masscan is fast, nmap can fingerprint software and vulners is a huge vulnerability database. Silver is a front-end that allows complete utilization of these programs by parsing data, spawning parallel processes, caching vulnerability data for faster scanning over time and much more.
Features
- Resumable scanning
- Slack notifications
- multi-core utilization
- Vulnerability data caching
- Smart Shodan integration*
*Shodan integration is optional but when linked, it can automatically use Shodan to retrieve service and vulnerability data if a host has a lot of ports open to save resources. Shodan credits used per scan by it can be throttled. The minimum number of ports to trigger Shodan can be configured as well.
Also Read – Exist : Web App For Aggregating & Analyzing Cyber Threat Intelligence
Setup
Downloading
git clone https://github.com/s0md3v/Silver
Requirements
External Programs
Python libraries
- psutil
- requests
Required Python libraries can be installed by executing pip3 install -r requirements.txt in Silver directory.
Configuration
Slack WebHook, Shodan API key and limits can be configured by editing respective variables in /core/memory.py
Setting up Slack notifications
- Create a workspace on slack, here
- Create an app, here
- Enable WebHooks from the app and copy the URL from there to Silver’s
/core/memory.pyfile.
Run it as root
It requires root permission because it uses masscan under the hood which needs to be run as root to do port scanning. Use sudo.
Usage
Before you start
- ⚠️ Run it as root and with
python3i.e. withsudo python3 silver.py <your input> - ⚠️ It scans all TCP ports by default i.e. ports
0-65535. Use--quickswitch to only scan top ~1000 ports.
Scan host(s) from command line
python3 silver.py 127.0.0.1
python3 silver.py 127.0.0.1/22
python3 silver.py 127.0.0.1,127.0.0.2,127.0.0.3
Scan top ~1000 ports
python3 silver.py 127.0.0.1 –quick
Scan hosts from a file
python3 silver.py -i /path/to/targets.txt
Set max number of parallel nmap instances
python3 silver.py -i /path/to/targets.txt -t 4
