Tsunami: A network security scanner

Tsunami is a general purpose network security scanner with an expandable add-on system for detecting high-risk vulnerabilities.

To learn more about the Tsunami, visit σελίδα.
Tsunami relies heavily on the add-on system to provide basic scanning capabilities.

All publicly available Tsunami plugins are hosted in a separate repository google/tsunami-security-scanner-plugins .

Current situation

  • Tsunami is currently in pre-alpha release for developer preview.
  • The Tsunami project is under development. Expect significant API changes in the future.


install the following required kits:

nmap> = 7.80 ncrack> = 0.7

start a vulnerable application that can be identified by Tsunami, e.g. an unauthorized Jupyter Notebook server. The easiest way is to use a docker image:

docker run --name unauthenticated-jupyter-notebook -p 8888: 8888 -d jupyter / base-notebook start-notebook.sh --NotebookApp.token = ''

run the following command:

bash -c "$ (curl -sfL https://raw.githubusercontent.com/google/tsunami-security-scanner/master/quick_start.sh)"

The quick_start.sh script runs the following processes:

  1. It clones them google / tsunami-security-scanner repositories in the upcoming years, while google/tsunami-security-scanner-plugins in the $ HOME / tsunami / repos folder.
  2. Gathers everything the Google Tsunami add-ons and moves all their jar files additions in $ HOME / tsunami / plugins.
  3. Writes the Fat Jar file of the Tsunami scanner and moves it to the $ HOME / tsunami folder.
  4. Moves tsunami.yaml config to $ HOME / tsunami.
  5. Print an example of the Tsunami command to scan using previously created objects.

iGuRu.gr The Best Technology Site in Greecefgns

Subscribe to Blog by Email

Subscribe to this blog and receive notifications of new posts by email.

Written by Anastasis Vasileiadis

Translations are like women. When they are beautiful they are not faithful and when they are faithful they are not beautiful.

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).