Raphael
Raphael是一款基于Python3开发的插件式漏洞扫描工具。
Raphael is a vulnerability scanning tool based on Python3.
Usage
raphael.py -h
2021-12-30 18:54:32,198 | INFO | Raphael Start ~
usage: raphael.py [-h] [-u HOST] [-k PLUGIN] [-l] [-p PORT] [-t THREAD] [-e] [-o OUTPUT] [-f FORMAT]
optional arguments:
-h, --help show this help message and exit
-u HOST, --host HOST target host or file
-k PLUGIN, --plugin PLUGIN filter plugins by keyword
-l, --list list all exist plugins
-p PORT, --port PORT target port
-t THREAD, --thread THREAD number of thread, default 5
-e, --error show error message of plugins
-o OUTPUT, --output OUTPUT report dir
-f FORMAT, --format FORMAT report format, html/json/csv
Example
List all exist plugins.
raphael.py -l
2021-12-30 18:54:01,128 | INFO | Raphael Start ~
2021-12-30 18:54:01,130 | INFO | plugin path: /Raphael/plugins
All Plugins:
plugins.port
plugins.log4j_cve_2021_44228
plugins.grafana_cve_2021_43798
plugins.mongo_unauth
plugins.redis_unauth
plugins.http_banner
plugins.oxid
plugins.memcached_unauth
plugins.apisix_cve_2021_45232
plugins.zookeeper_unauth
plugins.thinkphp
Detect unauthorized access vulnerability.
raphael.py -u 192.168.1.1/24 -k unauth -t 50
2021-12-30 18:58:27,072 | INFO | Raphael Start ~
2021-12-30 18:58:27,074 | INFO | convert ip segment into ip address
2021-12-30 18:58:27,080 | INFO | found 4 plugin:
plugins.mongo_unauth
plugins.redis_unauth
plugins.memcached_unauth
plugins.zookeeper_unauth
2021-12-30 18:58:27,084 | INFO | raphael got total 1024 tasks
2021-12-30 18:58:27,084 | INFO | run task in 50 threads
2021-12-30 18:58:32,109 | INFO | [+] 192.168.1.128 -> plugins.mongo_unauth -> True
2021-12-30 18:58:32,112 | INFO | [+] 192.168.1.128 -> plugins.memcached_unauth -> True
2021-12-30 18:58:32,147 | INFO | [+] 192.168.1.134 -> plugins.redis_unauth -> True
2021-12-30 18:58:37,691 | INFO | total 3 result
2021-12-30 18:58:37,691 | INFO | report path: output/raphael.html
2021-12-30 18:58:37,692 | INFO | Finished at: 2021-12-30 18:58:37
2021-12-30 18:58:37,693 | INFO | Total: 10.621082067489624 s
Port Scan.
raphael.py -u 192.168.1.128 -k port
2021-12-30 18:59:27,309 | INFO | Raphael Start ~
2021-12-30 18:59:27,311 | INFO | convert ip segment into ip address
2021-12-30 18:59:27,313 | INFO | found 1 plugin:
plugins.port
2021-12-30 18:59:27,314 | INFO | raphael got total 1 tasks
2021-12-30 18:59:27,314 | INFO | run task in 5 threads
2021-12-30 18:59:35,892 | INFO | [+] 192.168.1.128 -> plugins.port -> [22, 53, 2181, 11211, 27017]
2021-12-30 18:59:36,003 | INFO | total 1 result
2021-12-30 18:59:36,003 | INFO | report path: output/raphael.html
2021-12-30 18:59:36,007 | INFO | Finished at: 2021-12-30 18:59:36
2021-12-30 18:59:36,007 | INFO | Total: 8.698265790939331 s
Report
HTML Report:
Plugin development
Write your own plugin with python, and then put it into the plugins directory.
plugin template:
def run(host, **kwargs):
result = "vulnerable"
# do something
return result
e.g.
171 Dec 25, 2022
430 Dec 27, 2022
15 Jul 11, 2022
36 Dec 20, 2022
10.1k Jan 09, 2023
3 Jul 23, 2022
104 Nov 09, 2022
177 Dec 22, 2022
21 Dec 16, 2022
867 Dec 22, 2022
10 Nov 19, 2022
71 Nov 30, 2022
24 Dec 19, 2022
315 Dec 18, 2022
1 Jan 09, 2022
84 Dec 23, 2022
1 Nov 24, 2022
368 Jan 04, 2023
2 Dec 16, 2021
58 Dec 05, 2022