Red team Arsenal - An intelligent scanner to detect security vulnerabilities in company's layer 7 assets.
Red Team Arsenal is a inhouse framework created by flipkart security team which monitors the external attack surface of the company's online assets and provide an holistic security view of any security anomalies. It's a closely linked collection of various security engines and tools to conduct/simulate attacks and monitor public facing assets for anomalies and leaks.
It's an intelligent framework that detects security anomalies in all layer 7 assets and reports the same.
As companies continue to expand their footprint on INTERNET via various acquisitions and geographical expansions, human driven security engineering is not scalable, hence, companies need feedback driven automated systems to stay put.
RTA has been tested both on Ubuntu/Debian (apt-get based distros) distros, it will also work with Mac-OS (but do replace the binaries folder with the binaries of the programs that match with your system architecture if you are running it on Mac OS)
There are a few packages which are necessary before proceeding with the installation:
sudo apt-get install python3-pip
Also, you will need to update the config file and config_mail yml files with the following data
You can install all the requirements by running sudo pip3 install -r requirements.txt
Mention the domains you want to monitor inside 'input_files/domains.txt'
python3 scheduler.py
You can receive notifications in Google Chat, this can be configured by adding the webhook URL to config.yml file.
Thanks to the authors of the below creations.