The dynamic infrastructure framework for everybody! Distribute the workload of many different scanning tools with ease, including nmap, ffuf, masscan, nuclei, meg and many more!

Overview

axio m

License contributions welcome Follow on Twitter

Axiom is a dynamic infrastructure framework to efficiently work with multi-cloud environments, build and deploy repeatable infrastructure focussed on offensive and defensive security.

Axiom works by pre-installing your tools of choice onto a 'base image', and then using that image to deploy fresh instances. From there, you can connect and instantly gain access to many tools useful for both bug hunters and pentesters. With the power of immutable infrastructure, most of which is done for you, you can just spin up 15 boxes, perform a distributed nmap/ffuf/screenshotting scan, and then shut them down.

Because you can create many disposable instances very easily, axiom allows you to distribute scans of many different tools including dnsgen dnsx ffuf gau gowitness httpx masscan massdns nmap naabu nuclei shuffledns & subfinder. Once installed and setup, you can distribute a scan of a large set of targets across 10-15 instances within minutes and get results extremely quickly. This is called axiom-scan.

Axiom supports several cloud providers, eventually, axiom should be completely cloud agnostic allowing unified control of a wide variety of different cloud environments with ease. Currently, DigitalOcean, IBM Cloud, & Linode are officially supported providers. Google Compute is partially implemented. AWS & Azure are on the roadmap. If you would like prioritization of a feature or provider implementation, please contact me @pry0cc on Twitter and we can discuss :)

Resources

$100 Free Credit

The original and best supported provider for Axiom is Digital Ocean! If you're signing up for a new Digital Ocean account, please use my link!

Linode $20 Free Credit

Our third provider for axiom! Please use this link for $20 free credit on Linode :)

Installation - Easy Install

You will also need to install the newest versions of all packages sudo apt dist-upgrade and curl, which is not installed by default on Ubuntu 20.04, if you get a "command not found" error, run sudo apt update && sudo apt install curl.

Run the following curl command, as your standard user, not as root.

bash <(curl -s https://raw.githubusercontent.com/pry0cc/axiom/master/interact/axiom-configure)

If you have any problems with this installer, please refer to Installation.

Demo

In this demo (sped up out of respect for your time ;) ), we show how easy it is to initialize and ssh into a new instance.

Support

If you like Axiom and it saves you time, money or just brings you happy feelings, please show your support through sponsorship! Click the little sponsor button in the header and sponsor for as little as $1 per month :)

Or buy me a coffee to keep me powered :)

Buy Me A Coffee

Sponsored By SecurityTrails!

We are lucky enough to be sponsored by the awesome SecurityTrails! Sign up for your free account here!

Operating Systems Supported

OS Supported Easy Install Tested
Ubuntu Yes Yes Ubuntu 20.04
Kali Yes Yes Kali 2020.4
Debian Yes Yes Debian 10
Windows Yes Yes WSL w/ Ubuntu
MacOS Yes No MacOS 10.15
Arch Linux Yes No Yes

Contributors

We've had some really fantastic additions to axiom, great feedback through issues, and perseverence through our heavy beta phase!

A list of all contributors can be found here, thank you all!

Logo

The logo was made by our amazing s0md3v! Thank you for making axiom look sleek as hell! Really beats my homegrown logo :)

Packages To Date

  • amass
  • anew
  • anti-burl
  • aquatone
  • assetfinder
  • dalfox
  • dirb
  • dnsprobe
  • dnsvalidator
  • docker
  • fbrobe
  • ffuf
  • gau
  • getjs
  • gf
  • gobuster
  • Golang (setup, path configured, latest version)
  • gowitness
  • hakrawler
  • httprobe
  • jq
  • kxss
  • masscan
  • massdns
  • metasploit
  • mosh
  • nmap
  • oh-my-zsh
  • openvpn
  • projectdiscovery chaos
  • projectdiscovery chaos-client
  • projectdiscovery httpx
  • projectdiscovery naabu
  • projectdiscovery nuclei
  • projectdiscovery shuffledns
  • proxychains w/ Tor setup
  • SecLists
  • sn0int
  • SQLMap
  • subfinder
  • subgen
  • subjack
  • tmux
  • urlprobe
  • waybackurls
  • zdns
  • zmap

And many more! Do you want to add a package to axiom? Let me know!

Issues
  • ssh issue asking for password

    ssh issue asking for password

    i have added ssh key without password at

    ~/.ssh/id_rsa.pub ~/.axiom/configs/authorized_keys

    and build the instance axiom-build

    when axiom-init all new instances are asking for password, though the ssh key has no password set

    need help

    opened by nullman0x 29
  • The generated file is empty after running scan

    The generated file is empty after running scan

    image After running the scan module, a log file was generated on each server, but it was not synthesized in the end. Is there a problem with my operation?

    opened by C90D 13
  • Axiom-init not working with Azure

    Axiom-init not working with Azure

    WARNING: Command group 'vm' is experimental and under development. Reference and support levels: https://aka.ms/CLI_refstatus ssh: Could not resolve hostname moser15: nodename nor servname provided, or not known

    Looks like whatever az commands axiom is using have been changed. :-/

    opened by ResistanceIsUseless 12
  • Problem using Linode instances

    Problem using Linode instances

    I've been running axiom-scan using linode instances and I constantly face the following issue:

    One or more instances have a very low performance, for instance, using nuclei some instances run at 140 RPS (requests per second) while others run at 5 or less RPS. I've recreated the instances and I can't figure out why this is happening. I didn't have this type of issues using Digital Ocean.

    Is anyone having the same issue?

    opened by pdelteil 12
  • Naabu with nmap support

    Naabu with nmap support

    When you run nmap with naabu, You cannot download the XML output as only one extension is allowed. This module is registered as a directory extension, So it could get all files. The Nmap output should be placed in the output directory and it automatically processes the backups created by cp while merging with mmv and creating a sorted list of naabu ports, Nmap merged XML and Nmap merged output.

    Example

    axiom-scan ~/check.txt -m naabu-nmap -p - -rate 10000 -c 50 -nmap-cli $'\"nmap -sV -A -T4 -oX output/nmap.xml\"' -o out/
    
    opened by nbsriharsha 12
  • Bug when running axiom-init, Error: open /tmp/raman18.sh: no such file or directory

    Bug when running axiom-init, Error: open /tmp/raman18.sh: no such file or directory

    Using restore backup ‘pry0cc/lazy’
    Initializing ‘raman18’
    Error: open /tmp/raman18.sh: no such file or directory
    Initialized! Instance accessible at ‘’!
    To connect, run ‘axiom-ssh raman18’
    Waiting 65 seconds before restore…
    Restoring pry0cc-lazy to raman18 at ’ ’
    ssh: Could not resolve hostname : Name or service not known
    rsync: connection unexpectedly closed (0 bytes received so far) [sender]
    rsync error: unexplained error (code 255) at io.c(235) [sender=3.1.2]```
    
    This occurs because there is no valid image detected, you need to run `axiom-build` and receive a successful build for your currently selected region.
    
    This is because axiom now checks for axiom-$region as apposed to axiom* in your images, running `axiom-build` will however resolve this.
    opened by pry0cc 11
  • axiom-configure fails on nuclei installation

    axiom-configure fails on nuclei installation

    Hello,

    My axiom-configure job has ran three times and failed at the same spot each time.

        digitalocean: Installing nuclei
    ==> digitalocean: go: downloading github.com/projectdiscovery/nuclei v1.1.7
    ==> digitalocean: go get github.com/projectdiscovery/nuclei/v2/cmd/nuclei: module github.com/projectdiscovery/[email protected] found (v1.1.7), but does not contain package github.com/projectdiscovery/nuclei/v2/cmd/nuclei
    ==> digitalocean: Provisioning step had errors: Running the cleanup provisioner, if present...
    ==> digitalocean: Destroying droplet...
    ==> digitalocean: Deleting temporary ssh key...
    
    opened by kyleavery 11
  • Consider removing public key

    Consider removing public key

    Not really a problem with the tool, but I usually keep a fork of this repo without your public key ;)

    ~~Haven't looked to see if the program needs configs/authorized_keys to exist. If not, you could probably add it to .gitignore without an issue.~~

    Update: axiom-configure seems to work fine without authorized_keys, it created it for me.

    opened by kyleavery 10
  • [Issue] Axiom-scan keeps asking for ssh password

    [Issue] Axiom-scan keeps asking for ssh password

    I did a fresh build, doing:

    axiom-update && axiom-build

    then

    axiom-fleet -i=20

    And I get

    Screenshot from 2021-03-26 20-19-58

    The other problem I have is that I don't know how to get out of that screen, I keep pressing CONTROL+C and more password prompts appear.

    good first issue 
    opened by pdelteil 10
  • Feature Request : zsh shell customizations sync

    Feature Request : zsh shell customizations sync

    Currently the backup/sync functionality only syncs non image default values so any customizations to the shell are not saved. It would be nice to have a flag to backup and restore changes to the shell and other dot files.

    opened by tavdog 10
  • [issue] Connection closed by remote host.

    [issue] Connection closed by remote host.

    I'm getting this error a lot recently.

    Connection to 45.XX.YY.ZZ closed by remote host. All droplets are still running.

    I'm doing a axiom-scan nuclei.

    opened by pdelteil 3
  • [Bug] Axiom hangs when a job in a ssh session is silent for a long time

    [Bug] Axiom hangs when a job in a ssh session is silent for a long time

    Sometimes axiom hangs for no apparent reason; when you press enter you get the following message: unknown Talking with @0xtavian, this might be due to the ssh session which is dropped/closed if no output in the terminal exists; which might happen if it's a long scan and you use -silent flags or redirect the output to /dev/null.

    A current workaround might be allowing the scan to actually print some output, which should keep the session alive.

    opened by Regala 1
  • problem running axiom-deploy openvpn

    problem running axiom-deploy openvpn

    [email protected] ~ $ axiom-deploy openvpn proxy
    installing 'openvpn' : 'proxy'
    Uploading profile to 'proxy'
    sending incremental file list
    29083.sh
                370 100%    0.00kB/s    0:00:00 (xfr#1, to-chk=0/1)
    
    sent 312 bytes  received 35 bytes  138.80 bytes/sec
    total size is 370  speedup is 1.07
    
    ...
    
    Okay, that was all I needed. We are ready to set up your OpenVPN server now.
    Hit:1 https://download.docker.com/linux/ubuntu focal InRelease
    Hit:2 http://dl.google.com/linux/chrome/deb stable InRelease
    Get:3 http://mirrors.digitalocean.com/ubuntu focal InRelease [265 kB]
    Hit:5 http://ppa.launchpad.net/longsleep/golang-backports/ubuntu focal InRelease
    Hit:6 http://mirrors.digitalocean.com/ubuntu focal-updates InRelease
    Hit:7 http://mirrors.digitalocean.com/ubuntu focal-backports InRelease
    Get:8 http://security.ubuntu.com/ubuntu focal-security InRelease [114 kB]
    Hit:4 https://apt.vulns.sexy stable InRelease
    Fetched 379 kB in 1s (461 kB/s)
    Reading package lists...
    Reading package lists...
    Building dependency tree...
    Reading state information...
    iptables is already the newest version (1.8.4-3ubuntu2).
    iptables set to manually installed.
    ca-certificates is already the newest version (20210119~20.04.1).
    openssl is already the newest version (1.1.1f-1ubuntu2.4).
    openssl set to manually installed.
    You might want to run 'apt --fix-broken install' to correct these.
    The following packages have unmet dependencies:
     openvpn : Depends: libpkcs11-helper1 (>= 1.11) but it is not going to be installed
     scrying : Depends: libwebkit2gtk-4.0-37 but it is not going to be installed
    E: Unmet dependencies. Try 'apt --fix-broken install' with no packages (or specify a solution).
    mv: cannot stat '/etc/openvpn/EasyRSA-3.0.5/': No such file or directory
    chown: cannot access '/etc/openvpn/easy-rsa/': No such file or directory
    /home/op/vpn/openvpn.sh: line 234: cd: /etc/openvpn/easy-rsa/: No such file or directory
    /home/op/vpn/openvpn.sh: line 236: ./easyrsa: No such file or directory
    /home/op/vpn/openvpn.sh: line 237: ./easyrsa: No such file or directory
    /home/op/vpn/openvpn.sh: line 238: ./easyrsa: No such file or directory
    /home/op/vpn/openvpn.sh: line 239: ./easyrsa: No such file or directory
    /home/op/vpn/openvpn.sh: line 240: ./easyrsa: No such file or directory
    cp: cannot stat 'pki/ca.crt': No such file or directory
    cp: cannot stat 'pki/private/ca.key': No such file or directory
    cp: cannot stat 'pki/issued/server.crt': No such file or directory
    cp: cannot stat 'pki/private/server.key': No such file or directory
    cp: cannot stat 'pki/crl.pem': No such file or directory
    chown: cannot access '/etc/openvpn/crl.pem': No such file or directory
    /home/op/vpn/openvpn.sh: line 246: openvpn: command not found
    Created symlink /etc/systemd/system/multi-user.target.wants/openvpn-iptables.service → /etc/systemd/system/openvpn-iptables.service.
    Failed to restart [email protected]: Unit [email protected] not found.
    cat: /etc/openvpn/easy-rsa/pki/ca.crt: No such file or directory
    sed: can't read /etc/openvpn/easy-rsa/pki/issued/client.crt: No such file or directory
    cat: /etc/openvpn/easy-rsa/pki/private/client.key: No such file or directory
    sed: can't read /etc/openvpn/ta.key: No such file or directory
    
    Finished!
    

    And therefore:

    [email protected] ~ $ axiom-vpn proxy
    receiving incremental file list
    client.ovpn
                288 100%  281.25kB/s    0:00:00 (xfr#1, to-chk=0/1)
    
    sent 49 bytes  received 301 bytes  140.00 bytes/sec
    total size is 288  speedup is 0.82
    [sudo] password for crypto: 
    2021-07-02 13:07:07 Unrecognized option or missing or extra parameter(s) in /tmp/proxy.ovpn:14: block-outside-dns (2.5.2)
    2021-07-02 13:07:07 DEPRECATED OPTION: --cipher set to 'AES-256-CBC' but missing in --data-ciphers (AES-256-GCM:AES-128-GCM). Future OpenVPN version will ignore --cipher for cipher negotiations. Add 'AES-256-CBC' to --data-ciphers or change --cipher 'AES-256-CBC' to --data-ciphers-fallback 'AES-256-CBC' to silence this warning.
    2021-07-02 13:07:07 OpenVPN 2.5.2 [git:makepkg/23ae78e657052748+] x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Apr 21 2021
    2021-07-02 13:07:07 library versions: OpenSSL 1.1.1k  25 Mar 2021, LZO 2.10
    2021-07-02 13:07:07 OpenSSL: error:0909006C:PEM routines:get_name:no start line
    2021-07-02 13:07:07 OpenSSL: error:140AD009:SSL routines:SSL_CTX_use_certificate_file:PEM lib
    2021-07-02 13:07:07 Cannot load inline certificate file
    2021-07-02 13:07:07 Exiting due to fatal error
    

    I'm on Manjaro and I guess it's something with my system. Have any idea what exactly is wrong and how to fix it?

    good first issue 
    opened by kusayuzayushko 5
  • axiom-scan --progress flag suggestion

    axiom-scan --progress flag suggestion

    Hi folks! Congrats on this awesome project first and foremost.

    Was wondering if it would be viable/possible to have a progress flag on axiom-scan. Feel like it might be a bit complicated, since we would be dealing with interlace output and etc. My idea would be ofc to suppress output of the tools to make it easier, so you'd only see that potential progress bar.

    Cheers!

    opened by Regala 1
  • [Issue] axiom-ls not showing the cost of Linode instances

    [Issue] axiom-ls not showing the cost of Linode instances

    Instance  IP              Region   Memory  $/M
    leder01   45.XX    us-east  2048    
    leder02   66.XX   us-east  2048    
    leder03   96.XX  us-east  2048    
    leder04   45.XX    us-east  2048    
    leder05   45.XX    us-east  2048    
    leder06   172.XX   us-east  2048    
    leder07   45.XX   us-east  2048    
    leder09   45.XX    us-east  2048    
    leder08   45.XX    us-east  2048    
    leder10   45.XX    us-east  2048   
    
    opened by pdelteil 0
  • name substitution bug

    name substitution bug

    If you happen to name your instances "scan*", you get spectacular side effects when trying to axiom-scp anything from/to "scan" directory there because every "scan" will get substituted with "scan01" "scan02" etc.

    help wanted 
    opened by arkenoi 1
  • Update nuclei templates and add a sensible config

    Update nuclei templates and add a sensible config

    I'd love to see nuclei templates updated when building a axiom snapshot, for example by executing nuclei -ut . This itself should be a simple task and could be easily configured in the provisioning json file, but additionally I'd like to propose creating a sensibel initial nuclei config. Of course nuclei-templates can be updated by using axiom-exec, but I'd like to use a fleet scan without installing additional tools or executing housekeeping tools. Also, the template would be updated with every axiom-build, which should be done anyway to keep all tools updated. Any ideas how to implement this nicely?

    opened by dhauenstein 3
  • running axiom-scan on fleets from multiple accounts (eg linode and digitalocean) collectively

    running axiom-scan on fleets from multiple accounts (eg linode and digitalocean) collectively

    This is a question . If there is a way to to tweak and add fleets from multiple clouds so as to run axiom-scan. Like adding hosts and ssh keys from all clouds in one file from which the axiom-scan can run on them?

    good first issue 
    opened by dmatrixx 2
  • Fixed Assetnote Wordlist Download

    Fixed Assetnote Wordlist Download

    Assetnote has decided to update their wordlists download from using S3 sync over to using wget recursively through a CDN. The current patch creates the directory and drops into it to do work. One of the things that I am not fond of is the fact that the directory is called data and there seems to be .json files littered in the directory. It's not terrible, but it could be cleaned a little further. They also only run changes every 30 days, I think it would be good for the system not to update within a 30 day window to decrease their download volumes, however I don't think there is a good way to do this currently. Recommend scheduling updates to axiom every 30 days to be kinder.

    opened by mosesrenegade 1
  • Feature Request : Metasploit Module

    Feature Request : Metasploit Module

    Hi,

    First of all thanks so much for this tool. It's seriously a game changer.

    It would be cool to have a metasploit module (axiom-scan --list doesn't show that metasploit is available as an option) which would execute a command based on inputs. Granted, metasploit is slightly more complicated as it has thousands of sub modules and each one of them with different options but maybe it could be achieved with a mix of flags, input files and some sort of a looping system. You could have two options, multiple hosts or multiple ports

    metasploit-mp = multiport metasploit-mt = multitarget

    axiom-scan target "blabla.com" -m metasploit-mp -rhosts 1-65535 -module "exploit/whatever" -custom "set path /hello; set lhost whatever;"

    axiom-scan targets.txt -m metasploit-mt -rhost 8383 -module "/exploit/whatever" -custom "set path /hello; set lhost whatever;"

    This way, you can either scan a particular target on all the ports or multiple hosts with a single port.

    msfconsole -q -x 'use exploit/whatever; set rhost blabla.com; set rport 1; run; exit' | tee -a msfout.txt msfconsole -q -x 'use exploit/whatever; set rhost blabla.com; set rport 1; customcommands; run; exit' | tee -a msfout.txt

    Obviously the above is just an idea maybe it sparks the juices for a cleaner solution. I hate the "oh can you do this" approach without offering at least some ideas :) Thanks again so much for this great tool Z.

    opened by z0mb13s3c 3
Releases(0.34)
  • 0.34(Feb 12, 2021)

    This release has shown several improvements including:

    • SSH socket reusing - thanks 0xtavian!!
    • Increase of default file descriptors
    • Axiom-configure support for Kali
    • Custom wordlist support for axiom-scan using -wL
    • Updates of packages such as Rustscan
    • Linode Support
    • More quality of life features for those not using DigitalOcean - more cloud support and easier dynamic setup
    Source code(tar.gz)
    Source code(zip)
  • 0.3(Jan 20, 2021)

    This release brings a lot of new things including Oneshot modules, real-time tailing of the command output and custom wordlist support for modules that utilize the wordlist notation.

    Source code(tar.gz)
    Source code(zip)
  • v0.2(Nov 11, 2020)

    Some big updates to this release! Actually my first proper release! I think we're safe enough to be at version 0.2, I won't feel happy for a full version 1.0 until we have full error checking everywhere & a better thought out modularity.

    This version brings a good base to work upon. I'm happy with its functionality and a lot of its design, axiom-deploy needs a complete rewrite, as does the VPN system. I'd like to add Wireguard as an option to axiom-deploy and axiom-vpn. IBM support has seen a massive improvement with good work with 0xtavian.

    Axiom-fleet and axiom-init may see a merge in future releases, I think it would be cool to have some syntax like axiom-init *3; axiom-init jerry*7, I think that would be succinct and fairly self-explanatory. Not that hard to do either. Could potentially use interlace also for the fleet part.

    Documentation has found a lot of improvement also during this release. Really happy to put this out! Enjoy!

    Source code(tar.gz)
    Source code(zip)
Owner
pry0cc
Founder of 0x00sec.org, Senior Cyber Security Consultant @ REDACTED
pry0cc
Nuclei is a fast tool for configurable targeted vulnerability scanning based on templates offering massive extensibility and ease of use.

Fast and customisable vulnerability scanner based on simple YAML based DSL. How • Install • For Security Engineers • For Developers • Documentation •

ProjectDiscovery 4.7k Jul 23, 2021
Idiomatic nmap library for go developers

nmap This library aims at providing idiomatic nmap bindings for go developers, in order to make it easier to write security audit tools using golang.

Brendan Le Glaunec 459 Jul 19, 2021
A fast port scanner written in go with a focus on reliability and simplicity. Designed to be used in combination with other tools for attack surface discovery in bug bounties and pentests

Naabu is a port scanning tool written in Go that allows you to enumerate valid ports for hosts in a fast and reliable manner. It is a really simple to

ProjectDiscovery 1.4k Jul 25, 2021
The dynamic infrastructure framework for everybody! Distribute the workload of many different scanning tools with ease, including nmap, ffuf, masscan, nuclei, meg and many more!

Axiom is a dynamic infrastructure framework to efficiently work with multi-cloud environments, build and deploy repeatable infrastructure focussed on

pry0cc 2.2k Jul 25, 2021
Community edition nuclei templates, a simple tool that allows you to organize all the Nuclei templates offered by the community in one place

cent Community edition nuclei templates, a simple tool that allows you to organize all the Nuclei templates offered by the community in one place Inst

null 31 Jul 13, 2021
Cameradar hacks its way into RTSP videosurveillance cameras

Cameradar An RTSP stream access tool that comes with its library Cameradar allows you to Detect open RTSP hosts on any accessible target host Detect w

Brendan Le Glaunec 2.6k Jul 23, 2021
ServerScan一款使用Golang开发的高并发网络扫描、服务探测工具。

ServerScan ███████╗███████╗██████╗ ██╗ ██╗███████╗██████╗ ███████╗ ██████╗ █████╗ ███╗ ██╗ ██╔════╝██╔════╝██╔══██╗██║ ██║██╔════╝██╔══██╗

Trim 859 Jul 26, 2021
Declarative penetration testing orchestration framework

Decker - Penetration Testing Orchestration Framework Purpose Decker is a penetration testing orchestration framework. It leverages HashiCorp Configura

Steven Aldinger 264 Jul 7, 2021
Gorsair hacks its way into remote docker containers that expose their APIs

Gorsair Gorsair is a penetration testing tool for discovering and remotely accessing Docker APIs from vulnerable Docker containers. Once it has access

Brendan Le Glaunec 724 Jul 21, 2021
A fully self-contained Nmap like parallel port scanning module in pure Golang that supports SYN-ACK (Silent Scans)

gomap What is gomap? Gomap is a fully self-contained nmap like module for Golang. Unlike other projects which provide nmap C bindings or rely on other

jtimperio 23 Jul 5, 2021
MX1014 is a flexible, lightweight and fast port scanner.

MX1014 MX1014 是一个遵循 “短平快” 原则的灵活、轻便和快速端口扫描器 此工具仅限于安全研究和教学,用户承担因使用此工具而导致的所有法律和相关责任! 作者不承担任何法律和相关责任! Version 1.1.1 - 版本修改日志 Features 兼容 nmap 的端口和目标语法 支持各

L 19 Jul 8, 2021
🌘🦊 DalFox(Finder Of XSS) / Parameter Analysis and XSS Scanning tool based on golang

Finder Of XSS, and Dal(달) is the Korean pronunciation of moon. What is DalFox ?? ?? DalFox is a fast, powerful parameter analysis and XSS scanner, bas

HAHWUL 1.1k Jul 23, 2021
Cossack Labs 777 Jul 26, 2021
全新的开源漏洞测试框架,实现poc在线编辑、运行、批量测试。使用文档:

pocassist是一个 Golang 编写的全新开源漏洞测试框架。 简单易用 只需要在前端编辑,即可生成poc对批量目标进行测试 单二进制文件,无依赖,也无需安装 性能优秀 支持高并发,通过使用 ants实例化协程池,复用 goroutine 多重内存复用,尽可能小的内存占用 规则体系 完全兼容x

null 607 Jul 22, 2021