Erebus is used to control every parameter on targets, based on Yaml templates and provide fast scanning on a large number of servers.
Erebus offers many useful features, including a spy proxy that allows researchers to browse the site, click on links, and erebus will test every parameter that passes through the proxy.
Table of Contents
Usage Mode
Installation of Erebus
O GO111MODULE = off go get -u -v github.com/ethicalhackingplayground/erebus/erebus
▶ erebus -ut
Erebus modelsErebus has built-in support for automatic updating / downloading of templates ( https://github.com/ethicalhackingplayground/erebus/releases/latest ). The Erebus-Templates project provides a list of ready-to-use templates that can be used in your tests. You can use the flag |
Setting up the Erebus InterceptorMake sure you have a proxy set up in your browser before using erebus interceptor. For firefox, go to
Settings General information Network settings Manual proxy configuration Type 127.0.0.1 to the HTTP proxy server and then to the port number we put 8080. Also use the proxy server for FTP and HTTPS |
Install SSL certificates for HTTPSI have given you the certificates that you can use for the check HTTPS, all you need to do is install them from: Settings Privacy & Security Certificates View certificates Introduction Select the file .crt in the erebus directory and proceed with the installation. |
Use
erebus -h
The command will display the help menu for the tool. Here are all the switches it supports :.
Intercept and Crawl on HTTP
▶ erebus -t erebus-templates / xss-reflected.yaml -interceptor -crawl -scope ". *. \. paypal.com"
Intercept and Crawl on HTTPS
▶ erebus -t erebus-templates / xss-reflected.yaml -interceptor -crawl -secure -scope ". *. \. paypal.com"
Tool Chaining Usage
▶ threw out "paypal.com" | left | erebus -t erebus-templates / xss-reflected.yaml
▶ cat alive | left | erebus -t erebus-templates / xss-reflected.yaml
Watch a related video from here.
You can download the program from here.