OXO Scan Orchestration Engine – A Comprehensive Guide To Scalable Security Assessments

OXO is a security scanning framework built for modularity, scalability and simplicity.

OXO Engine combines specialized tools to work cohesively to find vulnerabilities and perform actions like recon, enumeration, fingerprinting …

• Documentation
• Agents Store
• CLI Manual
• Examples

Requirements

Docker is required to run scans locally. To install docker, please follow these instructions.
Installing

OXO ships as a Python package on pypi. To install it, simply run the following command if you have pip already installed.

pip install -U ostorlab

Getting Started

OXO ships with a store that boasts dozens of agents, from network scanning agents like nmap, nuclei or tsunami, web scanner like Zap, web fingerprinting tools like Whatweb and Wappalyzer, DNS brute forcing like Subfinder and Dnsx, malware file scanning like Virustotal and much more.

To run any of these tools combined, simply run the following command:

oxo scan run --install --agent nmap --agent tsunami --agent nuclei ip 8.8.8.8

or

oxo scan run --install --agent agent/ostorlab/nmap --agent agent/ostorlab/tsunami --agent agent/ostorlab/nuclei ip 8.8.8.8

This command will download and install the following scanning agents:

• agent/ostorlab/nmap
• agent/ostorlab/tsunami
• agent/ostorlab/nuclei

And will scan the target IP address 8.8.8.8.

Agents are shipped as standard docker images.

To check the scan status, run:

oxo scan list

Once the scan has completed, to access the scan results, run:

oxo vulnz list --scan-id <scan-id>
oxo vulnz describe --vuln-id <vuln-id>

For more information click here.