DarkAngel: fully automatic white hat vulnerability scanner
DarkAngel
DarkAngel is a fully automatic white hat vulnerability scanner, which can monitor hacker and bugcrowd assets, generate vulnerability reports, and send enterprise WeChat notifications.
Currently supported features:
- Hackerone asset monitoring;
- Bugcrowd asset monitoring;
- Add user-defined assets;
- Subdomain name scanning;
- Website fingerprint identification;
- Vulnerability scanning;
- Automatic generation of vulnerability reports;
- Enterprise WeChat notification scanning results;
- The front end displays the scanning results;
Use
–scan-new-domain
$ python3 darkangel.py –scan-new-domain
- Monitor the hacker and bugcrowd domain names and scan them (when using them for the first time, all the hacker and bugcrowd domain names will be added. Prepare when there are too many assets, and the scan takes a long time)
–add-domain-and-scan
$ python3 darkangel.py –add-domain-and-scan program-file-name1 program-file-name2 –offer-bounty yes/no
-Customized addition of scanning domain names and vulnerability scanning of these domain names -The file name is the name of the manufacturer, and the file memory needs to scan the domain name -The –offer-bounty parameter is required to set whether the domain name provides reward
After scanning, the subdomain name results will be stored in the /root/darkangel/vulscan/results/urls directory. They are stored in the bounty_temp_urls_output.txt, nobounty_temp_urls_output.txt document.
–nuclei-file-scan
$ python3 darkangel.py –nuclei-file-scan
- Scan 20 url files with nuclei
URL list storage location
–nuclei-file-polling-scan
$ python3 darkangel.py –nuclei-file-polling-scan
- Polling uses Nuclei to scan 20 url files. You can put the process in the background, poll, and scan, and listen for new vulnerabilities in the url list
–nuclei-file-scan-by-new-temp
$ python3 darkangel.py –nuclei-file-scan-by-new-temp nuclei-template-version
- Listen for updates to the nucleus template. When updating, scan the url list
The current nuclear template version is 9.3.1
Execute the command to monitor the 9.3.2 version update
URL list storage location
–nuclei-file-scan-by-new-add-temp
$ python3 darkangel.py –nuclei-file-scan-by-new-add-temp nuclei-template-id
- Monitor the update of the single template of nuclei. When updating, use this template to scan the url list. There is a time difference here. Sometimes, submit the template first, and then add the nuclei template after verification. When we have not yet joined, we have already listened and scanned. After scanning, the ID will automatically increase and listen and scan
Check the ID of the single template of Nuclei, which is 6296 here
Execute the command to scan the template
URL list storage location
–nuclei-file-scan-by-temp-name
$ python3 darkangel.py –nuclei-file-scan-by-temp-name nuclei-template-name
- Scan the url list with a single template
