Releases: j3ssie/osmedeus
Releases · j3ssie/osmedeus
v4.3.1
v4.3.0
- AWS provider support has been added to distributed scans
- New scripts have been added to allow you to easily back up your workspace by uploading it to an S3 bucket.
// Upload local file to your S3 bucket
UploadToS3('/tmp/ott/local-file.txt')
UploadToS3('/tmp/ott/local-file.txt', 'your-custom-bucket')
// Download the File from your bucket and store it on your local path
DownloadFromS3('/tmp/ott/on-s3.txt', '/tmp/on-local-s3.txt')
// Compress a workspace folder
Compress('{{Backup}}/{{Workspace}}.tar.gz', '{{Output}}')
// Decompress the file to a folder
Decompress('{{Output}}', '{{Backup}}/{{Workspace}}.tar.gz')- The ability to import and extract reports from other scans.
- Significant refactoring and rephrasing of the log messages.
v4.2.0
- Change the default template engine to support expressions in the template like
{{ threads * 2 }}. - 🚨Breaking Change🚨 in the workflow, variables are now using the format
{{variable}}instead of{{.variable}}. - Workflow now supports dynamic threads, as shown below, allowing you to choose your tactic to slow down and speed up the scan based on your demands.
The threads will be set default number of your CPUs which you can modify with the CLI flags --tactic aggressive or --threads-hold=20
name: http-probing
desc: Running HTTP fingerprint technology and response with the supplied inputs
report:
final:
- "{{Output}}/fingerprint/{{Workspace}}-technologies.txt"
- "{{Output}}/fingerprint/beautify-{{Workspace}}-http.txt"
params:
- inputFile: "{{Target}}"
- httpFile: "{{Output}}/fingerprint/http-{{Workspace}}.txt"
- httpThreads: '{{ threads * 15 }}'
- screenThreads: '{{ threads }}'
- enableSreenshot: 'false'
- httpTimeout: '10'
pre_run:
- CreateFolder("{{Output}}/fingerprint")
steps:
- required:
- "{{inputFile}}"
commands:
- "echo {{inputFile}} | {{Binaries}}/httpx -nf -timeout {{httpTimeout}} -silent -t {{httpThreads}} >> {{httpFile}}"
- "cat {{inputFile}} | {{Binaries}}/httpx -nf -timeout {{httpTimeout}} -silent -t {{httpThreads}} >> {{httpFile}}"
scripts:
- SortU("{{httpFile}}")
- required:
- "{{Binaries}}/httpx"
- "{{httpFile}}"
commands:
- cat {{httpFile}} | {{Binaries}}/httpx -nf -timeout {{httpTimeout}} -t {{httpThreads}} -no-color -json -title -tech-detect -status-code -silent >> {{Output}}/fingerprint/{{Workspace}}-http-overview.txt
scripts:
- CleanJSONHttpx('{{Output}}/fingerprint/{{Workspace}}-http-overview.txt', '{{Output}}/fingerprint/{{Workspace}}-raw-overview.txt')
- ExecCmd("cat {{Output}}/fingerprint/{{Workspace}}-raw-overview.txt | csvtk pretty --no-header-row -I -s ' | ' -W 75 > {{Output}}/fingerprint/beautify-{{Workspace}}-http.txt")
- Cat('{{Output}}/fingerprint/beautify-{{Workspace}}-http.txt')
v4.1.4
v4.1.3
v4.1.2
v4.1.1
- Added a new clean-up script for public ffuf to show more beautiful output.
- Added a new workflow for testing notifications.
- Added a detailed notification setup page at docs.osmedeus.org/installation/notification/.
- Added a new tool str-replace to generate even more permutation subdomains (see probing module).
v4.1.0
- Big refactoring in the codebase.
- Fixing some bugs and refactoring usage messages.
- Add a new flag
--vulnin the update command for only updating the Vulnerability Database. - The loop step now requires a new template format like
[[.line]]. Take a look at the dirbscan module here to know more
v4.0.3
v4.0.2
- Added Cloud wizard setup for the premium package.
- Some built-in auxiliary scripts to show content better.
- Fixing some bugs and refactoring usage messages.
- Added a dedicated video instruction for the premium package.
- Added anew to the workflow to show the newly added DNS when you do the rescan.