Mantis is a command-line framework designed to automate the workflow of asset discovery, reconnaissance, and scanning. It takes the top-level domains as input, then seamlessly progresses to discovering corresponding assets, including subdomains and certificates. The tool performs reconnaissance on active assets and concludes with a comprehensive scan for vulnerabilities, secrets, misconfigurations and phishing domains – all powered by a blend of open-source and custom tools.
Click here to know more about the features in detail.
Mantis supports multiple installation types. Installing Mantis via Docker would be a good start to get a hang of the framework.
Considering that Mantis also includes MongoDB and AppSmith, we have provided a shell script that installs all the components.
Setup Video – Click Here
Clone the Mantis repository
git clone https://github.com/PhonePe/mantis.git
cd into the Mantis directory
cd mantis/setup/docker
Run the respective docker setup file based on your OS
./docker-setup-macos.sh
./docker-setup-ubuntu.sh
For uninstalling Mantis (remove all the resources created by installation), run the following command in the same directory
docker compose down
Once the docker setup is complete, please run a scan and follow the below instructions to setup the dashboard.
mantis onboard -o org_name -t example.in
usage:
ONBOARD: (First time scan, Run this !!)
mantis onboard -o example_org -t www.example.org
mantis onboard -o example_org -f file.txt
SCAN:
mantis scan -o example_org
mantis scan -o example_org -a example_app
options:
-h, --help list command line options
subparser:
{onboard,scan}
onboard Onboard a target
scan Scan an org
usage:
ONBOARD: (First time scan, Run this !!)
mantis onboard -o example_org -t example.tld
mantis onboard -o example_org -f file.txt
options:
-h, --help show this help message and exit
-t HOST, --host HOST top level domain to scan
-f FILE_NAME, --file_input FILE_NAME
path to file containing any combination of TLD, subdomain, IP-range, IP-CIDR
-w WORKFLOW, --workflow WORKFLOW
workflow to be executed as specified in config file
-o ORG, --org ORG name of the organisation
-a APP, --app APP scan only subdomains that belong to an app
-p, --passive run passive port scan
-s, --stale mark domains as stale (domains purchased but not in use)
-i, --ignore_stale ignore stale domains during scan
-tc THREAD_COUNT, --thread_count THREAD_COUNT
thread count, default 10
-r, --use_ray use ray framework for distributed scans
-n NUM_ACTORS, --num_actors NUM_ACTORS
number of ray actors, default 10
-d, --delete_logs delete logs of previous scans
-v, --verbose print debug logs
-aws AWS_PROFILES, --aws_profiles AWS_PROFILES
List of comma separated aws profiles for Route53
You want to onboard an org with its TLDs/IPs/IP-CIDRs/IP Range for the first time, use the onboard mode. This runs the scan on the default workflow.
mantis onboard -o org_name -t example.in
IP
mantis onboard -o org_name -t 10.123.123.12
IP-Range
mantis onboard -o org_name -t 203.0.113.0-10
IP-CIDR
mantis onboard -o org_name -t 203.0.113.0/24
Onboard Known Assets and Scan
mantis onboard -o org_name -f input.txt
Now that you have onboarded, you just need to run scheduled scans for an org, you can just use the scan mode
mantis scan -o org_name
Scan on all assets belonging to an organisation and app
mantis scan -o org_name -a app_name
Kali Linux 2024.4, the final release of 2024, brings a wide range of updates and…
This Go program applies a lifetime patch to PowerShell to disable ETW (Event Tracing for…
GPOHunter is a comprehensive tool designed to analyze and identify security misconfigurations in Active Directory…
Across small-to-medium enterprises (SMEs) and managed service providers (MSPs), the top priority for cybersecurity leaders…
The free and open-source security platform SecHub, provides a central API to test software with…
Don't worry if there are any bugs in the tool, we will try to fix…