많은 WVS(Web Vulnerability Scanner) 중 오픈소스 프레임워크인 arachni에 대한 이야기를 할까합니다. 간단하게 테스트 하였고, 무난하게 사용할 수 있을 것 같아 정리합니다.
Install arachni scanner
Download link http://www.arachni-scanner.com/download/
64bit Command
#> wget https://github.com/Arachni/arachni/releases/download/v1.4/arachni-1.4-0.5.10-linux-x86_64.tar.gz
#> tar -xvf arachni-1.4-0.5.10-linux-x86_64.tar.gz
#> cd arachni-1.4-0.5.10
#> cd system/arachni-ui-web/bin
#> bundle install
#> ./arachni
Run Scan
#> ./arachni http://127.0.0.1
Arachni - Web Application Security Scanner Framework v1.4
Author: Tasos "Zapotek" Laskos <tasos.laskos@arachni-scanner.com>
(With the support of the community and the Arachni Team.)
Website: http://arachni-scanner.com
Documentation: http://arachni-scanner.com/wiki
[~] No checks were specified, loading all.
[~] No element audit options were specified, will audit links, forms, cookies, UI inputs, UI forms, JSONs and XMLs.
[*] Initializing...
[*] Preparing plugins...
[*] ... done.
[~] Scheduled 302 redirection: http://127.0.0.1/ => /test
[*] [HTTP: 302] http://127.0.0.1/
[~] Analysis resulted in 0 usable paths.
...snip...
[~] Total: 11
[+] Without issues: 0
[-] With issues: 11 ( 100% )
[~] Report saved at: /test/arachni/system/arachni-ui-web/bin/127.0.0.1 2016-03-08 09_52_55 +0900.afr [0.04MB]
[~] Audited 3 pages.
[~] Duration: 00:00:14
[~] Processed 171/262 HTTP requests.
[~] -- 16.712 requests/second.
[~] Processed 0/0 browser jobs.
[~] -- 0.0 second/job.
[~] Currently auditing http://127.0.0.1/test/
[~] Burst response time sum 37.542 seconds
[~] Burst response count 37
[~] Burst average response time 1.015 seconds
[~] Burst average 10.069 requests/second
[~] Timed-out requests 0
[~] Original max concurrency 20
[~] Throttled max concurrency 20
저장된 Report file(.afr)을 아래 명령처럼 reporter 를 이용하여 결과를 확인할 수 있습니다.
#> ./arachni_reporter 127.0.0.1\ 2016-03-08\ 09_52_55\ +0900.afr
WebUI로도 지원하니 구글링 좀 해보신 후 사용하시면 잘 활용할 수 있는 스캐너로 보입니다. :)