banner
andrewji8

Being towards death

Heed not to the tree-rustling and leaf-lashing rain, Why not stroll along, whistle and sing under its rein. Lighter and better suited than horses are straw sandals and a bamboo staff, Who's afraid? A palm-leaf plaited cape provides enough to misty weather in life sustain. A thorny spring breeze sobers up the spirit, I feel a slight chill, The setting sun over the mountain offers greetings still. Looking back over the bleak passage survived, The return in time Shall not be affected by windswept rain or shine.
telegram
twitter
github
HomeArchives

One-click Penetration Testing Process

#渗透68
AI Translation
This post is translated from Chinese into English through AI.View Original
AI-generated summary
Osmedeus is an offensive security workflow engine that allows you to build and run reconnaissance systems on various targets. It is designed to have a solid foundation with automatic adaptation and execution capabilities for reconnaissance tasks. It can be installed on Linux and MacOS systems and has a web interface for easy use. Overall, it is a useful tool for automating vulnerability discovery and learning about security practices.

Osmedeus is a workflow engine for offensive security that allows you to build and run reconnaissance systems on various targets (including domains, URLs, CIDRs, and GitHub repositories). Its design goal is to establish a solid foundation and have the ability to automatically adapt and run to perform reconnaissance tasks.

Project repository (written in Go language):

Reference documentation:

https://docs.osmedeus.org/

Installation
linux
bash <(curl -fsSL https://raw.githubusercontent.com/osmedeus/osmedeus-base/master/install.sh)

image
After installation, check if it was successful by running the command:

osmedeus health

To view its default workflow:

image

There are also built-in work modules:

image

macos
bash <(curl -fsSL https://raw.githubusercontent.com/osmedeus/osmedeus-base/master/install-macos.sh)

Use case

  1. Start the web interface
    osmedeus server

image
The account password is configured in ~/.osmedeus/config.yaml, once in the backend:

image
As an example, it will generate a final command for you, which can also be executed directly in the terminal:

image
osmedeus scan -f general -t xxxx.com
Conclusion
Overall, this tool is quite good, essentially combining the strengths of many tools to automate vulnerability discovery. Even if we don't use it for automated penetration testing work, it is a valuable resource for learning and reference. The integrated small tools are worth trying, as one of them may become a valuable asset in your arsenal.

Loading...
Ownership of this post data is guaranteed by blockchain and smart contracts to the creator alone.