Osmedeus: Reconnaissance and Vulnerability Scanning

Osmedeus allows you automated run the collection of awesome tools to reconnaissance and vulnerability scanning against the target.

Installation

git clone https://github.com/j3ssie/Osmedeus
cd Osmedeus
./install.sh

NOTE: You might need to do sudo su before install or using this otherwise you might get issues with dependency problems.

Check out docker-osmedeus by mabnavarrete

How to use

If you have no idea what are you doing just type the command below or check out the Advanced Usage

./osmedeus.py -t example.com

Features

•  Subdomain Scan.
•  Subdomain TakeOver Scan.
•  Screenshot the target.
•  Basic recon like Whois, Dig info.
•  Web Technology detection.
•  IP Discovery.
•  CORS Scan.
•  SSL Scan.
•  Wayback Machine Discovery.
•  URL Discovery.
•  Headers Scan.
•  Port Scan.
•  Vulnerable Scan.
•  Seperate workspaces to store all scan output and details logging.
•  REST API.
•  React Web UI.
•  Support Continuous Scan.
•  Slack notifications.
•  Easily view report from commnad line.

Check this Documentation for more detail about each module.

Demo

• normal routine

./osmedeus.py -t example.com
./osmedeus.py -T list_of_target.txt

• normal routine but slow speed on all moddule

./osmedeus.py -t example.com --slow 'all'

• normal routine but exclude some modules

./osmedeus.py -t example.com -x 'linkfinding,dirb'

• direct mode examples

./osmedeus.py -m subdomain -t example.com
./osmedeus.py -m portscan -i "1.2.3.4/24"

./osmedeus.py -m "portscan,vulnscan" -i "1.2.3.4/24" -w result_folder

• direct list mode examples

./osmedeus.py -m portscan -I list_of_targets.txt
./osmedeus.py -m portscan,vulnscan -I list_of_targets.txt
./osmedeus.py -m screen -I list_of_targets.txt -w result_folder

• report mode

./osmedeus.py -t example.com --report list
./osmedeus.py -t example.com --report export
./osmedeus.py -t example.com --report sum
./osmedeus.py -t example.com --report short
./osmedeus.py -t example.com --report full