archerysec v1.1 released: Open Source Vulnerability Assessment and Management

Archery is an opensource vulnerability assessment and management tool which helps developers and pentesters to perform scans and manage vulnerabilities. Archery uses popular opensource tools to perform comprehensive scanning for web application and network. It also performs web application dynamic authenticated scanning and covers the whole applications by using selenium. The developers can also utilize the tool for implementation of their DevOps CI/CD environment.

Overview of the tool:

• Perform Web and Network Vulnerability Scanning using opensource tools.
• Correlates and Collaborate all raw scans data, show them in a consolidated manner.
• Perform authenticated web scanning.
• Perform web application scanning using selenium.
• Vulnerability Management.
• Enable REST API’s for developers to perform scanning and Vulnerability Management.
• JIRA Ticketing System.
• Sub domain discovery and scanning.
• Periodic scans.
• Concurrent scans.
• Useful for DevOps teams for Vulnerability Management.

Changelog v1.1

• Merge pull request #101 from httpdss/non-root-user
  
  Non root user for dockerfile

Requirement

• Python 2.7
• OpenVAS 8, 9
• OWASP ZAP 2.7.0
• Selenium Python Firefox Web driver
• SSLScan
• Nikto
• NMAP Vulners

Installation

Documentation

Demo

Copyright (c) 2017, ArcherySec Maintainers, All rights reserved.

Source: https://github.com/anandtiwarics/