Fuxi v2.1 releases: Penetration Testing Platform

by do son · Published June 25, 2018 · Updated October 10, 2021

Fuxi-Scanner

Fuxi Scanner is an open-source network security vulnerability scanner, it comes with multiple functions.

Vulnerability detection & management
Authentication Tester
IT asset discovery & management
Port scanner
Subdomain scanner
Acunetix Scanner (Integrate Acunetix API)

Usage

Vulnerability Scanner

The scanner module integrates an open-sourced remote vulnerability testing and PoC development framework – Pocsuite

Like Metasploit, it is a development kit for pentesters to develop their own exploits. Based on Pocsuite, you can write the most core code of PoC/Exp without caring about the resulting output etc. There are at least several hundred people writing PoC/Exp based on Pocsuite up to date.

You can be acquiring PoC scripts from Seebug community

The target can be IP, network segment or URL.

You can manage plugins in the Plugin Manager modules. The plugin must conform to the PoC Coding Style

Asset Management

IT Asset Registration:

Automatic Service Discovery:

You can scan the vulnerability by searching and filtering out specific services

Authentication Tester

This is an auth tester with hydra

Currently this tool supports the following protocols: Asterisk, AFP, Cisco AAA, Cisco auth, Cisco enable, CVS, Firebird, FTP, HTTP-FORM-GET, HTTP-FORM-POST, HTTP-GET, HTTP-HEAD, HTTP-POST, HTTP-PROXY, HTTPS-FORM-GET, HTTPS-FORM-POST, HTTPS-GET, HTTPS-HEAD, HTTPS-POST, HTTP-Proxy, ICQ, IMAP, IRC, LDAP, MS-SQL, MYSQL, NCP, NNTP, Oracle Listener, Oracle SID, Oracle, PC-Anywhere, PCNFS, POP3, POSTGRES, RDP, Rexec, Rlogin, Rsh, RTSP, SAP/R3, SIP, SMB, SMTP, SMTP Enum, SNMP v1+v2+v3, SOCKS5, SSH (v1 and v2), SSHKEY, Subversion, Teamspeak (TS2), Telnet, VMware-Auth, VNC and XMPP. (55)