Tachyon is a fast web application security reconnaissance tool. It is specifically meant to crawl web application and look for left over or non-indexed files with the addition of reporting pages or scripts leaking internal data.
User Requirements
User Installation
Install
$ mkdir tachyon
$ python3 -m venv tachyon/
$ cd tachyon
$ source bin/activate
$ pip install tachyon3
$ tachyon -h
Upgrading
$ cd tachyon
$ source bin/activate
$ pip install –ignore-installed –upgrade tachyon3
Usage
$ cd tachyon
$ source bin/activate
$ tachyon -h
Also Read – Aura Botnet : A Super Portable Botnet Framework With A Django-Based C2 Server
Developers Installation
$ git clone https://github.com/delvelabs/tachyon.git
$ mkdir tachyon
$ python3 -m venv tachyon/
$ source tachyon/bin/activate
$ cd tachyon
$ pip install -r requirements-dev.txt
Getting started
Note: if you have the source code version, replace tachyon with python3 -m tachyon in the examples below.
$ cd tachyon
$ source bin/activate
To run a discovery with the default settings:
tachyon http://example.com/
To run a discovery over a proxy:
tachyon -p http://127.0.0.1:8080 http://example.com/
To search for files only:
tachyon -f http://example.com/
To search for directories only:
tachyon -s http://example.com/
To output results to JSON format:
tachyon -j http://example.com/
Command Line Options
Usage: main.py [OPTIONS] TARGET_HOST
Options:
-a, –allow-download
-c, –cookie-file TEXT
-l, –depth-limit INTEGER
-s, –directories-only
-f, –files-only
-j, –json-output
-m, –max-retry-count INTEGER
-z, –plugins-only
-x, –plugin-settings TEXT
-p, –proxy TEXT
-r, –recursive
-u, –user-agent TEXT
-v, –vhost TEXT
-C, –confirmation-factor INTEGER
–har-output-dir TEXT
-h, –help Show this message and exit.
Format for the cookies file
cookie0=value0;
cookie1=value1;
cookie2=value2;
Plugins
Existing plugins:
Plugins settings
Settings can be pass to the plugins via the -x option. Each option is a key/value pair, with a colon joining the key and its value. Use a new -x for each setting.
tachyon -x setting0:value0 -x setting1:value1 -x setting2:value2 http://example.com/
Docker is a powerful open-source containerization platform that allows developers to build, test, and deploy…
Docker is one of the most widely used containerization platforms. But there may come a…
Introduction Google Dorking is a technique where advanced search operators are used to uncover information…
Introduction In cybersecurity and IT operations, logging fundamentals form the backbone of monitoring, forensics, and…
What is Networking? Networking brings together devices like computers, servers, routers, and switches so they…
Introduction In the world of Open Source Intelligence (OSINT), anonymity and operational security (OPSEC) are…