ATpiu / Asset Scan
Licence: mit
asset-scan是一款适用甲方企业的外网资产周期性扫描监控系统
Stars: ✭ 149
Projects that are alternatives of or similar to Asset Scan
Nmap
Nmap - the Network Mapper. Github mirror of official SVN repository.
Stars: ✭ 5,792 (+3787.25%)
Mutual labels: service-discovery, nmap, port-scanner
Sandmap
Nmap on steroids. Simple CLI with the ability to run pure Nmap engine, 31 modules with 459 scan profiles.
Stars: ✭ 1,180 (+691.95%)
Mutual labels: service-discovery, nmap, port-scanner
findssh
Asyncio concurrent Python finds SSH servers (or other services with open ports) on an IPv4 subnet, WITHOUT NMAP
Stars: ✭ 36 (-75.84%)
Mutual labels: nmap, port-scanner
NSE-scripts
NSE scripts to detect CVE-2020-1350 SIGRED and CVE-2020-0796 SMBGHOST, CVE-2021-21972, proxyshell, CVE-2021-34473
Stars: ✭ 105 (-29.53%)
Mutual labels: nmap, vulnerability-detection
Silver
Mass scan IPs for vulnerable services
Stars: ✭ 588 (+294.63%)
Mutual labels: nmap, port-scanner
nmap-formatter
A tool that allows you to convert NMAP results to html, csv, json, markdown, graphviz (dot). Simply put it's nmap converter.
Stars: ✭ 129 (-13.42%)
Mutual labels: nmap, port-scanner
ObsidianSailboat
Nmap and NSE command line wrapper in the style of Metasploit
Stars: ✭ 36 (-75.84%)
Mutual labels: service-discovery, nmap
Hellraiser
Vulnerability scanner using Nmap for scanning and correlating found CPEs with CVEs.
Stars: ✭ 413 (+177.18%)
Mutual labels: nmap, vulnerability-detection
Serverscan
ServerScan一款使用Golang开发的高并发网络扫描、服务探测工具。
Stars: ✭ 674 (+352.35%)
Mutual labels: service-discovery, nmap
Awesome Internet Scanning
A curated list of awesome Internet port and host scanners, plus related components and much more, with a focus on free and open source projects.
Stars: ✭ 130 (-12.75%)
Mutual labels: nmap, port-scanner
Vulscan
Advanced vulnerability scanning with Nmap NSE
Stars: ✭ 2,305 (+1446.98%)
Mutual labels: nmap, vulnerability-detection
RedTeam toolkit
Red Team Toolkit is an Open-Source Django Offensive Web-App which is keeping the useful offensive tools used in the red-teaming together.
Stars: ✭ 301 (+102.01%)
Mutual labels: service-discovery, nmap
Seccubus
Easy automated vulnerability scanning, reporting and analysis
Stars: ✭ 615 (+312.75%)
Mutual labels: nmap, vulnerability-detection
Eternalview
EternalView is an all in one basic information gathering and vulnerability assessment tool
Stars: ✭ 118 (-20.81%)
Mutual labels: nmap, vulnerability-detection
Pbscan
Faster and more efficient stateless SYN scanner and banner grabber due to userland TCP/IP stack usage.
Stars: ✭ 122 (-18.12%)
Mutual labels: nmap, port-scanner
Nwatch
🔍 Tool for - Host Discovery, Port Scanning and Operating System Fingerprinting
Stars: ✭ 127 (-14.77%)
Mutual labels: nmap
Reconnoitre
A security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing.
Stars: ✭ 1,824 (+1124.16%)
Mutual labels: nmap
Cve Search
cve-search - a tool to perform local searches for known vulnerabilities
Stars: ✭ 1,765 (+1084.56%)
Mutual labels: vulnerability-detection
asset-scan
简介
asset-scan用于甲方企业外网资产进行周期性扫描监控,对资产新增的端口服务进行自动化未授权访问/弱口令爆破检测并进行实时告警, 便于企业对外网暴露的攻击面进行收敛
结合kibana,使用者可随时搜索企业外网资产暴露的端口、服务和版本等信息;制作各类统计图,进行开放端口统计、新增服务版本分析和资产扫描耗时统计等; 使用Dashboard进行内部汇报展示等
目前支持ssh、redis、mysql、ftp、mongodb、postgresql和mssql七种服务的弱口令爆破,另外支持mongod、redis和
memcached的未授权访问测试
请使用者遵守《中华人民共和国网络安全法》,勿用于非授权的测试。
功能特点
- 周期性扫描监控
- 自动化未授权访问/弱口令爆破
- 支持扫描速度、白名单、配置热更新和告警控制
- 搜索、自定义统计图、多维度分析、结果导出EXCEL
图例展示
配合Kibana强大的分析统计功能,各位可自定义其它统计图和表盘
配置文件说明
nmap:
path: #不指定则使用系统默认的nmap
masscan:
path: #不指定则使用系统默认的masscan
rate: 5000 #masscan扫描速度,不建议设很大
es:
address: 127.0.0.1:9200 #elasticsearch地址
scan:
ipFile: ip.txt #包含扫描的ip范围文件,文件内容格式参照nmap -iL参数所支持的格式
ipexcludeFile: ipExclude.txt #包含需排除的ip范围文件,文件内容格式参照nmap --excludefile参数所支持的格式
port: 1-65535 #扫描端口范围
mas_num: 1 #同时可运行的最大masscan数
nmap_num: 20 #同时可运行的最大nmap数
userDict: user.txt #对服务进行弱口令爆破的用户名字典
passwordDict: password.txt #对服务进行弱口令爆破的密码字典
scan_interval: 30 #扫描间隔,单位:秒
observe:
switch: on #观察者模式开关:(1)开启:on (2)关闭:off
mail: #告警邮箱设置,若观察者模式始终开启,则可忽略邮箱配置
host: xxx.xxx.com
port: 123
username: [email protected]
password: xxx
from: [email protected]
to: ["[email protected]","[email protected]"]
运行指南
- Linux环境运行,需要Nmap、Masscan、Es和Kibana 5.6.x版本,安装指南详见:安装指南
- 所需组件安装完毕后,从release中下载压缩包,对config.yaml进行配置,ip.txt中填入要扫描的IP段(格式参照nmap -iL参数所支持的格式),之后可直接输入
./asset-scan运行 - 扫描初期,建议将config.yaml中的观察者模式开关设为
on,避免造成告警轰炸(有新服务对外开放或暴力破解成功会发告警邮件) - ipExclude.txt中为要排除扫描的IP段,user.txt和password.txt分别为用户名字典和密码字典
kibana图表模板
- 有一些同学联系到作者希望能提供kibana图表模板,因此作者提供一个自己的kibana图表模板,方便大家查看效果及参考学习,详见:图表模板
Es字段说明
目前Es中有5个type:
-
result
包含每次资产基础探测扫描的数据:
-
scanhistory
包含每次扫描的开始时间和结束时间
-
addhistory
与最近一次扫描历史区间相比,新增的端口服务
-
uphistory
与最近一次扫描历史区间相比,同一资产(具有相同IP、端口和协议)服务的更新情况
-
bruteforce
包含对资产服务的未授权访问/暴力破解记录
讨论
与本项目有关的想法建议可联系作者,也欢迎一起讨论甲方安全建设/乙方安全服务/工控安全等
备注:github
Note that the project description data, including the texts, logos, images, and/or trademarks,
for each open source project belongs to its rightful owner.
If you wish to add or remove any projects, please contact us at [email protected].