In the next article we are going to take a look at Arachni. It's about a framework developed with Ruby and created to offer users different features for web application scanning. Despite not receiving updates for 2 years, in its day it was thought to be of help to professionals in analysis and penetration tests, it can also be useful for server administrators or webmasters who evaluate the security of web applications .
Es multi platform, compatible with the main operating systems such as Windows, Mac OS X and Gnu / Linux. It is distributed through packages that allow for instant deployment. Is price quotation and its source code is public, we can find it available in your GitHub page.
Is what versatile enough to cover a large number of use casesFrom a simple command line scanner utility to a global grid of high-performance scanners and a Ruby library for scripted auditing. Plus, its straightforward REST API makes integration easy.
This framework trains itself through monitoring and learning the behavior of the web application during the scanning process. In addition, you can perform an analysis using a number of factors to correctly assess the reliability of the results and identify or avoid false positives.
This scanner will take into account the dynamic nature of web applications. Can detect the changes caused while walking the paths of a web application, being able to adjust accordingly. In this way, attack / entry vectors that would otherwise be undetectable by non-humans can be handled without problems.
Furthermore, due to its integrated browser environment, it also client-side code can be audited and inspected, as well as supporting complicated web applications, which make heavy use of technologies such as JavaScript, HTML5, DOM manipulation, and AJAX.
Arachni general characteristics
- Cookie-jar / cookie-string, custom header and SSL support with some options.
- User agent spoofing.
- Proxy support for SOCKS4, SOCKS4A, SOCKS5, HTTP / 1.1 and HTTP / 1.0.
- Proxy authentication.
- Site authentication (SSL-based, Forms-based, Cookie-Jar, Basic-Digest, NTLMv1, Kerberos, and others).
- Automatic log-out and re-session detection during scanning.
- Custom 404 page detection.
- Command line interface.
- Web user interface.
- Pause / resume functionality. Hibernate support: suspend and restore from disk.
- High-performance asynchronous HTTP requests.
- With the ability to automatically detect the status of the server and adjust its concurrency automatically.
- Support for custom default input values, using pairs of patterns (to be compared to input names) and values that will be used to fill in corresponding inputs.
These are just some of the features. They can see these and all the others in detail, In the project GitHub page.
Install Arachni scanner on Ubuntu
We will be able download the package necessary either from the project website or by opening a terminal (Ctrl + Alt + T) and typing the following command in it:
wget https://github.com/Arachni/arachni/releases/download/v1.5.1/arachni-1.5.1-0.5.12-linux-x86_64.tar.gz
Now we only have extract the downloaded package running the following command in the same terminal:
tar -xvf arachni-1.5.1-0.5.12-linux-x86_64.tar.gz
Arachni Startup and Basic Usage
We will be able launch the Arachni web interface with the following command:
~/arachni-1.5.1-0.5.12/bin$ ./arachni_web
Once started, we will open the browser and as URL we will write:
https://localhost:9292/users/sign_in/
The default username and password, we can find them in the Wiki which can be seen in the above screenshot. Once in the interface, to start a new exploration, we will only have to click on the icon '+New'.
After entering the URL to be scanned, we continue by clicking on Go to start.
This is how the scan begins.
After the scan is complete, to download the report all we have to do is choose the format and click OK.
In short, even though This scanner has not received updates for a couple of years now, it is still versatile enough to cover a large number of use cases. For more information about this project, you can contact your web page.