Features
Artemis includes:
subdomain scan using
crt.sh
andgau
(https://github.com/lc/gau),Shodan integration (to use it, you will need to provide the
SHODAN_API_KEY
configuration variable, see Configuration options),brute-forcing of interesting paths (e.g.
.env
),brute-forcing of easy WordPress/MySQL/PostgreSQL/FTP passwords,
email configuration verification (misconfigured SPF/DMARC, open relays),
Wordpress/Joomla version check,
a check for VCS folders (e.g.
.git
),a check for enabled directory index,
port scanning,
metrics export for Prometheus (including data such as number of processed or crashed tasks): http://127.0.0.1:9000/
easy extensibility via plug-and-play modules.
Artemis is able to automatically generate e-mails containing findings description (to do that, please refer to Generating e-mails to be sent).
Besides, the additional modules repository (https://github.com/CERT-Polska/Artemis-modules-extra/) includes:
SQL injection check,
subdomain takeover check,
SSL configuration check.
Rate limiting
Artemis is build in such a way that no particular host can be overloaded with requests. This is disabled by default. To enable that behavior, configure the following variables:
set
LOCK_SCANNED_TARGETS
toTrue
to enable locking,
SECONDS_PER_REQUEST
- e.g. when set to 2, Artemis will strive to make no more than one HTTP/MySQL connect/… request per two seconds for any IP,
SCANNING_PACKETS_PER_SECOND
- e.g. when set to 100, Artemis will strive to send no more than 100 port scanning packets per seconds to any IP.
The IP lock is global - Artemis strives to allow at most one module to communicate with a given IP. Due to the way this behavior is implemented, we cannot guarantee that a host will never receive more than X requests per second.
REST API
REST API documentation is auto-generated by the FastAPI framework in the form of
Swagger and is available at your Artemis instance under /docs
URL.