scantastic-tool

It's bloody scantastic

If you like this and are feeling a bit(coin) generous - 1JdSGqg2zGTbpFMJPLbWoXg7Nng3z1Qp58

It works for me: http://makthepla.net/scantastichax.png

Dependencies: (DIY - I ain't supportin shit)
Masscan - https://github.com/robertdavidgraham/masscan
Nmap - https://nmap.org/download.html
ElasticSearch - http://www.elasticsearch.org/guide/en/elasticsearch/guide/current/_installing_elasticsearch.html
Kibana - http://www.elasticsearch.org/overview/kibana/installation/

This tool can be used to store masscan or nmap data in elasticsearch, (the scantastic plugin in the image is not here)

It allows performs distributed directory brute-forcing.

All your base are belong to us. I might maintain or improve this over time. MIGHT.

Quickstart

Example usage

Run and import a scan of home /24 network

./scantastic.py -s -H 192.168.1.0/24 -p 80,443 -x homescan.xml (with masscan)
./scantastic.py -ns -H 192.168.1.0/24 -p 80,443 -x homescan.xml (with nmap)

Export homescan to a list of urls

./scantastic.py -eurl -x homescan.xml > urlist (with masscan)
./scantastic.py -nurl -x homescan.xml > urlist (with nmap)

Brute force the url list using wordlist and put results into index homescan using 10 threads (By default it uses 1 thread)

./scantastic.py -d -u urlist -w some_wordlist -i homescan -t 10

root@ubuntu:~/scantastic-tool# ./scantastic.py -h
usage: scantastic.py [-h] [-v] [-d] [-s] [-noes] [-sl] [-in] [-e] [-eurl]
                     [-del] [-H HOST] [-p PORTS] [-x XML] [-w WORDS] [-u URLS]
                     [-t THREADS] [-esh ESHOST] [-esp PORT] [-i INDEX]
                     [-a AGENT]

optional arguments:
  -h, --help            show this help message and exit
  -v, --version         Version information
  -d, --dirb            Run directory brute force. Requires --urls & --words
  -s, --scan            Run masscan on single range. Specify --host & --ports
                        & --xml
  -ns, --nmap           Run Nmap on a single range specify -H & -p
  -noes, --noelastics   Run scan without elasticsearch insertion
  -sl, --scanlist       Run masscan on a list of ranges. Requires --host &
                        --ports & --xml
  -nsl, --nmaplist      Run Nmap on a list of ranges -H & -p & -x
  -in, --noinsert       Perform a scan without inserting to elasticsearch
  -e, --export          Export a scan XML into elasticsearch. Requires --xml
  -eurl, --exporturl    Export urls to scan from XML file. Requires --xml
  -nurl, --exportnmap   Export urls from nmap XML, requires -x
  -del, --delete        Specify an index to delete.
  -H HOST, --host HOST  Scan this host or list of hosts
  -p PORTS, --ports PORTS
                        Specify ports in masscan format. (ie.0-1000 or
                        80,443...)
  -x XML, --xml XML     Specify an XML file to store output in
  -w WORDS, --words WORDS
                        Wordlist to be used with --dirb
  -u URLS, --urls URLS  List of Urls to be used with --dirb
  -t THREADS, --threads THREADS
                        Specify the number of threads to use.
  -esh ESHOST, --eshost ESHOST
                        Specify the elasticsearch host
  -esp PORT, --port PORT
                        Specify ElasticSearch port
  -i INDEX, --index INDEX
                        Specify the ElasticSearch index
  -a AGENT, --agent AGENT
                        Specify a User Agent for requests

Use -noes and -in scans to not import scans by default upon completion of a scan

maK-/scantastic-tool

maK-

Reviews

Repository Details

scantastic-tool

It's bloody scantastic

Quickstart

Example usage

More Repositories