Silver
Mass Vulnerability Scanner
Introduction
masscan is fast, nmap can fingerprint software and vulners is a huge vulnerability database. Silver is a front-end that allows complete utilization of these programs by parsing data, spawning parallel processes, caching vulnerability data for faster scanning over time and much more.
Features
- Resumable scanning
- Slack notifcations
- Multi-core utilization
- Supports: IPs, CIDR & hostnames
- Vulnerability data caching
- Shodan integration
Dependencies
External Programs
Python libraries
- psutil
- requests
Required Python libraries can be installed by executing sudo pip3 install -r requirements.txt in Silver directory.
Setting up Slack notifications
- Create a workspace on slack, here
- Create an app, here
- Enable WebHooks from the app and copy the URL from there to Silver's
/core/memory.pyfile.
Usage
Before you start
python3 i.e. with sudo python3 silver.py <your input>. The python libraries need to be installed as root too.
0-65535. Use --quick switch to only scan top ~1000 ports.
Scan host(s) from command line
python3 silver.py 127.0.0.1
python3 silver.py 127.0.0.1/22
python3 silver.py 127.0.0.1,127.0.0.2,127.0.0.3
Use Shodan
Shodan can provide open ports, service information and CVEs from the data collected during its contiunous internet wide scanning. I think this is the best choice for quickly checking top ~1500 ports. Not using it makes sense when:
- You want to scan all the ports instead of the most common ones
- You are not okay with the scan results being 2-3 days old
- The IP you want to scan has been excluded by Shodan by a request of the owner
python3 silver.py 127.0.0.1 --shodan
Scan top ~1000 ports
python3 silver.py 127.0.0.1 --quick
Scan specific ports
python3 silver.py 127.0.0.1 -p80,443
Scan hosts from a file
python3 silver.py -i /path/to/targets.txt
Save JSON output to a file
Default: result-<ip_here>.json
python3 silver.py 127.0.0.1 -o my_target.json
Note: The output is saved regardless of using this option. It only exists to choose a specific name for the file instead of the autogenerated one.
Set max number of parallel nmap instances
Default: number_of_cores
python3 silver.py -i /path/to/targets.txt -t 4
Choose packets to be sent per seconds
Default: 10000
python3 silver.py 127.0.0.1 --rate 1000
Contribution
You can contribute to this project by providing suggestions, reporting sensible issues and spreading the word. Pull requessts for the following will not be accepted:
- Typos
- coDe qUaLiTY
- Docker and .gitignore file