Zeus Scanner

What is Zeus?

Zeus is an advanced dork searching tool that is capable of bypassing search engine API calls, search engine captchas, and IP address blocking from sending many requests to the search engine itself. Zeus can use three different search engines to do the search (default is Google). Zeus has a powerful built-in engine, automates a hidden web browser to pull the search URL, and can run sqlmap and nmap scans on the URL’s.

Requirements

There are a few requirements for this:

• Firefox web browser is required as of now, I will be adding the functionality of most web browsers.
• If you want to run sqlmap through the URL’s you will need sqlmap somewhere on your system.
• If you want to run a port scan using nmap on the URL’s IP addresses. You will need nmap on your system.
  • Highly advised tip: Add sqlmap and nmap to your ENV PATH
• Gecko web driver is required and will be installed the first time you run. It will be added to your /usr/bin so that it can be run in your ENV PATH.
• You must be sudo for the first time running this so that you can add the driver to your PATH
• selenium-webdriver package is required to automate the web browser and bypass API calls.
• requests package is required to connect to the URL, and the sqlmap API
• python-nmap package is required to run nmap on the URL’s IP addresses
• whichcraft package is required to check if nmap and sqlmap are on your system if you want to use them
• pyvirtualdisplay package is required to hide the browser display while finding the search URL
• xvfb is required by pyvirtualdisplay, it will be installed if not installed on your first run

Installing

To install Zeus you simply need to do the following:

• (optional but highly advised) add sqlmap and nmap to your environment PATH by moving them to /usr/bin or by adding them to the PATH via terminal
  git clone https://github.com/Ekultek/Zeus-Scanner.git
  cd into zeus-scanner
  pip install -r requirements.txt
  sudo python zeus.py

This will install all the package requirements along with the gecko web driver.

Usage

Options: 
-h, –help show this help message and exit 

Mandatory Options: 
These options have to be used in order for Zeus to run 

-d DORK, –dork = DORK 
Specify a singular Google dork to use for queries 
-l FILE -PATH, –dork-list = FILE-PATH 
Specify a file -d 
, -rand-dork, -d, -d, from, etc / dorks.txt file to 
perform the scan 
-b URL, – = the URL -blackwidow 
Spider a single the webpage for all the URL’s available 

Attack the arguments: 
for These will of the arguments give you the choice on how you want to check the 
the websites 

-s, –sqli sqlmap the Run a scan on the SQLI Discovered the URL’s
-p, –port-scan Run a Nmap port scan on the discovered URL’s 
-i, –intel-check Check if a URL’s host is exploitable via Intel ME AMT 
(CVE-2017-5689) 
-a, –admin- panel Search for the websites admin panel 
–sqlmap-args = SQLMAP-ARGS 
Pass the arguments to send to the sqlmap API within 
quotes & separated by a comma. IE ‘dbms mysql, verbose 
3, level 5′ 
–nmap-args = NMAP-ARGS 
Pass the arguments to send to the nmap API within 
quotes & separated by a pipe. IE ‘-O | -p 445, 1080’ 
–auto-start Attempt to automatically find sqlmap on your system 
–search-here = PATH-TO-START 
Start searching for sqlmap in this given path
–show-sqlmap Show the arguments that the sqlmap API understands 
–show-nmap Show the arguments that nmap understands 
-P, –show-possibles 
Show all connections made during the admin panel 
search 

Anonymity arguments: 
Arguments that help with anonymity and hiding identity 

–proxy = PROXY-STRING 
Use a proxy to do the scraping, will not auto 
configure to the API’s 
–proxy-file = FILE-PATH 
Grab a random proxy from a given file of proxies 
–random-agent Use a random user-agent from the etc / agents.txt file 
–agent = USER-AGENT Use your own personal user-agent 

Search engine arguments: 
Arguments to change the search engine used (default is Google)

-D, –search-engine-ddg 
Use DuckDuckGo as the search engine 
-B, –search-engine-bing 
Use Bing as the search engine 
-A, –search-engine-aol 
Use AOL as the search engine 

Misc Options : 
These options affect how the program will run 

–verbose Running application in verbose mode (more output) 
–show-requests Show all HTTP requests made by the application 
–batch batch mode 
–update Update to the latest development version 
–hide Hide the banner during running 
–version Show the current version and exit

Running without a mandatory options, or running the --help flag will output Zeus’s help menu: A basic dork scan with the -d flag, from the given dork will launch an automated browser and pull the Google page results: Calling the -s flag will prompt for you to start the sqlmap API server python sqlmapapi.py -s from sqlmap, it will then connect to the API and perform a sqlmap scan on the found URL’s. 

Source: https://github.com/Ekultek/Zeus-Scanner