今天为大家介绍一个基于 Python 开发的开源神器 - Argus,它能让你的安全评估工作事半功倍。
https://github.com/jasonxtn/Argus
⚙️ Installation ⚙️安装
To get started with Argus, follow these simple steps:
要开始使用 Argus,请按照以下简单步骤操作:
git clone https://github.com/jasonxtn/argus.git
cd argus
pip install -r requirements.txt
Once installed, you can launch Argus with:
安装后,您可以使用以下命令启动 Argus:
python argus.py
📖 Usage 📖 用法
Argus offers a rich collection of tools categorized into three main areas:
阿格斯提供丰富的工具集,分为三个主要领域:
Network & Infrastructure Tools
网络和基础设施工具
These tools help you gather data about a network, uncovering vital details about servers, IP addresses, DNS records, and more:
这些工具可帮助您收集有关网络的数据,揭示有关服务器、IP 地址、DNS 记录等的重要详细信息:
Associated Hosts: Discover domains associated with the target.
关联主机:发现与目标关联的域。
DNS Over HTTPS: Resolve DNS securely via encrypted channels.
DNS Over HTTPS :通过加密通道安全地解析 DNS。
DNS Records: Collect DNS records, including A, AAAA, MX, etc.
DNS 记录:收集 DNS 记录,包括 A、AAAA、MX 等。
DNSSEC Check: Verify if DNSSEC is properly configured.
DNSSEC 检查:验证 DNSSEC 是否配置正确。
Domain Info: Gather information such as registrar details and expiry dates.
域名信息:收集注册商详细信息和到期日期等信息。
Domain Reputation Check: Check domain trustworthiness using various reputation sources.
域信誉检查:使用各种信誉源检查域的可信度。
IP Info: Retrieve geographic and ownership details of an IP address.
IP 信息:检索 IP 地址的地理和所有权详细信息。
Open Ports Scan: Scan the target for open ports and services.
开放端口扫描:扫描目标的开放端口和服务。
Server Info: Extract key server details using various techniques.
服务器信息:使用各种技术提取关键服务器详细信息。
Server Location: Identify the physical location of the server.
服务器位置:标识服务器的物理位置。
SSL Chain Analysis: Analyze the SSL certificate chain for trustworthiness.
SSL 链分析:分析 SSL 证书链的可信度。
SSL Expiry Alert: Check SSL certificates for upcoming expiry.
SSL 到期警报:检查 SSL 证书是否即将到期。
TLS Cipher Suites: List the supported TLS ciphers on the server.
TLS 密码套件:列出服务器上支持的 TLS 密码。
TLS Handshake Simulation: Simulate a TLS handshake to check for security issues.
TLS 握手模拟:模拟 TLS 握手以检查安全问题。
Traceroute: Trace the path packets take to reach the target.
Traceroute :跟踪数据包到达目标的路径。
TXT Records: Fetch TXT records, often used for verification purposes.
TXT 记录:获取 TXT 记录,通常用于验证目的。
WHOIS Lookup: Perform WHOIS queries to gather domain ownership details.
WHOIS 查找:执行 WHOIS 查询以收集域所有权详细信息。
Zone Transfer: Attempt to perform DNS zone transfers.
区域传输:尝试执行 DNS 区域传输。
HTTP/2 and HTTP/3 Support Checker: Check if the server supports HTTP/2 and HTTP/3.
HTTP/2 和 HTTP/3 支持检查器:检查服务器是否支持 HTTP/2 和 HTTP/3。
Web Application Analysis Tools
Web 应用程序分析工具
These modules focus on understanding the structure and security of web applications:
这些模块侧重于了解 Web 应用程序的结构和安全性:
Archive History: View the target's history using internet archives.
存档历史记录:使用互联网存档查看目标的历史记录。
Broken Links Detection: Find broken links that may lead to user frustration or security gaps.
损坏链接检测:查找可能导致用户沮丧或安全漏洞的损坏链接。
Carbon Footprint: Evaluate the environmental impact of a website.
碳足迹:评估网站对环境的影响。
CMS Detection: Detect the type of CMS used, like WordPress, Joomla, etc.
CMS 检测:检测所使用的 CMS 类型,如 WordPress、Joomla 等。
Cookies Analyzer: Analyze cookies for secure attributes and potential privacy issues.
Cookies 分析器:分析 cookie 的安全属性和潜在的隐私问题。
Content Discovery: Discover hidden directories, files, and endpoints.
内容发现:发现隐藏的目录、文件和端点。
Crawler: Crawl the site to uncover data and map out its structure.
爬虫:爬行站点以发现数据并绘制其结构。
Robots.txt Analyzer: Analyze the robots.txt file for hidden resources.
Robots.txt 分析器:分析 robots.txt 文件中的隐藏资源。
Directory Finder: Look for directories that may not be indexed publicly.
目录查找器:查找可能未公开索引的目录。
Email Harvesting: Extract email addresses from the target domain.
电子邮件收集:从目标域中提取电子邮件地址。
Performance Monitoring: Monitor the website's response time and load performance.
性能监控:监控网站的响应时间和负载性能。
Quality Metrics: Assess the quality of the site's content and user experience.
质量指标:评估网站内容和用户体验的质量。
Redirect Chain: Follow redirects to analyze if they're safe or malicious.
重定向链:跟踪重定向来分析它们是安全的还是恶意的。
Sitemap Parsing: Extract URLs from the site's sitemap.
站点地图解析:从站点的站点地图中提取 URL。
Social Media Presence Scan: Analyze the social media profiles linked to the target.
社交媒体存在扫描:分析与目标链接的社交媒体配置文件。
Technology Stack Detection: Identify the technologies and frameworks the site uses.
技术堆栈检测:识别网站使用的技术和框架。
Third-Party Integrations: Discover any third-party services integrated into the site.
第三方集成:发现集成到站点中的任何第三方服务。
Security & Threat Intelligence Tools
安全和威胁情报工具
The security modules in Argus are designed to assess the target's defenses and gather threat intelligence:
Argus 中的安全模块旨在评估目标的防御并收集威胁情报:
Censys Reconnaissance: Use Censys for in-depth details about the target's assets.
Censys 侦察:使用 Censys 获取有关目标资产的深入详细信息。
Certificate Authority Recon: Examine the certificate authority details.
证书颁发机构侦察:检查证书颁发机构详细信息。
Data Leak Detection: Check for potential data leaks and sensitive data exposure.
数据泄漏检测:检查潜在的数据泄漏和敏感数据暴露。
Exposed Environment Files Checker: Identify publicly exposed .env files.
暴露的环境文件检查器:识别公开暴露的.env 文件。
Firewall Detection: Identify whether a firewall or WAF is protecting the target.
防火墙检测:识别防火墙或 WAF 是否正在保护目标。
Global Ranking: Look up the site's global ranking to gauge its popularity.
全球排名:查看网站的全球排名以衡量其受欢迎程度。
HTTP Headers: Extract and evaluate HTTP response headers.
HTTP headers :提取并评估 HTTP 响应标头。
HTTP Security Features: Check for secure HTTP headers such as HSTS, CSP, etc.
HTTP 安全功能:检查安全 HTTP 标头,例如 HSTS、CSP 等。
Malware & Phishing Check: Scan the site for signs of malware and phishing risks.
恶意软件和网络钓鱼检查:扫描网站是否存在恶意软件和网络钓鱼风险的迹象。
Pastebin Monitoring: Search paste sites for leaks associated with the target.
Pastebin 监控:搜索粘贴站点以查找与目标相关的泄漏。
Privacy & GDPR Compliance: Verify compliance with GDPR and other privacy regulations.
隐私和 GDPR 合规性:验证是否符合 GDPR 和其他隐私法规。
Security.txt Check: Locate and analyze the security.txt file for vulnerability disclosure policies.
Security.txt 检查:查找并分析 security.txt 文件以了解漏洞披露策略。
Shodan Reconnaissance: Use Shodan to discover open ports, services, and vulnerabilities.
Shodan 侦察:使用 Shodan 发现开放端口、服务和漏洞。
SSL Labs Report: Get a detailed SSL/TLS assessment via SSL Labs.
SSL 实验室报告:通过 SSL 实验室获取详细的 SSL/TLS 评估。
SSL Pinning Check: Check if SSL pinning is implemented on the site.
SSL Pinning 检查:检查站点上是否实施了 SSL pinning。
Subdomain Enumeration: Discover subdomains of the target domain.
子域枚举:发现目标域的子域。
Subdomain Takeover: Test whether subdomains are vulnerable to takeover.
子域接管:测试子域是否容易被接管。
VirusTotal Scan: Check the target's reputation using VirusTotal.
VirusTotal 扫描:使用 VirusTotal 检查目标的声誉。
How to Use Argus 如何使用阿古斯
Launch Argus from the command line.
从命令行启动 Argus。
Enter the tool number you want to use from the main menu.
从主菜单输入您要使用的工具编号。
Follow the prompts to enter relevant information.
按照提示输入相关信息。
Review the results and adjust your strategy accordingly.
查看结果并相应调整您的策略。
Example Command: 命令示例:
root@argus:~# 1
This command initiates the Associated Hosts tool.
此命令启动关联主机工具。