Skip to content
nacs: event-driven pentest scanner
by
ddos
·
nacs: event-driven pentest scanner
- Detect if the target machine is alive
- Service scan (regular & non-regular ports)
- poc detection (xray & nuclei format)
- Weak password blasting for services such as databases
- Common Vulnerability Exploitation of Intranet
Highlights
- Log4j vulnerability detection of common components (such as spring) and common HTTP request headers
- Service scanning and utilization of unconventional ports (such as ssh on port 2222, etc.)
- Retrieve available assets from fofa as a supplement (TODO)
- Automatically identify the input box of a simple web page for weak password blasting and log4j detection (TODO)
Mechanism
- Environment configuration
- Weak password configuration, public key to be written, bounced address, ceye’s API, etc.
- detect alive
- fingerprint scan
- Determine which port corresponds to which service, especially unconventional ports
- Vulnerability management (sent to the corresponding module according to the fingerprint information)
- Detect or exploit non-web services that can be RCE (redis, EternalBlue, etc.)
- PoC scanning of web services, such as log4j
- Unauthorized and blasting of non-web services
- Auto-explosive login (TODO) for web services
- Key services OA, VPN, Weblogic, honeypot, etc.
