While Penetration testing report is the key deliverable in any security assessment activity, penetration testers may find the report making a time-consuming and boring process. To simplify the task of report making, you will need to use the tools available in Kali Linux. The MagicTree is a penetration tester productivity tool. Because of its tree structure and its awesome data managing and reporting is called MagicTree. It allows data consolidation, querying, external command execution, and (yeah!) report generation. This article presents Introducing And Install MagicTree On Kali Linux. To find your desired package, visit Eldernode and purchase a cheap but VIP Linux VPS.
Table of Contents
Introducing MagicTree On Kali Linux
Kali Linux is a Linux-based Operating System, mostly used in penetration testing. There are different types of tools that are present in Kali Linux to perform different operations. One of them is the Reporting tool that is designed to develop statistics and information to help in analyzing. In this section, you will learn about the MagicTree data management and reporting tool that helps you to execute commands and export the results as a report. In case you have already used or heard, MagicTree is similar to Dradis, Faraday IDE, and Pipal.
The MagicTree is a Java program classic desktop application. it will structure the data according to the real-world object it describes. There is no server, no database, and no listening sockets. But it manages data through tree-structured nodes, which are particularly effective for managing host and network data. MagicTree stores data in a tree structure. To do this, it has several nodes to store data such as Branch node, Simple node, Text node, Data node, XML data node, Picture node, and Summarize nodes. It also allows saving queries and commands to be reused in future projects.
MagicTree Features
This tool has some unique features like data querying and command execution that allow users to extract the necessary data from the tree and feed it to command-line tools. MagicTree allows you to import XML data and has XSLT transforms for Nmap, Nikto, Nessus, Burp, OpenVAS, Qualys, and Imperva Scuba. Let’s see more of MagicTree features:
1- Automatic creation of nodes from netblock address
2- Drag and drop objects from the tree
3- Launch CLI-based tools (Nmap, Nikto, …) from MagicTree
4- Import results from other tools (Nessus, …)
5- Sort findings by severity
6- Generate reports (*.odt, *.docx)
7- Adding file attachments to nodes
8- Searching data in the tree
9- Supports running shell commands straight from the GUI, capturing command output
10- Allows querying the collected data and feeding it to shell commands
How To Install MagicTree On Kali Linux
MagicTree is pre-installed on Kali Linux and located under the “Reporting Tools” category.
You can install MagicTree by running the command below:
sudo apt-get install magictreeHow to Use MagicTree on Kali Linux
MagicTree follows the tree node structure to manage the host and related data. Join us with this section to learn how to use Magic Tree.
Step 1:
To launch the Kali-Linux tools, click on “Applications” and go to “Reporting Tools”. Then, click on “MagicTree”.
*
Step 2:
Then, navigate to ”File”, ”Open”, and select the files to upload.
*
Step 3:
Magic Tree will map all the data into the tree node structure.
Step 4:
You will be able to see the data further on expanding individual nodes:
MagicTree Querying on Kali Linux
This tool allows querying the collected data and feeding it to shell commands. Select any data from the above table. There are different queries available:
Q*: Run a query that selects all nodes of the same type as the currently selected node. For example, if we select OS and click the “Q*” button, it will list all nodes with the type “OS”. Look at all nodes with OS details below.
The query ran to fetch the data is present under the “Query” field. So, you can modify the query as per your requirements:
To list all the nodes with type “OS” and text ”Microsoft Windows 7”, you can select OS and click the “Q1” button. Here, you can see all the hosts with the same OS:
In this way, you extract the necessary data from the tree and feed it to the command-line tool.
MagicTree is to be able to run Nmap from the user interface. To do this, Right-click on the ”test data” note, go to ”Create child” and click the ”Simple node” option.
Now, enter the host details and press enter:
Next, click the ”Q1” query button, enter the following Nmap command in the ”Command” field and click the ”Run” button:
At this point, the Nmap scan has started. You can see a newly created task at the bottom left of the screen while the upper highlighted part shows the status of the task:
To check the scan status, you need to click the ”Console” button and access it:
When the scan is finished, you will see the log and XML output under the ”task” node:
Now, click on the ”xmlData” and then click the ”Merge XML data” button to merge the result into the current tree:
The result of the scan is added to your desired host:
Magic Tree has the option to generate the report in Word format. So, you can select a node, navigate to ”Report”, and click the ”Generate report…” option to generate the report.
Then, browse through the available report templates, select one, and click the ”Generate Report” button:
Navigate to a location to extract the report:
Finally, the Word report is downloaded and can be accessed:
*
Conclusion
In this article, MagicTree was introduced to you and you learned How to Install and Use it. If you are using any alternative, discuss their differences with your friends on Community.
