Giter Club home page Giter Club logo

AVAIN - Automated Vulnerability Analysis (in) IP-based Networks

A framework for the automated vulnerability analysis in IP-based networks that enables its modules to work collaboratively by sharing results.

Python 3.6+ Platform: linux, macOS <release> License: MIT Wiki

About

AVAIN is a modular vulnerability analysis / penetration testing framework for computer networks and individual machines in which its modules can work collaboratively to achieve more sophisticated results. AVAIN can automatically assess the security level of an IP-based network or host. Its final output is a score between 0 and 10, where the higher the score, the more vulnerable / insecure the assessed object. In addition, AVAIN saves all the detailed results from its modules for the user to look at after the assessment. During the assessment, the most relevant parts of every module's output are shown right away.

Primarly AVAIN is an extensible framework that uses modules to do vulnerability assessment. As such it offers several features that make it easier to develop new modules and make use of existing ones. For more information, look at the separate wiki page. To see how to develop new modules with Python, look at this wiki page.

Current Features of Modules

In short, the currently available modules can:

  • Faciliate an Nmap scan & somewhat postprocess it
  • Do an analysis based on the scan results to discover CVE / NVD entries that affect the discovered software
  • Brute force credentials for SSH & Telnet services via Hydra and a configurable wordlist
  • Brute force directories and files on a webserver via a configurable wordlist
  • Completely scrape a webserver, i.e. crawl paths, find GET / POST parameters and cookies, find source code comments and find new network locations. Moreover, use Selenium to discover content that only becomes visible when opening websites via a browser, so dynamic content.

A more detailed overview of the current modules, what they can do and how they work is available in the wiki. All of AVAIN's modules are highly configurable. As a small example, you can configure authentication cookies to be used while scraping a website. For a full list of configuration parameters and how to use them properly, have look at the separate wiki page. In addition, while being fairly verbose during the scan, all of result files that contain even more information are stored in AVAIN's output directory. While the file structure should be simple to understand, it is further explained in the wiki.

Installation

AVAIN was made to work on Unix based systems. It was tested to work on macOS, Ubuntu Linux and Kali Linux. You can either install it directly on your system or use the available Dockerfile. To install it directly & automatically, run the install.sh script. As the script attempts to install the required software, you may have to run it as root or you will get asked for a password. In case the script does not work, you may be good by changing the package manager at the top of the script, if not feel free to open an issue. On macOS you need Homebrew. For more info on the installation process, see the wiki page.

Usage

To use AVAIN, simply call it by typing avain without any arguments in a terminal and you will get presented with the following usage information.

usage: avain [-h] [-n NETWORKS [NETWORKS ...]] [-nL NETWORK_LIST] [-uM]
             [-c CONFIG] [-o OUTPUT] [-p PORTS] [-sN] [-v]
             [-sR SCAN_RESULTS [SCAN_RESULTS ...]]
             [-vS VULNERABILITY_SCORES [VULNERABILITY_SCORES ...]]
avain: error: at least one of the following arguments is required: -n/--network,-nL/--network-list, -uD/--update-modules or any one of [-sR/--scan-results, -vS/--vulnerability-scores]

To simply run AVAIN on some target 192.168.42.1, call it like so:

avain -n 192.168.42.1

Again, the contents of the created output folder should mostly be simple to understand, but a separate wiki page goes into more detail. Further explanation on AVAIN's usage information is available at this wiki page.

Three more examples of how you can call AVAIN:

  • avain -n 192.168.0.* -uM -p T:80,U:53 -o http_dns_sec
  • avain -n 192.168.0.1 192.168.0.100-150 -sN -c config/someconfig.cfg -v
  • avain -sR path_to_sr_1 path_to_sr_2 -o network_analysis

Wiki

In case you have more question about AVAIN, the wiki is very detailed and explains AVAIN in great detail.

Contribution & Bugs

If you want to contribute, or have any questions or suggestions, use GitHub or directly contact me via Email here. If you found a bug or have other troubles, feel free to open an issue.

License

AVAIN is licensed under the MIT license, see here.

Miscellaneous

I created AVAIN as part of my Bachelor Thesis at TU Darmstadt (located in Germany) under the guidance of my advisor Rolf Egert. We have presented a paper about AVAIN at NetSys '19. In addition, another paper based on AVAIN has been accepted at the IEEE GLOBECOM 2019 Workshop on Security and Privacy in Smart, Cooperative IoT and CPS. For more info see the Publications wiki page.

Avain's Projects

30daymakeos icon 30daymakeos

《30天自制操作系统》源码中文版。自己制作一个操作系统(OSASK)的过程

advisor icon advisor

Open-source implementation of Google Vizier for hyper parameters tuning

afl icon afl

american fuzzy lop - a security-oriented fuzzer

ai-lab icon ai-lab

All-in-one AI container for rapid prototyping

angr icon angr

The next-generation binary analysis platform from UC Santa Barbara's Seclab!

annotation-and-image-markup icon annotation-and-image-markup

Annotation and Image Markup (AIM) is the first project to propose and create a standard means of adding information and knowledge to an image in a clinical environment, so that image content can be easily and automatically searched.

apkil icon apkil

An APK instrumentation library and DroidBox APIMonitor

apollo-11 icon apollo-11

Original Apollo 11 Guidance Computer (AGC) source code for the command and lunar modules.

automl_challenge icon automl_challenge

This is a "supervised learning" challenge in machine learning. We are making available 30 datasets, all pre-formatted in given feature representations (this means that each example consists of a fixed number of numerical coefficients). The challenge is to solve classification and regression problems, without any further human intervention.

avain icon avain

A Modular Framework for the Automated Vulnerability Analysis in IP-based Networks

awesome-automl icon awesome-automl

Curating a list of AutoML-related research, tools, projects and other resources

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.