0x4D31/salt-scanner 0x4D31/salt-scanner

  • This repository has been archived on 27/Feb/2020
  • Stars
    star
    262
  • Rank 156,136 (Top 4 %)
  • Language
    Python
  • License
    Other
  • Created over 7 years ago
  • Updated about 7 years ago
Twitter logo Share LinkedIn logo Share Facebook logo Share
0x4D31/salt-scanner
github

0x4D31

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Linux vulnerability scanner based on Salt Open and Vulners audit API, with Slack notifications and JIRA integration

salt-scanner

A linux vulnerability scanner based on Vulners Audit API and Salt Open, with Slack notifications and JIRA integration.

Features

  • Slack notification and report upload
  • JIRA integration
  • OpsGenie integration

Requirements

  • Salt Open 2016.11.x (salt-master, salt-minion)ยน
  • Python 2.7
  • salt (you may need to install gcc, gcc-c++, python dev)
  • slackclient
  • jira
  • opsgenie-sdk

Note: Salt Master and Minion versions should match. Salt-Scanner supports Salt version 2016.11.x. if you are using version 2017.7.x, replace "expr_form" with "tgt_type" in salt-scanner.py.

Usage

$ ./salt-scanner.py -h

 ==========================================================
  Vulnerability scanner based on Vulners API and Salt Open
 _____       _ _     _____                                 
/  ___|     | | |   /  ___|                               
\ `--.  __ _| | |_  \ `--.  ___ __ _ _ __  _ __   ___ _ __ 
 `--. \/ _` | | __|  `--. \/ __/ _` | '_ \| '_ \ / _ \ '__|
/\__/ / (_| | | |_  /\__/ / (_| (_| | | | | | | |  __/ |   
\____/ \__,_|_|\__| \____/ \___\__,_|_| |_|_| |_|\___|_|   

               Salt-Scanner 0.1 / by 0x4D31               
 ==========================================================

usage: salt-scanner.py [-h] [-t TARGET_HOSTS] [-tF {glob,list,grain}]
                       [-oN OS_NAME] [-oV OS_VERSION]

optional arguments:
  -h, --help            show this help message and exit
  -t TARGET_HOSTS, --target-hosts TARGET_HOSTS
  -tF {glob,list,grain}, --target-form {glob,list,grain}
  -oN OS_NAME, --os-name OS_NAME
  -oV OS_VERSION, --os-version OS_VERSION

$ sudo SLACK_API_TOKEN="EXAMPLETOKEN" ./salt-scanner.py -t "*"

 ==========================================================
  Vulnerability scanner based on Vulners API and Salt Open
 _____       _ _     _____                                 
/  ___|     | | |   /  ___|                               
\ `--.  __ _| | |_  \ `--.  ___ __ _ _ __  _ __   ___ _ __ 
 `--. \/ _` | | __|  `--. \/ __/ _` | '_ \| '_ \ / _ \ '__|
/\__/ / (_| | | |_  /\__/ / (_| (_| | | | | | | |  __/ |   
\____/ \__,_|_|\__| \____/ \___\__,_|_| |_|_| |_|\___|_|   

               Salt-Scanner 0.1 / by 0x4D31               
 ==========================================================

+ No default OS is configured. Detecting OS...
+ Detected Operating Systems:
   - OS Name: centos, OS Version: 7
+ Getting the Installed Packages...
+ Started Scanning '10.10.10.55'...
   - Total Packages: 357
   - 6 Vulnerable Packages Found - Severity: Low
+ Started Scanning '10.10.10.56'...
   - Total Packages: 392
   - 6 Vulnerable Packages Found - Severity: Critical

+ Finished scanning 2 host (target hosts: '*').
2 Hosts are vulnerable!

+ Output file created: 20170622-093138_232826a7-983f-499b-ad96-7b8f1a75c1d7.txt
+ Full report uploaded to Slack
+ JIRA Issue created: VM-16
+ OpsGenie alert created

You can also use Salt Grains such as ec2_tags in target_hosts:

$ sudo ./salt-scanner.py --target-hosts "ec2_tags:Role:webapp" --target-form grain

Slack Alert

Salt-Scanner

TODO

  • Clean up the code and add some error handling
  • Use Salt Grains for getting the OS info and installed packages

[1] Salt in 10 Minutes: https://docs.saltstack.com/en/latest/topics/tutorials/walkthrough.html

More Repositories

1

awesome-threat-detection

โœจ A curated list of awesome threat detection and hunting resources ๐Ÿ•ต๏ธโ€โ™‚๏ธ
3,062
star
2

awesome-oscp

A curated list of awesome OSCP resources
2,159
star
3

fatt

FATT /fingerprintAllTheThings - a pyshark based script for extracting network metadata and fingerprints from pcap files and live network traffic
Python
625
star
4

honeyLambda

honeyฮป - a simple, serverless application designed to create and monitor fake HTTP endpoints (i.e. URL honeytokens) automatically, on top of AWS Lambda and Amazon API Gateway
Python
499
star
5

burpa

Burp-Automator: A Burp Suite Automation Tool with Slack Integration. It can be used with Jenkins and Selenium to automate Dynamic Application Security Testing (DAST).
Python
479
star
6

deception-as-detection

Deception based detection techniques mapped to the MITREโ€™s ATT&CK framework
273
star
7

honeybits

A PoC tool designed to enhance the effectiveness of your traps by spreading breadcrumbs & honeytokens across your systems to lure the attacker toward your honeypots
Go
267
star
8

detection-and-response-pipeline

โœจ A compilation of suggested tools/services for each component in a detection and response pipeline, along with real-world examples. The purpose is to create a reference hub for designing effective threat detection and response pipelines. ๐Ÿ‘ท ๐Ÿ—
219
star
9

sqhunter

A simple threat hunting tool based on osquery, Salt Open and Cymon API
Python
65
star
10

honeyku

A Heroku-based web honeypot that can be used to create and monitor fake HTTP endpoints (i.e. honeytokens).
Python
58
star
11

hassh-utils

hassh-utils: Nmap NSE Script and Docker image for HASSH - the SSH client/server fingerprinting method (https://github.com/salesforce/hassh)
Lua
49
star
12

honeybits-win

Windows version of honeybits - a PoC tool to create breadcrumbs and honeytokens, to lead the attackers to your honeypots!
Go
24
star
13

quick

QUICk - a go library based on gopacket for analyzing QUIC CHLO messages
Go
22
star
14

Presentations

Some of the presentations given by me
15
star
15

0x4d31.github.io

HTML
2
star