Automated attack surface mapper and vulnerability scanner

Overview

Phaser logo

Phaser

Automated attack surface mapper and vulnerability scanner

What is this?

Phaser is a high-performance and automated attack surface mapper and vulnerability scanner. Just point it to a target, and it will autimagically generate a report with everything it can finds, saving you hours of manual audit and pipping between different tools.

Architecture

Want to learn how to use Rust to hack the planet? Phaser was extracted and improved from the chapters 2, 3, and 4 of my book Black Hat Rust, where, among other things, we learn how to build a fast async scanner.

One of the goals of phaser is to get you started once you finish the book. Either by helping you make your first Rust contribution, or by using it in your first bug hunting session.

Installation

Using cargo

$ cargo install -f phaser

Using Docker

$ docker pull ghcr.io/skerkour/phaser

Usage

# List modules
$ phaser modules
# Display scan options
$ phaser scan --help
# Scan a target
$ phaser scan --aggressive target.com

With Docker

$ docker run -ti ghcr.io/skerkour/phaser phaser scan --aggressive target.com

License

See LICENSE.txt.

You might also like...
Xori is an automation-ready disassembly and static analysis library for PE32, 32+ and shellcode
Xori is an automation-ready disassembly and static analysis library for PE32, 32+ and shellcode

Xori - Custom disassembly framework Xori is an automation-ready disassembly and static analysis library that consumes shellcode or PE binaries and pro

🕵️‍♀️ Find, locate, and query files for ops and security experts ⚡️⚡️⚡️
🕵️‍♀️ Find, locate, and query files for ops and security experts ⚡️⚡️⚡️

Recon Find, locate, and query files for ops and security experts Key Features • How To Use • Download • Contributing • License Key Features Query with

Semi-automatic OSINT framework and package manager

sn0int sn0int (pronounced /snoɪnt/) is a semi-automatic OSINT framework and package manager. It was built for IT security professionals and bug hunter

A Comprehensive Web Fuzzer and Content Discovery Tool

rustbuster A Comprehensive Web Fuzzer and Content Discovery Tool Introduction Check the blog post: Introducing Rustbuster — A Comprehensive Web Fuzzer

A simple menu to keep all your most used one-liners and scripts in one place
A simple menu to keep all your most used one-liners and scripts in one place

Dama Desktop Agnostic Menu Aggregate This program aims to be a hackable, easy to use menu that can be paired to lightweight window managers in order t

link is a command and control framework written in rust
link is a command and control framework written in rust

link link is a command and control framework written in rust. Currently in alpha. Table of Contents Introduction Features Feedback Build Process Ackno

Rust library for building and running BPF/eBPF modules

RedBPF A Rust eBPF toolchain. Overview The redbpf project is a collection of tools and libraries to build eBPF programs using Rust. It includes: redbp

telemetry aggregation and shipping, last up the ladder
telemetry aggregation and shipping, last up the ladder

cernan - telemetry aggregation and shipping, last up the ladder Cernan is a telemetry and logging aggregation server. It exposes multiple interfaces f

unfuck is a utility and library for deobfuscating obfuscated Python 2.7 bytecode
unfuck is a utility and library for deobfuscating obfuscated Python 2.7 bytecode

unfuck is a utility and library for deobfuscating obfuscated Python 2.7 bytecode. It is essentially a reimplementation of the Python VM with taint tracking.

Comments
  • port scan now only returns open ports

    port scan now only returns open ports

    Hello,

    I think I found a little bug in the port scan. tokio::time::timeout will return a Result on completion. The returning result means if the future completes before the duration Ok is returned otherwise Err. If a connection to a port will result in a connection refused, than Ok is returned from tokio::time::timeout and the inner value is Err from TcpStream::connect. I changed the part so the port scan only returns open ports.

    opened by jd84 1
  • Change target URL

    Change target URL

    In order to protect yourself and phaser from lawsuits, I think that it'd be smart not to include the address of a well known retail network in your black hat tool documentation

    opened by tuxiqae 1
Owner
Sylvain Kerkour
Software craftsman. I share everything I learn at https://kerkour.com
Sylvain Kerkour
Http request smuggling vulnerability scanner

Request smuggler Http request smuggling vulnerability scanner Based on the amazing research by James Kettle. The tool can help to find servers that ma

null 204 Dec 18, 2022
💔 Heartbleed vulnerability exploit written in Rust

Heartbleed ?? Heartbleed vulnerability exploit written in Rust What is it Heartbleed is a buffer over-read vulnerability in outdated versions of OpenS

Gianmatteo Palmieri 4 May 23, 2023
A simple scanner that loops through ips and checks if a minecraft server is running on port 25565

scanolotl Scanolotl is a simple scanner that loops through ips and checks if a minecraft server is running on port 25565. Scanolotl can also preform a

JustFr33z 3 Jul 28, 2022
Automated property based testing for Rust (with shrinking).

quickcheck QuickCheck is a way to do property based testing using randomly generated input. This crate comes with the ability to randomly generate and

Andrew Gallant 2k Dec 27, 2022
🤖 The Modern Port Scanner 🤖

➡️ Discord | Installation Guide | Usage Guide ⬅️ The Modern Port Scanner. Fast, smart, effective. ?? Docker (Recommended) ??‍?? Kali / Debian ??️ Arch

null 8.8k Jan 8, 2023
simple multi-threaded port scanner written in rust

knockson simple multi-threaded port scanner written in rust Install Using AUR https://aur.archlinux.org/packages/knockson-bin/ yay -Syu knockson-bin M

Josh Münte 4 Oct 5, 2022
A simple port scanner built using rust-lang

A simple port scanner built using rust-lang

Krisna Pranav 1 Nov 6, 2021
Dangerously fast dns/network/port scanner, all-in-one

Skanuvaty Dangerously fast dns/network/port scanner, all-in-one. Start with a domain, and we'll find everything about it. Features: Finds subdomains f

CCCC 701 Dec 31, 2022
A simple port sniffer(scanner) implementation with 🦀

A simple port sniffer(scanner) implementation with ?? Install from crates.io crago install ports-sniffer From aur: yay -S ports-sniffer Arguments Argu

Anas Elgarhy 8 Oct 10, 2022
Steals browser passwords and cookies and sends to webhook.

Browser-Stealer Steals browser passwords and cookies and sends to webhook. Donating Educational Purposes Only This code is made so you can learn from

RadonCoding 3 Sep 27, 2021