Red Team Arsenal is a web/network security scanner which has the capability to scan all company's online facing assets and provide an holistic security view of any security anomalies. It's a closely linked collections of security engines to conduct/simulate attacks and monitor public facing assets for anomalies and leaks.

It's an intelligent scanner detecting security anomalies in all layer 7 assets and gives a detailed report with integration support with nessus . As companies continue to expand their footprint on INTERNET via various acquisitions and geographical expansions, human driven security engineering is not scalable, hence, companies need feedback driven automated systems to stay put.

Installation

Supported Platforms

RTA has been tested both on Ubuntu/Debian (apt-get based distros) and as well as Mac OS . It should ideally work with any linux based distributions with mongo and python installed (install required python libraries from install/py_dependencies manually).

There are a few packages which are necessary before proceeding with the installation:

Git client: sudo apt-get install git

Python 2.7, which is installed by default in most systems

Python pip: sudo apt-get install python-pip

MongoDB: Read the official installation guide to install it on your machine.

Finally run python install/install.py

There are also optional packages/tools you can install (highly recommended):

Integrating Nessus:

Integrating Nessus into Red Team Arsenal can be done is simple 3 steps:

Download and install Nessus community edition (if you don’t have a paid edition). If you already have an installation (it can be remote installation as well), then go to step (2).

Update the config file (present on the root directory of RTA) with Nessus URL, username and password.

Create a nessus policy where you can configure the type of scans and plugins to run and name it RTA (Case sensitive - use full uppercase).

Once the config file has the correct Nessus information (url, username, password), use the flag --nessus while running RTA to launch nessus scan over the entire subdomains gathered by RTA (one single scan initiated with all the subdomains gathered).

Usage

Short Form Long Form Description -u --url Domain URL to scan -v --verbose Enable the verbose mode and display results in realtime -n --nessus Launch a Nessus scan with all the subdomains -s --scraper Run scraper based on config keywords -h --help show the help message and exit

Sample Output