• Stars
    star
    124
  • Rank 281,456 (Top 6 %)
  • Language
    Go
  • License
    GNU General Publi...
  • Created over 3 years ago
  • Updated almost 3 years ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Erebus is a fast tool for parameter-based vulnerability scanning using a Yaml based template engine like nuclei.


Erebus

Fast and customisable parameter based vulnerability scanner based on simple YAML Rules

How • Install • Templates • Interceptor • Usage • Join Discord


Erebus is used to test every parameter across targets based on Yaml templates leading to zero false positives and providing fast scanning on large number of hosts. Erebus offers many useful features including an intercepting proxy which allows researchers to browse the web, click on links and erebus will test every parameter that passes through the proxy.

We have a dedicated repository that houses various types of vulnerability templates.

How templates work

yaml-templates-flow

Install Erebus

â–¶  GO111MODULE=off go get -u -v github.com/ethicalhackingplayground/erebus/erebus

Install Templates

â–¶  erebus -ut

Erebus Templates

Erebus has had built-in support for automatic update/download templates (https://github.com/ethicalhackingplayground/erebus/releases/latest). Erebus-Templates project provides a community-contributed list of ready-to-use templates that can be used with part of your testing.

You may use the -ut flag to update the nuclei templates at any time.

Setup Erebus Interceptor

Make sure to setup a proxy in your browser before you use the erebus interceptor for firefox go to

â–¶ Settings â–¶ General â–¶ Network Settings â–¶ Manual proxy configuration

type in 127.0.0.1 in HTTP Proxy then for the port type in 8080 make sure to enable Also use this proxy for FTP and HTTPS

Install the SSL Certificates to use HTTPS

I have provided the certificates for you to use for HTTPS testing, all you need to do is install these by:

â–¶ Settings â–¶ Privacy & Security â–¶ Certificates â–¶ View Certificates â–¶ Import â–¶

Select the .crt file in the erebus directory and proceed by trusting and installing.

Usage

erebus -h

This will display help for the tool. Here are all the switches it supports.

👉 erebus help menu 👈
Usage of erebus:
  -burp-sitemap string
        scan burp xml sitemap (without base64 decoded)
  -c int
        the number of concurrent requsts (default 100)
  -crawl
        crawl through each intercepted request
  -depth int
        the crawl depth (default 5)
  -interceptor
        intercept the requests through the proxy and test each parameter
  -o string
        output results to a file
  -p string
        the port on which the interception proxy will listen on (default "8080")
  -scope string
        the scope for the proxy intercetor
  -secure
        determaines if the connection is secure or not
  -silent
        silent (only show vulnerable urls)
  -t string
        use the templates with all our yaml rules instead
  -tc string
        Use other tools by executing an os command (default "qsreplace")
  -ut
        Install or update the erebus-templates

Usage

Here are a few examples on how to use the erebus scanner for part of your testing.

Intercept and Crawl on HTTP

Scanning for XSS vulnerabilities using the intercepting proxy with all of paypal inscope while crawling on HTTP domains.

â–¶ erebus -t erebus-templates/xss-reflected.yaml -interceptor -crawl -scope ".*.\.paypal.com"

Intercept and Crawl on HTTPS

Scanning for XSS vulnerabilities using the intercepting proxy with all of paypal inscope while crawling on HTTPS domains.

â–¶ erebus -t erebus-templates/xss-reflected.yaml -interceptor -crawl -secure -scope ".*.\.paypal.com"

Tool Chaining Usage

Scanning for XSS vulnerabilities across range of subdomains using subfinder and Gau

â–¶ echo "paypal.com" | gau | erebus -t erebus-templates/xss-reflected.yaml

Scan subdomains from a file in the format https:// or http://

â–¶ cat alive | gau | erebus -t erebus-templates/xss-reflected.yaml

asciicast

License

Erebus is distributed under GPL-3.0 License

Join Discord

More Repositories

1

ssrf-king

SSRF plugin for burp Automates SSRF Detection in all of the Request
Java
528
star
2

bxss

Go
182
star
3

TProxer

A Burp Suite extension made to automate the process of finding reverse proxy path based SSRF.
Python
170
star
4

ssrf-tool

Go
141
star
5

Bug-Bounty-Tools

The tools I have programmed to help me with bugbounty's
Python
111
star
6

wordlistgen

Generates target specific word lists for Fuzzing with fuff
Go
106
star
7

pathbuster

A path-normalization pentesting tool.
Rust
103
star
8

Zin

A Payload Injector for bugbounties written in go
Go
72
star
9

dorkX

Pipe different tools with google dork Scanner
Go
57
star
10

SubNuke

Subdomain Takeover tool with web UI
HTML
56
star
11

linkJS

Go
56
star
12

dnsresolver

A Lightning-Fast DNS Resolver written in Rust 🦀
Rust
54
star
13

xsspwn

Cross-Site-Scripting (XSS) Automatic Scanner
Python
43
star
14

mailsploit

Sends some one a malicious payload through smtp and starts a listener with metasploit.
Python
35
star
15

gocrawler

Go
34
star
16

tprox

TProx is a fast reverse proxy path traversal detector and directory bruteforcer.
Go
29
star
17

hrekt

A really fast http prober.
Rust
27
star
18

endzy

Endpoint monitor tool
Go
21
star
19

EvilPhisher

Social Media Phisher
HTML
19
star
20

aem-eye

A very simple AEM detector written in rust.🦀
Rust
17
star
21

erebus-templates

Community curated list of templates for the erebus engine to find security vulnerabilities.
17
star
22

bcaem

Fast AEM scope gathering tool for all your public and private BugCrowd Programs
Go
12
star
23

recon_db_scripts

Creating a Database for Mass Recon
11
star
24

pdtools

Install and upgrade projectdiscovery tools
Shell
10
star
25

corsX

Cross Origin Resource Sharing Scanner (CORS Scanner)
Go
9
star
26

fbkiller

Brute Forces A Facebook Account
Python
6
star
27

hostparser

A very fast hostparser.
Rust
6
star
28

facebookscraper

Python
3
star
29

hakku

Hakku is a android take over tool using various deployment options.
Python
2
star
30

specter

SMTP Password Bruteforcer
Python
2
star
31

subdomaintakeover

HTML
1
star
32

sha1decryper

Attempts to crack a sha1 hash
Python
1
star
33

nextjs-blog-theme

JavaScript
1
star
34

native-mockups

HTML
1
star
35

ethicalhackingplayground

1
star
36

JsX

Recon your way through java script with this tool finding subdomains, parameters, sinks & relative paths.
1
star
37

documents.uber.com

1
star
38

Electron-Boilerplate

CSS
1
star