dutchcoders/ares dutchcoders/ares

  • Stars
    star
    120
  • Rank 295,983 (Top 6 %)
  • Language
    Go
  • License
    Apache License 2.0
  • Created almost 8 years ago
  • Updated over 6 years ago
Twitter logo Share LinkedIn logo Share Facebook logo Share
dutchcoders/ares
github

dutchcoders

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Phishing toolkit for red teams and pentesters.

Ares Gitter Go Report Card Docker pulls Build Status

Phishing toolkit for red teams and pentesters. Ares allows security testers to create a landing page easily, embedded within the original site. Ares acts as a proxy between the phised and original site, and allows (realtime) modifications and injects. All references to the original site are being rewritten to the new site. Users will use the site like they'll normally do, but every step will be recorded of influenced. Ares will work perfect with dns poisoning as well.

Getting started

Docker

Make sure the config toml is at the right location and valid.

docker run -d -p 8080:8080 --name ares -v $(pwd)/config.toml:/etc/ares.toml dutchcoders/ares

Now you can navigate to http://wikipedia.lvh.me:8080/. If you want all results to be written to Elasticsearch, don't forget to setup the Elasticsearch cluster.

Installation from Source

If you do not have a working Golang (1.7) environment setup please follow Golang Installation Guide.

$ git clone https://github.com/dutchcoders/ares.git
$ go run main.go -c config.toml

Features

  • realtime 1 to 1 of original site
  • modify specific paths to return static (rendered as Go template) files
  • create redirects (short urls)
  • inject scripts into target site
  • support ssl (using lets encrypt)
  • multiple targets / hosts
  • enhanced filtering on path, method, ip addresses and useragent
  • all requests and responses are being logged into Elasticsearch
  • all data is being stored for caching / retrieval

Todo

  • create small frontend for configuration, monitoring and dashboard
  • send emails from toolkit

Injects

The injects can be inserted in the target site, currently we have the following injects:

  • location will ask the client for longitude and latitude and post to server
  • snap will generate screenshots and post to server
  • clipboard will copy text from clipboard and post to server

Configuration

See config.toml.sample for a sample configuration file.

Gophish

Ares will work seamless with Gophish, where you'll use Ares for the landing page functionality.

Contribute

Contributions are welcome.

Setup your Ares Github Repository

Fork Ares upstream source repository to your own personal repository. Copy the URL for ares from your personal github repo (you will need it for the git clone command below).

$ mkdir -p $GOPATH/src/github.com/ares
$ cd $GOPATH/src/github.com/ares
$ git clone <paste saved URL for personal forked ares repo>
$ cd ares

Developer Guidelines

Ares community welcomes your contribution. To make the process as seamless as possible, we ask for the following:

  • Go ahead and fork the project and make your changes. We encourage pull requests to discuss code changes.

    • Fork it
    • Create your feature branch (git checkout -b my-new-feature)
    • Commit your changes (git commit -am 'Add some feature')
    • Push to the branch (git push origin my-new-feature)
    • Create new Pull Request

  • If you have additional dependencies for Ares, Ares manages its dependencies using govendor

    • Run go get foo/bar
    • Edit your code to import foo/bar
    • Run make pkg-add PKG=foo/bar from top-level directory

  • If you have dependencies for Ares which needs to be removed

    • Edit your code to not import foo/bar
    • Run make pkg-remove PKG=foo/bar from top-level directory

  • When you're ready to create a pull request, be sure to:

    • Have test cases for the new code. If you have questions about how to do it, please ask in your pull request.
    • Run make verifiers
    • Squash your commits into a single commit. git rebase -i. It's okay to force update your pull request.
    • Make sure go test -race ./... and go build completes.

  • Read Effective Go article from Golang project

    • Ares project is fully conformant with Golang style
    • if you happen to observe offending code, please feel free to send a pull request

Creators

Remco Verhoef (DutchSec)

Copyright and license

Code and documentation copyright 2017 Remco Verhoef.

Code released under the Apache license.

Disclaimer

Here should come an appropriate disclaimer, no warranties and Ares shouldn't be used for malicious intent.

More Repositories

1

transfer.sh

Easy and fast file sharing from the command-line.
Go
15,183
star
2

slackarchive

Archiver for Slack Teams
Go
300
star
3

goftp

Golang FTP library with Walk support.
Go
279
star
4

marija

Data exploration and visualisation for Elasticsearch and Splunk.
Go
234
star
5

cloudman

Textual user interface to manage ec2 instances.
Rust
145
star
6

sshproxy

Golang library to proxy ssh connections
Go
104
star
7

elasticsearch-api.info

CSS
93
star
8

go-clamd

Interface to clamd (clamav daemon). You can use go-clamd to implement virus detection capabilities to your application.
Go
90
star
9

XMLGen

XMLGen is a tool for generating native Golang types from XML.
Go
77
star
10

transfer.sh-web

JavaScript
68
star
11

anam

Mass scanning the internet (http and https) using a raw tcpstack.
Go
60
star
12

gister

Manage your gists from the command-line.
Go
60
star
13

aws-api.info

aws-api.info
JavaScript
57
star
14

durable

Persist to disk channel for Go.
Go
46
star
15

troje

Troje is a honeypot built around lxc containers. It will run each connection with the service within a seperate lxc container.
Go
45
star
16

stacktray

Manage your cloud (AWS) instances from the status bar on Mac OS X. With StackTray you can connect to instances, reboot, start, stop, copy addresses to clipboard and more to come.
Swift
36
star
17

lootbox

Lootbox downloads open directories shared on Twitter.
Go
35
star
18

trace

System tracer implementation in Rust
Rust
33
star
19

elastico

Commandline tool for Elasticsearch
Go
29
star
20

elasticofs

Browse Elasticsearch like a filesystem.
Go
29
star
21

netstack

Custom network stack in Go
Go
28
star
22

ct

Index all certificates from certificate transparancy into Elasticsearch
Go
24
star
23

gossdeep

Go
20
star
24

homographs

Homographs: brutefind homographs within a font
Go
19
star
25

identify

Identify web application versions
Go
19
star
26

forensics-sqlite

Dumps frames of the -wal (write ahead log) file of sqlite databases.
Python
18
star
27

go-ouitools

Golang tools to work with Mac addresses and oui. Includes oui database to resolve to vendor.
Go
16
star
28

geodig

Command line tool for looking up Geolocation info for an ip address.
Go
16
star
29

gonest

Golang NEST library
Go
15
star
30

db2es

MySQL export to Elasticsearch
Go
15
star
31

gopacket-80211

Extra gopacket layers for Radiotap and 802.11 (has been integrated in Gopacket)
Go
14
star
32

usbdetective

Usb Detective for MacOS will warn if (malicious) human interface devices are inserted.
Swift
14
star
33

go-virustotal

VirusTotal public api interface implementation in Golang.
Go
14
star
34

hodor

hodor: nginx web application firewall
Lua
14
star
35

smtpd

SMTPD: simple smtpd library for Go
Go
13
star
36

vulndb

Vulndb is a command line tool for searching the NIST Vulnerability Database
Go
13
star
37

letshttps

Automatically requests Lets Encrypt certificates and forwards to webserver. Add ssl to every website.
Go
12
star
38

marija-web

TypeScript
12
star
39

tradecollector

Import all trades from Bitfinex, BTC-E, MtGox, BTC-China, OKCoin and more.
Go
12
star
40

disassembler

Simple disassembler in Go using Capstone engine and DWARF support
Go
12
star
41

swiss

Swiss army knife for (web) security specialists.
Go
12
star
42

godex

Android DEX file analyzer library. With this go library you can extract metadata from DEX (Dalvik) java class files.
Go
11
star
43

extract-riff

Extracts data for Lego RIFF files.
Python
11
star
44

slackarchive-bot

Archivebot for SlackArchive
Go
9
star
45

vncscan

OCR open VNC framebuffers to console
Go
8
star
46

gopastebin

Pastebin Scraping API in Go
Go
8
star
47

slackarchive-docker

Docker compose to run full SlackArchive stack
JavaScript
8
star
48

evtxparser

Evtxparser for Microsoft Evtx
Go
7
star
49

goguard

Just a simple reload-on-change guard for processes.
Go
7
star
50

releaser

Golang library to check for new releases.
Go
7
star
51

nest

Command line interface to Nest
Go
7
star
52

setupapi

Windows SetupAPI library for Golang
Go
7
star
53

northpole

Northpole: an experimental and work in progress sync server for Santa.
Go
7
star
54

cloudpings

Check the latency between regions of cloudproviders and your location.
JavaScript
7
star
55

slackbot

Slackbot implementation library for Go. Easy creation of new SlashCommands and Bots.
Go
6
star
56

sslscanner

Go
6
star
57

moon

Monitor different outputs from one console
Go
6
star
58

slackarchive-app

The web application for SlackArchive
Vue
6
star
59

go-visualiser

Visualise relations within Golang applications
Go
6
star
60

gogreynoise

Golang client for greynoise.io
Go
6
star
61

gowebdriver

Go WebDriver library
Go
6
star
62

imapclone

imapclone exports messages from imap mailboxes to elasticsearch
Go
6
star
63

dbwrapper

Golang database wrapper.
Go
6
star
64

slackarchive-import

Slackarchive: import archives into Slackarchive
Go
6
star
65

checkmail

Check domain and email security settings.
Go
6
star
66

gobus

Golang event bus
Go
5
star
67

godnsbl

Interface for querying DNSBL using GO.
Go
5
star
68

htmlq

HtmlQ will filter the html stdin using css queries.
Go
5
star
69

candlestick

Candlestick component using HTML5 Canvas.
4
star
70

rotate

Rotate output of command on current screen.
Go
4
star
71

esalert

Elasticsearch alerting service to Slack
Go
4
star
72

gostrings

Go
4
star
73

elftools-rust

Elftools for Rust
Rust
3
star
74

xkcdbot

XKCDbot for Slack
CSS
3
star
75

elasticsearch-cloudaws-plugin

3
star
76

minio-scripts

3
star
77

angular-tour

Angular tour based on Introjs
CSS
3
star
78

gomisp

Golang client for interfacing with MISP
Go
3
star
79

merger

Golang merge objects
Go
3
star
80

git-partial-hooks

Split up git hooks into multiple files.
Shell
3
star
81

Crop.js

Crop your images like twitter does!
JavaScript
3
star
82

ifconfig.tools

CSS
3
star
83

dutchcoders-web

Our website in full glory, in open source. Use however you like.
PHP
3
star
84

agologo

Go
2
star
85

slackarchive-init

Docker initialisation for Slackarchive
Shell
2
star
86

gotimer

Timer library for go. Will call function after timeout.
Go
2
star
87

gopulsaradmin

Go
2
star
88

metadata

Go
2
star
89

github-webhook-test

github-webhook-test
2
star
90

slackbot-pick

The /pick slackbot helps you with all difficult choices you have to make.
Go
2
star
91

eight-spice-chrome

Chrome extension to extend each website the way you want.
JavaScript
2
star
92

essw

ESSW stands for extreme-simple-static-webserver. A simple multiplatform static webserver to be used for testing static sites.
Go
2
star
93

mockingbird

Go framework for testing services.
Go
2
star
94

gotransmission

Transmission RPC Library for Go
Go
2
star
95

homebrew-marija

Homebrew formula for Marija
Ruby
2
star
96

nginx-lua-modules

Collection of lua modules for use with Nginx or OpenResty
Lua
2
star
97

minio-docker

2
star
98

ares-web

JavaScript
2
star
99

homebrew-minio-server

Ruby
2
star
100

goclef

Go implementation for Clef API
Go
2
star