• This repository has been archived on 13/Jul/2024
  • Stars
    star
    233
  • Rank 172,230 (Top 4 %)
  • Language
    Python
  • Created almost 10 years ago
  • Updated over 2 years ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

It's bloody scantastic

scantastic-tool

It's bloody scantastic

If you like this and are feeling a bit(coin) generous - 1JdSGqg2zGTbpFMJPLbWoXg7Nng3z1Qp58

It works for me: http://makthepla.net/scantastichax.png

This tool can be used to store masscan or nmap data in elasticsearch, (the scantastic plugin in the image is not here)

It allows performs distributed directory brute-forcing.

All your base are belong to us. I might maintain or improve this over time. MIGHT.

Quickstart

Example usage

Run and import a scan of home /24 network

./scantastic.py -s -H 192.168.1.0/24 -p 80,443 -x homescan.xml (with masscan)
./scantastic.py -ns -H 192.168.1.0/24 -p 80,443 -x homescan.xml (with nmap)

Export homescan to a list of urls

./scantastic.py -eurl -x homescan.xml > urlist (with masscan)
./scantastic.py -nurl -x homescan.xml > urlist (with nmap)

Brute force the url list using wordlist and put results into index homescan using 10 threads (By default it uses 1 thread)

./scantastic.py -d -u urlist -w some_wordlist -i homescan -t 10
root@ubuntu:~/scantastic-tool# ./scantastic.py -h
usage: scantastic.py [-h] [-v] [-d] [-s] [-noes] [-sl] [-in] [-e] [-eurl]
                     [-del] [-H HOST] [-p PORTS] [-x XML] [-w WORDS] [-u URLS]
                     [-t THREADS] [-esh ESHOST] [-esp PORT] [-i INDEX]
                     [-a AGENT]

optional arguments:
  -h, --help            show this help message and exit
  -v, --version         Version information
  -d, --dirb            Run directory brute force. Requires --urls & --words
  -s, --scan            Run masscan on single range. Specify --host & --ports
                        & --xml
  -ns, --nmap           Run Nmap on a single range specify -H & -p
  -noes, --noelastics   Run scan without elasticsearch insertion
  -sl, --scanlist       Run masscan on a list of ranges. Requires --host &
                        --ports & --xml
  -nsl, --nmaplist      Run Nmap on a list of ranges -H & -p & -x
  -in, --noinsert       Perform a scan without inserting to elasticsearch
  -e, --export          Export a scan XML into elasticsearch. Requires --xml
  -eurl, --exporturl    Export urls to scan from XML file. Requires --xml
  -nurl, --exportnmap   Export urls from nmap XML, requires -x
  -del, --delete        Specify an index to delete.
  -H HOST, --host HOST  Scan this host or list of hosts
  -p PORTS, --ports PORTS
                        Specify ports in masscan format. (ie.0-1000 or
                        80,443...)
  -x XML, --xml XML     Specify an XML file to store output in
  -w WORDS, --words WORDS
                        Wordlist to be used with --dirb
  -u URLS, --urls URLS  List of Urls to be used with --dirb
  -t THREADS, --threads THREADS
                        Specify the number of threads to use.
  -esh ESHOST, --eshost ESHOST
                        Specify the elasticsearch host
  -esp PORT, --port PORT
                        Specify ElasticSearch port
  -i INDEX, --index INDEX
                        Specify the ElasticSearch index
  -a AGENT, --agent AGENT
                        Specify a User Agent for requests

Use -noes and -in scans to not import scans by default upon completion of a scan

More Repositories

1

parameth

This tool can be used to brute discover GET and POST parameters
Python
1,338
star
2

maK_it-Linux-Rootkit

This is a linux rootkit using many of the techniques described on
C
166
star
3

reverse-shell-access-kernel-module

This is a kernel module invoked reverse shell proof of concept.
C
68
star
4

scanomaly-2years

This is a web application fuzzer scanner - the goal was CLI flexibility and rapid prototyping
Python
45
star
5

Keylogger-lkm

This is a very simple Keylogger, it doesn't hide itself and is a college project building towards developing a rootkit.
C
21
star
6

Syscall-table-hijack-LKM

This demonstrates the hijacking of the "write" system call and how to set the System Call table to read/write mode via modifying the correct cr0 bit.
C
19
star
7

scanomaly

Generic plugin based web application security fuzzing for anomalies by Slándáil Research Limited
Python
13
star
8

Xssive

Xss Vulnerability Demonstration framework.
Python
12
star
9

stealthy-Keylogger-lkm

This is a stealthier version of Keylogger-lkm, it introduces hiding techniques and also a command entering option.
C
11
star
10

SimplestLKM

Hello World Linux Kernel Module
Shell
9
star
11

systemtap-rootkit-project-scripts

This is a repository to hold various scripts and proof of concept code for my final year college project. A Linux rootkit.
Shell
8
star
12

fearann

This permutates and fucks with subdomains hard
Python
5
star
13

mistRust

Learning rust via implementing some stupid simple shellcode droppers
Rust
4
star
14

rss2irc-bot

A simple bot that prints user specified rss feeds into an Irc channel of choice.
Python
4
star
15

Digital-Signature-ElGamal

Implementing a Digital signature using the ElGamal signature scheme. (Crypto Assignment 2)
Java
3
star
16

domaination

This is a very simple/stupid cli tool for doing various things with subdomain lists
Python
3
star
17

Naive-Concurrent-Elevator

Simple naive consumer-producer type solution to the Elevator problem.
Java
2
star
18

Code-Dump

miscellaneous small things
Python
2
star
19

Imageroll

This project Died.
2
star
20

rpliy

Raspberry pi python web player -
Python
1
star
21

Crypto-File-Tool

This was developed to meet the specific requirements of the first assigment in my Cryptography module.
1
star
22

Single-file-server

an ad-hoc single file webserver that allows a count to be added on how many times the file can be downloaded.
Python
1
star
23

Simple-Qlearning-XOs

Expressing Naughts & Crosses as a Simple Reinforcement Learning problem.
Java
1
star