13

GitHub - s0md3v/Silver: Mass scan IPs for vulnerable services

 4 years ago
source link: https://github.com/s0md3v/Silver
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.

README.md


Silver
Silver

Mass Vulnerability Scanner

68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f72656c656173652f73306d6433762f53696c7665722e737667 68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f6973737565732d636c6f7365642d7261772f73306d6433762f53696c7665722e737667

Introduction

masscan is fast, nmap can fingerprint software and vulners is a huge vulnerability database. Silver is a front-end that allows complete utilization of these programs by parsing data, spawning parallel processes, caching vulnerability data for faster scanning over time and much more.

demo

Features

  • Resumable scanning
  • Slack notifcations
  • multi-core utilization
  • Vulnerability data caching
  • Smart Shodan integration*

*Shodan integration is optional but when linked, Silver can automatically use Shodan to retrieve service and vulnerability data if a host has a lot of ports open to save resources. Shodan credits used per scan by Silver can be throttled. The minimum number of ports to trigger Shodan can be configured as well.

Setup

Downloading Silver

git clone https://github.com/s0md3v/Silver

Requirements

External Programs
Python libraries
  • psutil
  • requests

Required Python libraries can be installed by executing pip3 install -r requirements.txt in Silver directory.

Configuration

Slack WebHook, Shodan API key and limits can be configured by editing respective variables in /core/memory.py

Setting up Slack notifications

  • Create a workspace on slack, here
  • Create an app, here
  • Enable WebHooks from the app and copy the URL from there to Silver's /core/memory.py file.

Run it as root

Silver requires root permission because it uses masscan under the hood which needs to be run as root to do port scanning. Use sudo.

Usage

Before you start

⚠️ Run Silver as root and with python3 i.e. with sudo python3 silver.py <your input>

⚠️ Silver scans all TCP ports by default i.e. ports 0-65535. Use --quick switch to only scan top ~1000 ports.

Scan host(s) from command line

python3 silver.py 127.0.0.1
python3 silver.py 127.0.0.1/22
python3 silver.py 127.0.0.1,127.0.0.2,127.0.0.3
Scan top ~1000 ports
python3 silver.py 127.0.0.1 --quick
Scan hosts from a file
python3 silver.py -i /path/to/targets.txt
Set max number of parallel nmap instances
python3 silver.py -i /path/to/targets.txt -t 4

Support the developer

Liked the project? Donate a few bucks to motivate me to keep writing code for free.

Donate

Contribution

You can contribute to this project by providing suggestions, reporting sensible issues and spreading the word. Pull requessts for the following will not be accepted:

  • Typos
  • coDe qUaLiTY
  • Docker and .gitignore file

report

Recommend

About Joyk


Aggregate valuable and interesting links.
Joyk means Joy of geeK