Scout: a Contactless Active Reconnaissance Tool
Scout – a Contactless Active Reconnaissance Tool
Scout is a python tool which utilizes Internet-wide scanning data provided by Censys to identify known vulnerabilities. It relies on the user having access to a MongoDB instance containing National Vulnerability Database’s data feeds as well as having a API access to Censys.
Scout is a product of a honours project from Edinburgh Napier University. The associated dissertation can be read on ResearchGate. This dissertation coins the term contactless active reconnaissance to differentiate the methodology used from classic contactless recon.
It requires a MongoDB instance containing the NVD’s datafeeds. “cve-search” is highly recommended. After installing cve-search:
git clone https://github.com/TheHairyJ/Scout.git pip3 install censys editdistance pymongo
Note: Editing of the source code may be required to correctly configure the database connection. Specifically the pymongo assignments.
python scout.py 192.168.0.0/16
Copyright (C) 2018 TheHairyJ