Artemis includes:

  • subdomain scan using crt.sh and gau (https://github.com/lc/gau),

  • Shodan integration (to use it, you will need to provide the SHODAN_API_KEY configuration variable, see Configuration options),

  • brute-forcing of interesting paths (e.g. .env),

  • brute-forcing of easy WordPress/MySQL/PostgreSQL/FTP passwords,

  • email configuration verification (misconfigured SPF/DMARC, open relays),

  • Wordpress/Joomla/Drupal/WordPress plugin version check,

  • a check for VCS folders (e.g. .git),

  • a check for enabled directory index,

  • port scanning,

  • metrics export for Prometheus (including data such as number of processed or crashed tasks):

  • easy extensibility via plug-and-play modules,

  • easy integration of a new tool,

  • HTTP API to facilitate integration with other tools.

Artemis is able to automatically generate reports containing findings description (to do that, please refer to Generating reports to be sent).

Besides, the additional modules repository (https://github.com/CERT-Polska/Artemis-modules-extra/) includes:

  • SQL injection check,

  • subdomain takeover check,

  • SSL configuration check.

Rate limiting

Artemis is build in such a way that no particular host can be overloaded with requests. This is disabled by default. To enable that behavior, configure the following variables:

  • set LOCK_SCANNED_TARGETS to True to enable locking,

  • SECONDS_PER_REQUEST - e.g. when set to 2, Artemis will strive to make no more than one HTTP/MySQL connect/… request per two seconds for any IP,

  • SCANNING_PACKETS_PER_SECOND - e.g. when set to 100, Artemis will strive to send no more than 100 port scanning packets per seconds to any IP.

The IP lock is global - Artemis strives to allow at most one module to communicate with a given IP. Due to the way this behavior is implemented, we cannot guarantee that a host will never receive more than X requests per second.


REST API documentation is auto-generated by the FastAPI framework in the form of Swagger and is available at your Artemis instance under /docs URL.