Cronjobs are useful for scheduling tasks to run automatically at a specified time or interval. In this tutorial, we’ll go over how to set up a cronjob with Docker for recon purposes.
First, add the following line to your
crontab file to run the
cron.sh script every minute: https://crontab.guru/ This is a useful site for cron timings
* * * * * export $(xargs < /app/.env); /app/cron.sh >> /app/log/cron.log 2>&1
This line exports the environment variables specified in the
.env file and runs the
cron.sh script, redirecting the output to the
cron.log file in the
Next, in your
docker-compose.yml file, add the following lines to specify the location of your environment file and create the necessary directories and files:
Now we need the
# Install prerequisites
RUN apt-get update && apt-get install -y \
RUN mkdir /app/
COPY ./ /app/
RUN mkdir -p /app/log/
RUN touch /app/log/cron.log
RUN cp /app/cronjob /etc/cron.d/cronjob
RUN chmod 644 /etc/cron.d/cronjob
RUN crontab /etc/cron.d/cronjob
RUN chmod +x /app/recon.sh
# Creating entry point for cron
CMD ["cron", "-f"]
The last command you’ll need to start the cron is below and you can tail the log file with as well.
docker-compose up -d
tail -n0 -f ./log/cron.log
That’s it! Your cronjob should now be set up and running with Docker. Don’t forget to set up your environment variables in the
.env file and create the necessary scripts and files. I plan to make my recon script opensource soon so follow for that. Until then, here are some examples below.
- Subdomain Takeover tools such as MX Takeover
WP Scan, a WordPress vulnerability scanning tool, can be run on a regular basis using a cronjob to ensure that you’re always aware of any potential vulnerabilities or weaknesses in your systems.
You can set up a cronjob to run a subdomain enumeration tool, such as Findomain, on a regular basis. This can help them stay up-to-date on the subdomains of a target organization and potentially discover new attack surfaces.
Researchers can use tools like Nmap or Zmap to scan a network for open ports and services. A cronjob can be set up to run these scans at regular intervals, allowing you to track changes in the network over time.
- SSL certificate expiration monitoring
You can use tools like SSLScan to check the expiration dates of SSL certificates on target domains. A cronjob can be set up to run these checks regularly, ensuring that researchers are notified of any upcoming certificate expiration events.
- Automatic Burp Suite scans
A cronjob can be set up to run these scans on a regular basis, allowing you to track the security of an application over time.
- Periodic scans for sensitive data
You can periodically check for sensitive data that might have been left exposed. By setting up a cronjob that runs a tool like grep or truffleHog (a tool for identifying sensitive data in Git repositories), you can ensure that you don’t miss any potential targets.
There are many tools out there than have a direct benefit from being automated in a cronjob. That’s why soon I hope to release my recon script on Github that I’ve been working on. It will have a decent amount of what I mention here but it’s more focused on web pentesting as compared to network pentesting.
My Twitter: https://twitter.com/adamjsturge
If you enjoy reading stories like these and want to support me as a writer, consider signing up to become a Medium member. It’s $5 a month, giving you unlimited access to thousands of articles, including my own. If you sign up using my link, I’ll earn a small commission with no extra cost to you.