OXO is a security scanning framework built for modularity, scalability and simplicity.
OXO Engine combines specialized tools to work cohesively to find vulnerabilities and perform actions like recon, enumeration, fingerprinting …
Requirements
Docker is required to run scans locally. To install docker, please follow these instructions.
Installing
OXO ships as a Python package on pypi. To install it, simply run the following command if you have pip already installed.
pip install -U ostorlabOXO ships with a store that boasts dozens of agents, from network scanning agents like nmap, nuclei or tsunami, web scanner like Zap, web fingerprinting tools like Whatweb and Wappalyzer, DNS brute forcing like Subfinder and Dnsx, malware file scanning like Virustotal and much more.
To run any of these tools combined, simply run the following command:
oxo scan run --install --agent nmap --agent tsunami --agent nuclei ip 8.8.8.8or
oxo scan run --install --agent agent/ostorlab/nmap --agent agent/ostorlab/tsunami --agent agent/ostorlab/nuclei ip 8.8.8.8This command will download and install the following scanning agents:
And will scan the target IP address 8.8.8.8.
Agents are shipped as standard docker images.
To check the scan status, run:
oxo scan listOnce the scan has completed, to access the scan results, run:
oxo vulnz list --scan-id <scan-id>
oxo vulnz describe --vuln-id <vuln-id>For more information click here.
Prompt injection is a type of security vulnerability that can be exploited to control the…
Firefly is an advanced black-box fuzzer and not just a standard asset discovery tool. Firefly…
Winit is a robust, cross-platform library designed for creating and managing windows in Rust applications.…
In today’s digital age, convenience often comes at the cost of security. One such overlooked…
Terminal GPT (tgpt) offers a seamless way to bring the power of ChatGPT 3.5 directly…
garak checks if an LLM can be made to fail in a way we don't…