• We just launched and are currently in beta. Join us as we build and grow the community.

Osmedeusr : Automated Offensive Security Framework

slum

Code Injection Specialist
S
S Rep
0
0
0
Rep
0
S Vouches
0
0
0
Vouches
0
Posts
71
Likes
102
Bits
0
1 MONTH
1 1 MONTH OF SERVICE
LEVEL 1 600 XP
Red-and-White-Modern-Corporate-Sports-Youtube-Outro.png


Hey Folks, in this tutorial we are going to talk about an open source information gathering tool called “Osmedeusr“. Osmedeus allows you automated run the collection of awesome tools to reconnaissance and vulnerability scanning against the target.

Let’s take a look 🙂 !!

Installation

We have to download this tool from github by using the git command and then go to the directory of this tool. After completing all the steps we will execute the bash command to setup this tool completely.

git clone https://github.com/j3ssie/Osmedeus
cd Osmedeus/
bash install.sh123git clone
https://github.com/j3ssie/Osmedeuscd Osmedeus/bash install.sh

1-21.png


Done 🙂 !! The tool has been setup successfully and now we can boot this tool using the following command.

python3 osmedeus.py1python3 osmedeus.py

2-20.png

Usage Guide

You can see all the features available in this tool by executing the above command.

3-21.png

Create User

This provides us GUI interface to control and manage the output of the scanning, so we need to create a user for login to the web application.

python3 server/manage.py createsuperuser1python3 server/manage.py createsuperuser

4-19.png

Basic Scan

This is a basic scan but it will dump almost everything at the same time. Just add your taregt details and execute the command.

python3 osmedeus.py -t http://vulnweb.com1python3 osmedeus.py-t

Loading…

vulnweb.com

5-16.png


After executing the command it will give us the location where the web application is actually hosted and running locally. Just open the given location by the tool.

6-17.png


Good 🙂 !! The GUI interface looks great and now we need to enter the created credentials.

7-14.png

Summary

After successful login we get the following option inside the web application. In the summary section we get the list of subdomains.

8-13.png

Logs Summary

On the other hand you can see all past and present ongoing scanning as well as their path where they are being saved.

9-11.png

Report Summary

Through the following section we can directly see all the saved results of the specific host or the target.

10-9.png


Hmmm 🙂 !! As we told you that you can see the saved output by clicking the “Bash Output” button on the terminal.

11-6.png


Also, if you don’t like the GUI interface, you can also see the result on the command line terminal.

12-5.png


We cannot cover all the facilities at the same time, so thus you can use every single feature of the tool yourself.

13-5.png
About the AuthorShubham Goyal Certified Ethical Hacker, information security analyst, penetration tester and researcher. Can be Contact on Linkedin.
 
You must log in or register to reply here.

414,034

309,575

309,584

M Maikel787
Top