Erebus is used to control each parameter on targets, with base Yaml templates and provide fast scanning on a large number of hosts.
Erebus offers many useful features, including a sub proxythefts that allows researchers to browse the site, click on links, and erebus will test every parameter passed through the proxy.
Usage Mode
Installation of Erebus
O GO111MODULE = off go get -u -v github.com/ethicalhackingplayground/erebus/erebus
▶ erebus -ut
Erebus modelsErebus has built-in support for automatic updating / downloading of templates ( https://github.com/ethicalhackingplayground/erebus/releases/latest ). The Erebus-Templates project provides a list of ready-to-use templates that can be used in your tests. You can use the flag |
Setting up the Erebus InterceptorMake sure you have a proxy server set to program your browser before using erebus interceptor. For firefox, go to Settings General information Network settings Manual proxy configuration Type 127.0.0.1 to the HTTP proxy server and then to the number doorwe put 8080. Also use the proxy server for FTP and HTTPS |
Install SSL certificates for HTTPSI have given you the certificates that you can use for the check HTTPS, all you need to do is install them from: Settings Privacy & Security Certificates View certificates Introduction Select the file .crt in the erebus directory and proceed with it installation. |
Use
erebus -h
The command will display the help menu for the tool. Here are all the switches it supports :.
Intercept and Crawl on HTTP
▶ erebus -t erebus-templates / xss-reflected.yaml -interceptor -crawl -scope ". *. \. paypal.com"
Intercept and Crawl on HTTPS
▶ erebus -t erebus-templates / xss-reflected.yaml -interceptor -crawl -secure -scope ". *. \. paypal.com"
Tool Chaining Usage
▶ threw out "paypal.com" | left | erebus -t erebus-templates / xss-reflected.yaml
▶ cat alive | left | erebus -t erebus-templates / xss-reflected.yaml
Watch a related video from here.
You can download the program from here.