Offensive Security Tool: Axiom

Reading Time: 2 Minutes

GitHub Link

Axiom

Axiom by pry0cc is a dynamic infrastructure framework to efficiently work with multi-cloud environments, and build and deploy repeatable infrastructure focused on offensive and defensive security. Distribute the workload of many different scanning tools with ease, including nmap, ffuf, masscan, nuclei, meg, and many more!

Whether you are performing Pentesting or Bug Bounty, you need a platform so you can gather all your findings, and generate an important impact for each issue. Axiom allows all that in one place.

Axiom works by pre-installing your tools of choice onto a ‘base image’, and then using that image to deploy fresh instances. From there, you can connect and instantly gain access to many tools useful for both bug hunters and pentesters. With the power of immutable infrastructure, most of which is done for you, you can just spin up 15 boxes, perform a distributed nmap/ffuf/screenshotting scan, and then shut them down.

Because you can create many disposable instances very easily, axiom allows you to distribute scans of many different tools including amass arjun aiodnsbrute anti-burl aquatone assetfinder corsy crackmapexec cf-check cngo commix concurl crlfuzz crobat dnscewl dalfox dirdar dnsgen dnsrecon dnsvalidator dnsx erlpopper exclude-cdn feroxbuster fff ffuf ffuz findomain gxss gau gauplus getJS github-endpoints github-subdomains gobuster gorgo gospider gowitness gxss hakrawler http2smugl httprobe httpx jaeles kiterunner kxss linkfinder masscan massdns medusa meg naabu nmap nuclei openredirex paramspider puredns rustscan responder s3scanner scrying shuffledns sn0int sqlmap subfinder subjack subjs testssl thc-hydra tlscout unimap wafw00f waybackurls webscreenshot whois & wpscan. Once installed and setup, you can distribute a scan of a large set of targets across 100-150 instances within minutes and get results extremely quickly. This is called axiom-scan.

Axiom supports several cloud providers, eventually, axiom should be completely cloud agnostic allowing unified control of a wide variety of different cloud environments with ease. Currently, DigitalOcean, IBM Cloud, Linode and Azure are officially supported providers. Google Compute is partially implemented and AWS is on the roadmap.

Resources

• Introduction
• Troubleshooting & FAQ
• Quickstart
  • Fleets
  • Scans
• Demo
• Story
• Installation Instructions
  • Docker Install
  • Easy Install
  • Manual Install
• Scan Modules
• Installed Packages

Installation

Docker

docker exec -it $(docker run -d -it –platform linux/amd64 ubuntu) sh -c “apt update && apt install git -y && git clone https://github.com/pry0cc/axiom ~/.axiom/ && cd && .axiom/interact/axiom-configure”

Easy Install

You should use an OS that supports their easy install.
For Linux systems you will also need to install the newest versions of all packages beforehand sudo apt dist-upgrade.

bash <(curl -s https://raw.githubusercontent.com/pry0cc/axiom/master/interact/axiom-configure)

If you have any problems with this installer, or if using an unsupported OS please refer to Installation.

Demo

In this demo you will see how easy it is to initialize and ssh into a new instance.

Operating Systems Supported