Category

Vulnerability Scanning

Inputs

rate-limit
string
Maximum number of requests to send per second per machine
port-details
file
required
JSONLines records of port or network service discovery details from the Scan for Open Ports or Fingerprint Network Services modules

Outputs

findings

Scan Network Services for Misconfigurations

Description

Scan for network service misconfigurations that range from disclosing information and exposing sensitive functionality to enabling complete takeover of an asset.

Features

  • Scans for a wide range of misconfiguration scenarios.
  • Supports various network protocols.
  • Can scan thousands of web servers simulataneously.

Inputs

Required

  • port-details: JSONLines records of port or network service discovery details from the “Scan for Open Ports” or “Fingerprint Network Services” modules.
{"hostname": "foo.example.com", "ip_address": "1.2.3.4", "port": 21, "protocol": "ftp", "tls": false, "transport": "tcp", "banner": "220 (vsFTPd 3.0.5)\r\n"}

{"hostname": "bar.example.com", "ip_address": "5.6.7.8", "port": 22, "protocol": "ssh", "tls": false, "transport": "tcp", "banner": "SSH-2.0-OpenSSH_9.6p1 Ubuntu-3ubuntu13.4\r\n"}

Optional

  • rate-limit: Maximum number of requests to send per second per machine (default: 300)

Outputs

  • findings: JSONLines records of finding details.
{"finding": "FTP Anonymous Login", "location": "1.2.3.4:21", "severity": "medium", "ip_address": "1.2.3.4", "hostname": "foo.example.com", "domain_name": "example.com", "description": "Anonymous FTP access allows anyone to access your public_ftp folder, allowing unidentified visitors to download (and possibly upload) files on your website. Anonymous FTP creates the potential for a security hole for hackers and is not recommended."}

{"finding": "SSH Password-based Authentication", "location": "5.6.7.8:22", "severity": "info", "ip_address": "5.6.7.8", "hostname": "bar.example.com", "domain_name": "example.com"}

Changelog

  • v1.0
    • Initial release