# ARCHIVED
Gryffin (beta) [![Build Status](https://travis-ci.org/yahoo/gryffin.svg?branch=master)](https://travis-ci.org/yahoo/gryffin) [![GoDoc](https://godoc.org/github.com/yahoo/gryffin?status.svg)](https://godoc.org/github.com/yahoo/gryffin)
==========
Gryffin is a large scale web security scanning platform. It is not yet another scanner. It was written to solve two specific problems with existing scanners: coverage and scale.
Better coverage translates to fewer false negatives. Inherent scalability translates to capability of scanning, and supporting a large elastic application infrastructure. Simply put, the ability to scan 1000 applications today to 100,000 applications tomorrow by straightforward horizontal scaling.
## Coverage
Coverage has two dimensions - one during crawl and the other during fuzzing. In crawl phase, coverage implies being able to find as much of the application footprint. In scan phase, or while fuzzing, it implies being able to test each part of the application for an applied set of vulnerabilities in a deep.
#### Crawl Coverage
Today a large number of web applications are template-driven, meaning the same code or path generates millions of URLs. For a security scanner, it just needs one of the millions of URLs generated by the same code or path. Gryffin's crawler does just that.
##### Page Deduplication
At the heart of Gryffin is a deduplication engine that compares a new page with already seen pages. If the HTML structure of the new page is similar to those already seen, it is classified as a duplicate and not crawled further.
##### DOM Rendering and Navigation
A large number of applications today are rich applications. They are heavily driven by client-side JavaScript. In order to discover links and code paths in such applications, Gryffin's crawler uses PhantomJS for DOM rendering and navigation.
#### Scan Coverage
As Gryffin is a scanning platform, not a scanner, it does not have its own fuzzer modules, even for fuzzing common web vulnerabilities like XSS and SQL Injection.
It's not wise to reinvent the wheel where you do not have to. Gryffin at production scale at Yahoo uses open source and custom fuzzers. Some of these custom fuzzers might be open sourced in the future, and might or might not be part of the Gryffin repository.
For demonstration purposes, Gryffin comes integrated with sqlmap and arachni. It does not endorse them or any other scanner in particular.
The philosophy is to improve scan coverage by being able to fuzz for just what you need.
## Scale
While Gryffin is available as a standalone package, it's primarily built for scale.
Gryffin is built on the publisher-subscriber model. Each component is either a publisher, or a subscriber, or both. This allows Gryffin to scale horizontally by simply adding more subscriber or publisher nodes.
## Operating Gryffin
### Pre-requisites
1. Go - `go1.13` or later
2. PhantomJS, v2
3. Sqlmap (for fuzzing SQLi)
4. Arachni (for fuzzing XSS and web vulnerabilities)
5. NSQ ,
- running lookupd at port 4160,4161
- running nsqd at port 4150,4151
- with `--max-msg-size=5000000`
6. Kibana and Elastic search, for dashboarding
- listening to JSON over port 5000
- Preconfigured docker image available in https://hub.docker.com/r/yukinying/elk/
### Installation
```
go get -u github.com/yahoo/gryffin/...
```
### Run
(WIP)
## TODO
1. Mobile browser user agent
2. Preconfigured docker images
3. Redis for sharing states across machines
4. Instruction to run gryffin (distributed or standalone)
5. Documentation for html-distance
6. Implement a JSON serializable cookiejar.
7. Identify duplicate url patterns based on simhash result.
## Talks and Slides
- AppsecUSA 2015: [abstract](http://sched.co/3Vgm), [slide](http://go-talks.appspot.com/github.com/yukinying/talks/gryffin/gryffin.slide), [recording](https://youtu.be/IWiR2CPOHvc)
## Credits
- Adonis Fung @ Yahoo, for the asynchronous phantomjs based crawler and DOM event navigator.
- [Simhash algorithm](http://www.cs.princeton.edu/courses/archive/spring04/cos598B/bib/CharikarEstim.pdf) by Moses Charikar
- Simhash implementation provided by [mfonda/simhash](https://github.com/mfonda/simhash).
- [Sqlmap](http://sqlmap.org/)
- [Arachni](http://www.arachni-scanner.com/)
## Licence
Code licensed under the BSD-style license. See LICENSE file for terms.
没有合适的资源?快使用搜索试试~ 我知道了~
gryffin - 大规模Web安全扫描平台.zip
共45个文件
go:32个
js:5个
md:2个
1.该资源内容由用户上传,如若侵权请联系客服进行举报
2.虚拟产品一经售出概不退款(资源遇到问题,请及时私信上传者)
2.虚拟产品一经售出概不退款(资源遇到问题,请及时私信上传者)
版权申诉
0 下载量 99 浏览量
2023-07-18
19:33:45
上传
评论
收藏 57KB ZIP 举报
温馨提示
gryffin - 大规模Web安全扫描平台
资源推荐
资源详情
资源评论
收起资源包目录
gryffin - 大规模Web安全扫描平台.zip (45个子文件)
新建文件夹
gryffin-master
session.go 4KB
go.mod 201B
util.go 478B
.github
workflows
linux.yml 813B
go.sum 1KB
Makefile 629B
data
store_test.go 682B
memory.go 3KB
memory_test.go 413B
store.go 520B
fuzzer
arachni
arachni.go 2KB
arachni_test.go 556B
dummy
dummy_test.go 394B
dummy.go 565B
sqlmap
sqlmap.go 2KB
sqlmap_test.go 572B
LICENSE 1KB
html-distance
feature.go 3KB
bktree.go 2KB
feature_test.go 3KB
bktree_test.go 889B
README.md 2KB
cmd
gryffin-distributed
main_test.go 703B
main.go 6KB
gryffin-standalone
main_test.go 574B
main.go 4KB
renderer
phantomjs.go 6KB
phantomjs_test.go 318B
base_test.go 549B
resource
extractors.js 20KB
utils.js 2KB
events.js 19KB
dummy.go 170B
headers.js 2KB
render.js 12KB
noscript_test.go 305B
noscript.go 2KB
base.go 754B
gryffin.go 10KB
serialize.go 1KB
gryffin_test.go 6KB
session_test.go 1KB
.gitignore 382B
global.go 633B
README.md 4KB
共 45 条
- 1
资源评论
AbelZ_01
- 粉丝: 906
- 资源: 5441
上传资源 快速赚钱
- 我的内容管理 展开
- 我的资源 快来上传第一个资源
- 我的收益 登录查看自己的收益
- 我的积分 登录查看自己的积分
- 我的C币 登录后查看C币余额
- 我的收藏
- 我的下载
- 下载帮助
安全验证
文档复制为VIP权益,开通VIP直接复制
信息提交成功