Recon Tool: Argus
Argus
Argus developed by jasonxtn, is an all-in-one, Python-powered toolkit designed to streamline the process of information gathering and reconnaissance. With a user-friendly interface and a suite of powerful modules, Argus empowers you to explore networks, web applications, and security configurations efficiently and effectively.
Whether you’re conducting research, performing security assessments with proper authorization, or just curious about network infrastructures, Argus brings a wealth of information to your fingertips—all in one place.
See Also: So you want to be a hacker?
Offensive Security and Ethical Hacking Course
Installation
To get started with Argus, follow these simple steps:
git clone https://github.com/jasonxtn/argus.git
cd argus
pip install -r requirements.txt
Once installed, you can launch Argus with:
python argus.py
See Also: Offensive Security Tool: Nginxpwner
See Also: Deep Dive to Fuzzing for Maximum Impact
Usage
Argus offers a rich collection of tools categorized into three main areas:
Network & Infrastructure Tools
These tools help you gather data about a network, uncovering vital details about servers, IP addresses, DNS records, and more:
- Associated Hosts: Discover domains associated with the target.
- DNS Over HTTPS: Resolve DNS securely via encrypted channels.
- DNS Records: Collect DNS records, including A, AAAA, MX, etc.
- DNSSEC Check: Verify if DNSSEC is properly configured.
- Domain Info: Gather information such as registrar details and expiry dates.
- Domain Reputation Check: Check domain trustworthiness using various reputation sources.
- IP Info: Retrieve geographic and ownership details of an IP address.
- Open Ports Scan: Scan the target for open ports and services.
- Server Info: Extract key server details using various techniques.
- Server Location: Identify the physical location of the server.
- SSL Chain Analysis: Analyze the SSL certificate chain for trustworthiness.
- SSL Expiry Alert: Check SSL certificates for upcoming expiry.
- TLS Cipher Suites: List the supported TLS ciphers on the server.
- TLS Handshake Simulation: Simulate a TLS handshake to check for security issues.
- Traceroute: Trace the path packets take to reach the target.
- TXT Records: Fetch TXT records, often used for verification purposes.
- WHOIS Lookup: Perform WHOIS queries to gather domain ownership details.
- Zone Transfer: Attempt to perform DNS zone transfers.
Web Application Analysis Tools
These modules focus on understanding the structure and security of web applications:
- Archive History: View the target’s history using internet archives.
- Broken Links Detection: Find broken links that may lead to user frustration or security gaps.
- Carbon Footprint: Evaluate the environmental impact of a website.
- CMS Detection: Detect the type of CMS used, like WordPress, Joomla, etc.
- Cookies Analyzer: Analyze cookies for secure attributes and potential privacy issues.
- Content Discovery: Discover hidden directories, files, and endpoints.
- Crawler: Crawl the site to uncover data and map out its structure.
- Robots.txt Analyzer: Analyze the robots.txt file for hidden resources.
- Directory Finder: Look for directories that may not be indexed publicly.
- Performance Monitoring: Monitor the website’s response time and load performance.
- Quality Metrics: Assess the quality of the site’s content and user experience.
- Redirect Chain: Follow redirects to analyze if they’re safe or malicious.
- Sitemap Parsing: Extract URLs from the site’s sitemap.
- Social Media Presence Scan: Analyze the social media profiles linked to the target.
- Technology Stack Detection: Identify the technologies and frameworks the site uses.
- Third-Party Integrations: Discover any third-party services integrated into the site.
Security & Threat Intelligence Tools
The security modules in Argus are designed to assess the target’s defenses and gather threat intelligence:
- Censys Reconnaissance: Use Censys for in-depth details about the target’s assets.
- Certificate Authority Recon: Examine the certificate authority details.
- Data Leak Detection: Check for potential data leaks and sensitive data exposure.
- Firewall Detection: Identify whether a firewall or WAF is protecting the target.
- Global Ranking: Look up the site’s global ranking to gauge its popularity.
- HTTP Headers: Extract and evaluate HTTP response headers.
- HTTP Security Features: Check for secure HTTP headers such as HSTS, CSP, etc.
- Malware & Phishing Check: Scan the site for signs of malware and phishing risks.
- Pastebin Monitoring: Search paste sites for leaks associated with the target.
- Privacy & GDPR Compliance: Verify compliance with GDPR and other privacy regulations.
- Security.txt Check: Locate and analyze the security.txt file for vulnerability disclosure policies.
- Shodan Reconnaissance: Use Shodan to discover open ports, services, and vulnerabilities.
- SSL Labs Report: Get a detailed SSL/TLS assessment via SSL Labs.
- SSL Pinning Check: Check if SSL pinning is implemented on the site.
- Subdomain Enumeration: Discover subdomains of the target domain.
- Subdomain Takeover: Test whether subdomains are vulnerable to takeover.
- VirusTotal Scan: Check the target’s reputation using VirusTotal.
How to use Argus
- Launch Argus from the command line.
- Enter the tool number you want to use from the main menu.
- Follow the prompts to enter relevant information.
- Review the results and adjust your strategy accordingly.
Example Command:
root@argus:~# 1
This command initiates the Associated Hosts tool.
Configuration
Certain modules require API keys to work. Make sure to add any necessary API keys in the config/settings.py file before running Argus to unlock full functionality.
Clone the repo from here: GitHub Link