• Stars
    star
    1,024
  • Rank 44,961 (Top 0.9 %)
  • Language
    Python
  • License
    GNU General Publi...
  • Created about 5 years ago
  • Updated almost 3 years ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Mass scan IPs for vulnerable services


Silver
Silver

Mass Vulnerability Scanner

Introduction

masscan is fast, nmap can fingerprint software and vulners is a huge vulnerability database. Silver is a front-end that allows complete utilization of these programs by parsing data, spawning parallel processes, caching vulnerability data for faster scanning over time and much more.

demo

Features

  • Resumable scanning
  • Slack notifcations
  • Multi-core utilization
  • Supports: IPs, CIDR & hostnames
  • Vulnerability data caching
  • Shodan integration

Dependencies

External Programs

Python libraries

  • psutil
  • requests

Required Python libraries can be installed by executing sudo pip3 install -r requirements.txt in Silver directory.

Setting up Slack notifications

  • Create a workspace on slack, here
  • Create an app, here
  • Enable WebHooks from the app and copy the URL from there to Silver's /core/memory.py file.

Usage

Before you start

⚠️ Run Silver as root and with python3 i.e. with sudo python3 silver.py <your input>. The python libraries need to be installed as root too.

⚠️ Silver scans all TCP ports by default i.e. ports 0-65535. Use --quick switch to only scan top ~1000 ports.

Scan host(s) from command line

python3 silver.py 127.0.0.1
python3 silver.py 127.0.0.1/22
python3 silver.py 127.0.0.1,127.0.0.2,127.0.0.3

Use Shodan

Shodan can provide open ports, service information and CVEs from the data collected during its contiunous internet wide scanning. I think this is the best choice for quickly checking top ~1500 ports. Not using it makes sense when:

  • You want to scan all the ports instead of the most common ones
  • You are not okay with the scan results being 2-3 days old
  • The IP you want to scan has been excluded by Shodan by a request of the owner
python3 silver.py 127.0.0.1 --shodan

Scan top ~1000 ports

python3 silver.py 127.0.0.1 --quick

Scan specific ports

python3 silver.py 127.0.0.1 -p80,443

Scan hosts from a file

python3 silver.py -i /path/to/targets.txt

Save JSON output to a file

Default: result-<ip_here>.json

python3 silver.py 127.0.0.1 -o my_target.json

Note: The output is saved regardless of using this option. It only exists to choose a specific name for the file instead of the autogenerated one.

Set max number of parallel nmap instances

Default: number_of_cores

python3 silver.py -i /path/to/targets.txt -t 4

Choose packets to be sent per seconds

Default: 10000

python3 silver.py 127.0.0.1 --rate 1000

Contribution

You can contribute to this project by providing suggestions, reporting sensible issues and spreading the word. Pull requessts for the following will not be accepted:

  • Typos
  • coDe qUaLiTY
  • Docker and .gitignore file

More Repositories

1

roop

one-click face swap
Python
27,272
star
2

XSStrike

Most advanced XSS scanner.
Python
13,111
star
3

Photon

Incredibly fast crawler designed for OSINT.
Python
10,869
star
4

Arjun

HTTP parameter discovery suite.
Python
5,093
star
5

AwesomeXSS

Awesome XSS stuff
JavaScript
4,730
star
6

sd-webui-roop

roop extension for StableDiffusion web-ui
Python
3,349
star
7

Smap

a drop-in replacement for Nmap powered by shodan.io
Go
2,860
star
8

Striker

Striker is an offensive information and vulnerability scanner.
Python
2,213
star
9

be-a-hacker

roadmap for a self-taught hacker
1,839
star
10

ReconDog

Reconnaissance Swiss Army Knife
Python
1,776
star
11

Hash-Buster

Crack hashes in seconds.
Python
1,716
star
12

huepy

Print awesomely in terminals.
Python
1,462
star
13

Corsy

CORS Misconfiguration Scanner
Python
1,335
star
14

uro

declutters url lists for crawling/pentesting
Python
1,105
star
15

Decodify

Detect and decode encoded strings, recursively.
Python
864
star
16

Diggy

Extract endpoints from apk files.
Shell
862
star
17

Blazy

Blazy is a modern login bruteforcer which also tests for CSRF, Clickjacking, Cloudflare and WAF .
Python
833
star
18

Breacher

An advanced multithreaded admin panel finder written in python.
Python
717
star
19

ote

Generate Email, Register for anything, Get the OTP/Link
Python
569
star
20

goop

Google Search Scraper
Python
564
star
21

Parth

Heuristic Vulnerable Parameter Scanner
Python
559
star
22

Zen

Find emails of Github users
Python
553
star
23

Bolt

CSRF Scanner
Python
532
star
24

Orbit

Blockchain Transactions Investigation Tool
Python
524
star
25

JShell

JShell - Get a JavaScript shell with XSS.
Python
506
star
26

MyPapers

Repository for hosting my research papers
Python
498
star
27

Cloak

Cloak can backdoor any python script with some tricks.
Python
479
star
28

nano

Nano is a family of PHP web shells which are code golfed for stealth.
PHP
431
star
29

sqlmate

A friend of SQLmap which will do what you always expected from SQLmap.
Python
424
star
30

SubGPT

Find subdomains with GPT, for free
Python
332
star
31

dump

Stuff that doesn't deserves its own repository.
Python
300
star
32

hardcodes

find hardcoded strings from source code
Python
273
star
33

Quark

Quark is a data visualization framework.
JavaScript
213
star
34

proxify

A python module for dumping usable proxies.
Python
152
star
35

Predator

Anti-Automation System
CSS
120
star
36

Shiva

Improved DOS exploit for wordpress websites (CVE-2018-6389)
Python
112
star
37

velocity

DNS caching for humans
Python
89
star
38

ifnude

nudity detector that works
Python
83
star
39

zetanize

HTML form parser for humans.
Python
73
star
40

rewise

Google auto-complete wrapper
Python
73
star
41

Locky

Locky generates "really" strong yet easy to remember passwords.
Python
63
star
42

Entropy

Entropy is a (prototype) WAF driven by maths.
Python
54
star
43

meta

Explains and tests HTTP response headers
Python
39
star
44

fonetic-go

golang implementation of fonetic (https://github.com/s0md3v/fonetic)
Go
37
star
45

fonetic

assess pronounciblity of text
Python
33
star
46

shades

Shell
26
star
47

wl

convert case style of words
Go
21
star
48

s0md3v.github.io

my personal blog
SCSS
15
star
49

s0md3v

11
star
50

dishtance

JavaScript
6
star
51

.github

my default .github files
5
star
52

BG3-Mutant

Mod for Baldur's Gate 3 that adds a Mutant class to the game.
2
star