Mass scan IPs for vulnerable services
masscan is fast, nmap can fingerprint software and vulners is a huge vulnerability database. Silver is a front-end that allows complete utilization of these programs by parsing data, spawning parallel processes, caching vulnerability data for faster scanning over time and much more.
Required Python libraries can be installed by executing sudo pip3 install -r requirements.txt
in Silver
directory.
/core/memory.py
file.:warning: Run Silver as root and with python3
i.e. with sudo python3 silver.py <your input>
. The python libraries need to be installed as root too.
:warning: Silver scans all TCP ports by default i.e. ports 0-65535
. Use --quick
switch to only scan top ~1000 ports.
python3 silver.py 127.0.0.1
python3 silver.py 127.0.0.1/22
python3 silver.py 127.0.0.1,127.0.0.2,127.0.0.3
Shodan can provide open ports, service information and CVEs from the data collected during its contiunous internet wide scanning. I think this is the best choice for quickly checking top ~1500 ports. Not using it makes sense when:
python3 silver.py 127.0.0.1 --shodan
python3 silver.py 127.0.0.1 --quick
python3 silver.py 127.0.0.1 -p80,443
python3 silver.py -i /path/to/targets.txt
Default: result-<ip_here>.json
python3 silver.py 127.0.0.1 -o my_target.json
Note: The output is saved regardless of using this option. It only exists to choose a specific name for the file instead of the autogenerated one.
Default: number_of_cores
python3 silver.py -i /path/to/targets.txt -t 4
Default: 10000
python3 silver.py 127.0.0.1 --rate 1000
You can contribute to this project by providing suggestions, reporting sensible issues and spreading the word. Pull requessts for the following will not be accepted: