself notes to another tab.
• "#" can be useful if you don't want to run a command, but you want to give yourself copy-paste notes for manual enumeration.
• Set only the first character of the line to # if you want variables to be evaluated.
• Set the first two characters of the line to ## if you do not want variables to be evaluated.

?

• "?" is for sending a question to the user. The responce will be set to a numbered variable.
• You can send multiple lines of questions for multiple variables.
• Example:

?What is the location of the wp-login.php? Example: /Yeet/cannon/wp-login.php
?What is a known password you would like to brute force?
wpscan --url {Web_Proto}://{IP}{1} --enumerate u,tt,t,vp --password {2} -e 

{}

• {} is for grabbing a variable from TireFire.
• Available variables can be viewed in the variables table.

Supporters

Contact

Please contact me at CoolHandSquid32@gmail.com for contribution, suggestions, and ideas!