Features

Artemis includes:

  • subdomain scan using crt.sh and gau (https://github.com/lc/gau),

  • Shodan integration (to use it, you will need to provide the SHODAN_API_KEY configuration variable, see Configuration options),

  • brute-forcing of interesting paths (e.g. .env),

  • brute-forcing of easy WordPress/MySQL/PostgreSQL/FTP passwords,

  • email configuration verification (misconfigured SPF/DMARC, open relays),

  • Wordpress/Joomla/Drupal/WordPress plugin version check,

  • a check for VCS folders (e.g. .git),

  • a check for enabled directory index,

  • port scanning,

  • metrics export for Prometheus (including data such as number of processed or crashed tasks): http://127.0.0.1:5000/metrics

  • easy extensibility via plug-and-play modules,

  • easy integration of a new tool,

  • HTTP API to facilitate integration with other tools.

Artemis is able to automatically generate reports containing findings description (to do that, please refer to Generating reports to be sent).

Besides, the additional modules repository (https://github.com/CERT-Polska/Artemis-modules-extra/) includes:

  • SQL injection check,

  • subdomain takeover check,

  • SSL configuration check.

Rate limiting

It is possible to rate-limit the scanning. This feature is disabled by default. To enable that behavior, configure the following variables:

  • set LOCK_SCANNED_TARGETS to True to enable locking - if it is enabled, Artemis will make sure that no more than one module scans a given host at one time,

  • REQUESTS_PER_SECOND - e.g. when set to 0.5, Artemis will strive to make no more than one HTTP/MySQL connect/… request per two seconds for any IP from each module,

  • SCANNING_PACKETS_PER_SECOND - this configures the port scanning speed. For example, when set to 5, Artemis will strive to send no more than 5 port scanning packets per seconds to any IP.

For CERT PL scans, the settings are:

  • LOCK_SCANNED_TARGETS=True

  • REQUESTS_PER_SECOND=1

  • SCANNING_PACKETS_PER_SECOND=5

The limits work on a best-effort basis - due to the way this behavior is implemented, we cannot guarantee that a host will never receive more than REQUESTS_PER_SECOND requests per second.

REST API

REST API documentation is auto-generated by the FastAPI framework in the form of Swagger and is available at your Artemis instance under /docs URL.