Skip to content
forked from j3ssie/osmedeus

Fully automated offensive security framework for reconnaissance and vulnerability scanning

License

Notifications You must be signed in to change notification settings

sg27950/Osmedeus

 
 

Repository files navigation

Osmedeus

python Software License tested Release Demo

What is Osmedeus?

Architecture

Osmedeus allows you automated run the collection of awesome tools to reconnaissance and vulnerability scanning against the target.

Installation

git clone https://github.com/j3ssie/Osmedeus
cd Osmedeus
./install.sh

This install only focus on Kali linux, check more install on Usage page

How to use

If you have no idea what are you doing just type the command below or check out the Advanced Usage

./osmedeus.py -t example.com

Features

  • Subdomain Scan.
  • Subdomain TakeOver Scan.
  • Screenshot the target.
  • Basic recon like Whois, Dig info.
  • Web Technology detection.
  • IP Discovery.
  • CORS Scan.
  • SSL Scan.
  • Wayback Machine Discovery.
  • URL Discovery.
  • Headers Scan.
  • Port Scan.
  • Vulnerable Scan.
  • Seperate workspaces to store all scan output and details logging.
  • REST API.
  • React Web UI.
  • Support Continuous Scan.
  • Slack notifications.
  • Easily view report from commnad line.

Check this Documentation for more detail about each module.

Love Osmedeus? Back it!

If you love my tool and would like to support my work. Become a backer and you will appear here. Backers

Demo

asciicast

Reports

Slack Noti

Web UI 1

Web UI 3

Web UI 2

Example Commands

# normal routine
./osmedeus.py -t example.com
./osmedeus.py -T list_of_target.txt

# normal routine but slow speed on subdomain module
./osmedeus.py -t example.com --slow 'all'

# direct mode examples
./osmedeus.py -m subdomain -t example.com
./osmedeus.py -m portscan -i "1.2.3.4/24"

./osmedeus.py -m "portscan,vulnscan" -i "1.2.3.4/24" -w result_folder
./osmedeus.py -m "git" -i 'repo:https://github.com/foo/bar'
./osmedeus.py -m "git" -i 'user:sample'

# direct list mode examples
./osmedeus.py -m portscan -I list_of_targets.txt
./osmedeus.py -m portscan,vulnscan -I list_of_targets.txt
./osmedeus.py -m screen -I list_of_targets.txt -w result_folder

# report mode
./osemdeus.py -t example.com --report list
./osemdeus.py -t example.com --report export
./osemdeus.py -t example.com --report sum
./osemdeus.py -t example.com --report short
./osemdeus.py -t example.com --report full

Disclaimer

Most of this tool done by the authors of the tool that list in CREDITS.md. I'm just put all the pieces together, plus some extra magic.

This tool is for educational purposes only. You are responsible for your own actions. If you mess something up or break any laws while using this software, it's your fault, and your fault only.

Credits

Please take a look at CREDITS.md

Changelog

Please take a look at CHANGELOG.md

Contributors

If you have some new idea about this project, issue, feedback or found some valuable tool feel free to open an issue for just DM me via @j3ssiejjj.

Special thanks

Thanks to @gujjuboy10x00 for contribute so many awesome ideas to this tool.

Code Contributors

This project exists thanks to all the people who contribute. [Contribute].

Financial Contributors

Become a financial contributor and help us sustain our community. [Contribute]

Individuals

Organizations

Support this project with your organization. Your logo will show up here with a link to your website. [Contribute]

Stargazers over time

Stargazers over time

About

Fully automated offensive security framework for reconnaissance and vulnerability scanning

Resources

License

Stars

Watchers

Forks

Packages

No packages published

Languages

  • Python 94.4%
  • Shell 3.9%
  • Other 1.7%