GitHub - patrickmn/scrutinize: Misconfiguration scanner

Branches Tags

Name		Name	Last commit message	Last commit date
Latest commit History 13 Commits
checks		checks
tests		tests
.gitignore		.gitignore
LICENSE		LICENSE
README		README
__init__.py		__init__.py
check.py		check.py
cli.py		cli.py
color.py		color.py
common.py		common.py
config.py		config.py
domainscan.py		domainscan.py
err.py		err.py
hostscan.py		hostscan.py
localscan.py		localscan.py
log.py		log.py
runtests.sh		runtests.sh
scanner.py		scanner.py

Repository files navigation

Scrutinize is an extensible misconfiguration scanner--not a vulnerability scanner,
use Metasploit for that--written using Twisted. It checks for common misconfigurations
such as allowing DNS Zone Transfer for your domain, not having a PTR record, or
allowing read access to your configuration files.

Usage examples:
  * python domainscan.py domain.com
  * python domainscan.py domain1.com domain2.com [...]
  * python hostscan.py host.domain.com
  * python hostscan.py host1.domain.com host2.domain.com [...]

More information:
  * python domainscan.py -h
  * python hostscan.py -h

  To improve performance, increase the throttle limit with the -t switch, or
  set throttle in config.py. If you experience excessive connection timeouts,
  lower it.

Extending:
  Write a module in checks/, then add that to the top of either hostscan.py or
  domainscan.py. (Improving this process is at the top of my to-do list.)