Erebus: A fast vulnerability scanner

Erebus is used to control every parameter on targets, based on Yaml templates and provide fast scanning on a large number of servers.

Erebus offers many useful features, including a spy proxy that allows researchers to browse the site, click on links, and erebus will test every parameter that passes through the proxy.

Usage Mode

yaml

 

Installation of Erebus

O GO111MODULE = off go get -u -v github.com/ethicalhackingplayground/erebus/erebus
▶ erebus -ut

Erebus models

Erebus has built-in support for automatic updating / downloading of templates ( https://github.com/ethicalhackingplayground/erebus/releases/latest ). The Erebus-Templates project provides a list of ready-to-use templates that can be used in your tests.

You can use the flag -ut to update the templates at any time.

Setting up the Erebus Interceptor

Make sure you have a proxy set up in your browser before using erebus interceptor. For firefox, go to

arrow_forward

 Settings arrow_forward General information arrow_forward Network settings arrow_forward Manual proxy configuration

Type 127.0.0.1 to the HTTP proxy server and then to the port number we put 8080. Also use the proxy server for FTP and HTTPS

Install SSL certificates for HTTPS

I have given you the certificates that you can use for the check HTTPS, all you need to do is install them from:

arrow_forward Settings arrow_forward Privacy & Security arrow_forward Certificates arrow_forward View certificates arrow_forward Introduction arrow_forward

Select the file .crt in the erebus directory and proceed with the installation.

Use

erebus -h

The command will display the help menu for the tool. Here are all the switches it supports :.

Intercept and Crawl on HTTP

▶ erebus -t erebus-templates / xss-reflected.yaml -interceptor -crawl -scope ". *. \. paypal.com"

Intercept and Crawl on HTTPS

▶ erebus -t erebus-templates / xss-reflected.yaml -interceptor -crawl -secure -scope ". *. \. paypal.com"

Tool Chaining Usage

 

threw out "paypal.com" | left | erebus -t erebus-templates / xss-reflected.yaml
▶ cat alive | left | erebus -t erebus-templates / xss-reflected.yaml

Watch a related video from here.

You can download the program from here.

iGuRu.gr The Best Technology Site in Greeceggns

Get the best viral stories straight into your inbox!















Erebus, ethical, hacking

Written by Anastasis Vasileiadis

Translations are like women. When they are beautiful they are not faithful and when they are faithful they are not beautiful.

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).