Search the Community

What is Osmedeus? Osmedeus allows you automated run the collection of awesome tools to reconnaissance and vulnerability scanning against the target. Feature Subdomain Scan. Subdomain TakeOver Scan. Screenshot the target. Basic recon like Whois, Dig info. Web Technology detection. IP Discovery. CORS Scan. SSL Scan. Wayback Machine Discovery. URL Discovery. Headers Scan. Port Scan. Vulnerable Scan. Seperate workspaces to store all scan output and details logging. REST API. React Web UI. Support Continuous Scan. Slack notifications. Easily view the report from the command line. Changelog v4.4 The default folder for workspaces has been updated to $HOME/workspaces-osmedeus/ from the previous location at $HOME/.osmedeus/workspaces/ The database has now been switched to a file-based system, making it simpler to transfer between machines. The user interface has undergone a revamp. Improvements in the performance of distributed scans. A new health check command has been included in the provider command, allowing you to monitor progress at a later time by leaving the instance open. Refactoring a lot of the helper messages throughout the tool [hide][Hidden Content]]

Automatic Reconnaissance and Scanning in Penetration Testing. What is Osmedeus? Osmedeus allows you automated run the collection of awesome tools to reconnaissance and vulnerability scanning against the target. Feature Subdomain Scan. Subdomain TakeOver Scan. Screenshot the target. Basic recon like Whois, Dig info. Web Technology detection. IP Discovery. CORS Scan. SSL Scan. Wayback Machine Discovery. URL Discovery. Headers Scan. Port Scan. Vulnerable Scan. Seperate workspaces to store all scan output and details logging. REST API. React Web UI. Support Continuous Scan. Slack notifications. Easily view the report from the command line. Changelog v4.1.1 Added a new clean-up script for public ffuf to show more beautiful output. Added a new workflow for testing notifications. Added a detailed notification setup page at docs.osmedeus.org/installation/notification/. Added a new tool str-replace to generate even more permutation subdomains (see probing module). [hide][Hidden Content]]

Osmedeus is a fully automated vulnerability scanner that analyses system, subdomain, and website to identify security holes. It is a useful security tool that can scan and take screenshots of the target. Osmedeus: Open Source Web Reconnaissance and Vulnerability Scanner Osmedeus is an open-source vulnerability scanner developed to protect your organization against imminent cyber-security threats. It combines the best of intranet and extranet surveillance. The tool has features that exceed most premium scanning and reconnaissance tools in the market. It can be used to scan your target network and server for vulnerabilities. It features an impressive collection of tools such as web technology detection, IP discovery, and way back machine discovery. It can separate workspace to store all scan output and logging details. Finally, it supports a continuous scan and lets you view the scan report from the command line. Furthermore, it is equipped with web technology detection, IP discovery, and way back machine discovery features. The application can separate workspace to store all scan output and details logging. Lastly, it can support a continuous scan and lets you view the scan report from the command line. Osmedeus Architecture Features: Subdomain Scan Subdomain TakeOver Scan Screenshot the target Basic recon like Whois, Dig info Web Technology detection IP Discovery CORS Scan SSL Scan Wayback Machine Discovery URL Discovery Headers Scan Port Scan Vulnerable Scan Separate workspaces to store all scan output and details logging REST API React Web UI Support Continuous Scan Slack notifications Easily view report from commanad line Supported platforms: Kali Linux, *nix OS, and macOS [hide][Hidden Content]]

What is Osmedeus? It allows you to do boring stuff in Pentesting automatically like reconnaissance and scanning the target by run the collection of awesome tools. Feature Subdomain Scan. Subdomain TakeOver Scan. Screenshot the target. Basic recon like Whois, Dig info. Web Technology detection. IP Discovery. CORS Scan. SSL Scan. Wayback Machine Discovery. URL Discovery. Headers Scan. Port Scan. Vulnerable Scan. Seperate workspaces to store all scan output and details logging. REST API. React Web UI. Support Continuous Scan. Slack notifications. Available modules with list tool being used Subdomain Scanning amass subfinder massdns Subdomain TakeOver Scanning subjack SubOver Screenshot the target aquatone EyeWitness Port Scanning masscan nmap Vulnerable Scan and beautify html report nmap-vulners nmap-bootstrap-xsl Git repo scanning truffleHog gitrob Doing some stuff with Burp State file sqlmap SleuthQL LinkFinder Directory search dirhunt dirsearch gobuster Bruteforce services brutespray Wordlists domain web-content Changelog v1.4 Adding new AssetFinding module powered mostly by tomnomnom. Direct mode (specific module) now very powerful Detail. Improve the API architecture, from now you can run multi targets without crash the routine. Improve main routine and add options for custom speed of the routine. Adding some security feature for the API. Improve search and sort from the UI. Fix a lot of bugs and refactoring a lot of things. [Hidden Content]

[Hidden Content] What is Osmedeus? Osmedeus allow you automated run the collection of awesome tools to reconnaissance and vulnerability scanning against the target. How to use If you have no idea what are you doing just type the command below or check out the Advance Usage ./osmedeus.py -t example.com Installation git clone [Hidden Content] cd Osmedeus ./install.sh This install only focus on Kali linux, check more install on Wiki page Features Subdomain Scan. Subdomain TakeOver Scan. Screenshot the target. Basic recon like Whois, Dig info. IP Discovery. CORS Scan. SSL Scan. Headers Scan. Port Scan. Vulnerable Scan. Seperate workspaces to store all scan output and details logging. REST API. SPA Web UI. Slack notifications. Demo Disclaimer Most of this tool done by the authors of the tool that you can see in the module folder. I just put all the pieces together, plus some extra boring stuff that we don't wanna do everyday. This tool is for educational purposes only. You are responsible for your own actions. If you mess something up or break any laws while using this software, it's your fault, and your fault only.