Skip to content

Latest commit

 

History

History
132 lines (93 loc) · 5.11 KB

README.md

File metadata and controls

132 lines (93 loc) · 5.11 KB

Osmedeus Base Community

Osmedeus
Osmedeus - A Workflow Engine for Offensive Security


Installation for Linux

NOTE that you need some essential tools like curl, wget, git, zip and login as root to start

bash -c "$(curl -fsSL https://raw.githubusercontent.com/osmedeus/osmedeus-base/master/install.sh)"

Installation for MacOS (experimental)

bash -c "$(curl -fsSL https://raw.githubusercontent.com/osmedeus/osmedeus-base/master/install-macos.sh)"

Check out this page for more the install on other platforms

Usage

# Practical Usage:
osmedeus scan -f [flowName] -t [target]
osmedeus scan -f [flowName] -T [targetsFile]
osmedeus scan -f /path/to/flow.yaml -t [target]
osmedeus scan -m /path/to/module.yaml -t [target] --params 'port=9200'
osmedeus scan -m /path/to/module.yaml -t [target] -l /tmp/log.log
cat targets | osmedeus scan -f sample

## Start a simple scan with default 'general' flow
osmedeus scan -t sample.com

## Start a scan directly with a module with inputs as a list of http domains like this https://sub.example.com
osmedeus scan -m ~/osmedeus-base/workflow/direct-module/dirbscan.yaml -t http-file.txt

## Start a general scan but exclude some of the module
osmedeus scan -t sample.com -x screenshot -x spider

## Start a simple scan with other flow
osmedeus scan -f vuln -t sample.com

## Scan for CIDR with file contains CIDR with the format '1.2.3.4/24'
osmedeus scan -f cidr -t list-of-cidrs.txt
osmedeus scan -f cidr -t '1.2.3.4/24' # this will auto convert the single input to the file and run

## Directly run the vuln scan and directory scan on list of domains
osmedeus scan -f vuln-and-dirb -t list-of-domains.txt

## Directly run the general but without subdomain enumeration scan on list of domains
osmedeus scan -f domains -t list-of-domains.txt

## Use a custom wordlist
osmedeus scan -t sample.com -p 'wordlists={{.Data}}/wordlists/content/big.txt' -p 'fthreads=40'

## Scan list of targets
osmedeus scan -T list_of_targets.txt

## Get target from a stdin and start the scan with 2 concurrency
cat list_of_targets.txt | osmedeus scan -c 2

## Start the scan with your custom workflow folder
osmedeus scan --wfFolder ~/custom-workflow/ -f your-custom-workflow -t sample.com

# Example Commands:
osmedeus scan -t target.com
osmedeus scan -T list_of_targets.txt -W custom_workspaces
osmedeus scan -t target.com -w workspace_name --debug
osmedeus scan -f single -t www.sample.com
osmedeus scan -f ovuln-T list_of_target.txt
osmedeus scan -m ~/osmedeus-base/workflow/test/dirbscan.yaml -t list_of_urls.txt
osmedeus health
ls ~/.osmedeus/storages/summary/ | osmedeus scan -m ~/osmedeus-base/workflow/test/dirbscan.yaml
ls ~/.osmedeus/storages/summary/ | osmedeus scan -m ~/osmedeus-base/workflow/test/busting.yaml -D

# Start Web UI at https://<your-instance-machine>:8000/ui/
osmedeus server
# login with credentials from `~/.osmedeus/config.yaml`

# Delete workspace
osmedeus config delete -w workspace_name

# Utils Commands

osmedeus utils tmux ls
osmedeus utils tmux logs -A -l 10
osmedeus utils ps
osmedeus utils ps --proc 'jaeles'
osmedeus utils cron --cmd 'osmdeus scan -t example.com' --sch 60
osmedeus utils cron --for --cmd 'osmedeus scan -t example.com'

Using Docker

docker run -it j3ssie/osmedeus:latest scan -t example.com

Check this page for more docker usage

💬 Community & Discussion

Join Our Discord server here

💎 Donation & Sponsor

Osmedeus

Check out for a couple of donation methods here to get a premium package

License

Osmedeus is made with ♥ by @j3ssiejjj and it is released under the MIT license.