Artemis includes:

  • subdomain scan using crt.sh and gau (https://github.com/lc/gau),

  • Shodan integration (to use it, you will need to provide the SHODAN_API_KEY configuration variable, see Configuration options),

  • brute-forcing of interesting paths (e.g. .env),

  • brute-forcing of easy WordPress/MySQL/PostgreSQL/FTP passwords,

  • email configuration verification (misconfigured SPF/DMARC, open relays),

  • Wordpress/Joomla version check,

  • a check for VCS folders (e.g. .git),

  • a check for enabled directory index,

  • port scanning,

  • metrics export for Prometheus (including data such as number of processed or crashed tasks):

  • easy extensibility via plug-and-play modules.

Artemis is able to automatically generate e-mails containing findings description (to do that, please refer to Generating e-mails to be sent).

Besides, the additional modules repository (https://github.com/CERT-Polska/Artemis-modules-extra/) includes:

  • SQL injection check,

  • subdomain takeover check,

  • SSL configuration check.

Rate limiting

Artemis is build in such a way that no particular host can be overloaded with requests. This is disabled by default. To enable that behavior, configure the following variables:

  • set LOCK_SCANNED_TARGETS to True to enable locking,

  • SECONDS_PER_REQUEST - e.g. when set to 2, Artemis will strive to make no more than one HTTP/MySQL connect/… request per two seconds for any IP,

  • SCANNING_PACKETS_PER_SECOND - e.g. when set to 100, Artemis will strive to send no more than 100 port scanning packets per seconds to any IP.

The IP lock is global - Artemis strives to allow at most one module to communicate with a given IP. Due to the way this behavior is implemented, we cannot guarantee that a host will never receive more than X requests per second.


REST API documentation is auto-generated by the FastAPI framework in the form of Swagger and is available at your Artemis instance under /docs URL.