rengine icon indicating copy to clipboard operation
rengine copied to clipboard

Published 20 hours ago verified publisher icon yogeshojha

Axiom integration - Lets go FAST!

Open uBadRequest opened this issue 3 years ago • 15 comments

Is your feature request related to a problem? Please describe. Scanning from one machine is so boring and slow. Lets get distributed and go fast.

Describe the solution you'd like

If user enabled use of Axiom in the scan engine, all scans using that engine are distributed among the axiom hosts.

Also, I wouldn't want a large fleet of hosts created by axiom running with nothing to do for a long time so checking for whether or not there is anything in the queue, or if something is taking way too long to kill it.

https://github.com/pry0cc/axiom

Describe alternatives you've considered Using axiom manually

Additional context This will increase the speed in which people are able to scan, also reduce the effect of being rate-limited/blocked. You could also advertise your referral links for the cloud hosting providers supported by Axiom! :+1:

It's pretty easy to manually add modules to Axiom too!

uBadRequest avatar Apr 21 '21 01:04 uBadRequest

What do you think @yogeshojha?

uBadRequest avatar Apr 21 '21 20:04 uBadRequest

Agree.. https://github.com/pry0cc/axiom rengine+axiom will be awesome

log4works avatar Apr 26 '21 09:04 log4works

Agree, this will be faster and solve IP blocking problem @yogeshojha

anggipradana avatar Apr 26 '21 09:04 anggipradana

Sounds awesome, give me sometime to think about it as I have never used axiom in the past. Need to see how we can use axiom in reNgine. If you have any ideas, please feel free to give.

yogeshojha avatar Apr 26 '21 11:04 yogeshojha

Sounds awesome, give me sometime to think about it as I have never used axiom in the past. Need to see how we can use axiom in reNgine. If you have any ideas, please feel free to give.

All the tools ReNgine uses, could be ran distributed across your botnet(linode/digital ocean).You can run ffuf across a fleet of hosts, it would split your dictionary up by the number of hosts you have in your botnet, each one gets a piece of the dictionary.

Or you run Nuclei across 500 subdomains, axiom splits those subdomains up by the number of hosts in your botnet, each host gets their piece to run Nuclei against.

Also, It would also be awesome to have Target Groups, so that all the domains in scope, can be grouped together.

uBadRequest avatar Apr 27 '21 23:04 uBadRequest

Is this idea still alive?

mswell avatar Sep 24 '21 14:09 mswell

I hope so haha!

On Fri, Sep 24, 2021 at 10:41 AM Wellington Moraes @.***> wrote:

Is this idea still alive?

— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/yogeshojha/rengine/issues/385#issuecomment-926681661, or unsubscribe https://github.com/notifications/unsubscribe-auth/ALIXUOYWJ4VPQLURFWVNEADUDSEX3ANCNFSM43JK4QVA .

uBadRequest avatar Sep 25 '21 17:09 uBadRequest

This would allow rengine to insanely scale up the scans! Also, as axiom machines would be doing all the hard work, rengine would possibly run smoothly while performing like 20 concurrent scans and would only need to store the results back in the local database.

eschultze avatar Sep 30 '21 20:09 eschultze

Hi, I would love to bring this to reNgine 1.1, can someone of you please schedule a call with me to show how AXIOM works and maybe we can discuss how to bring this to reNgine. My email is [email protected], please book my calendar meet and let's do this!

yogeshojha avatar Oct 02 '21 15:10 yogeshojha

Hey @yogeshojha , Here's a video of the developer showing it off at NahamCon 2021. I think he does a good job explaining how it works. NahamCon 2021 - Introduction to Axiom - The Dynamic Infrastructure Framework for Everybody!

Another option, although I haven't used it yet, is https://github.com/FleexSecurity/fleex

One thing that anyone who wants to use this will have to do, is create a ticket with the cloud provider requesting the ability to create bigger image sizes. Axiom will ask if you want it to create the ticket for you. I think I had to wait a day for that to happen, but you won't be able to use Axiom until that happens, unless you remove stuff from the image so it meets their default image size limit of like 6Gb.

They also have limits to the number of droplets/linodes you can deploy, so we should have the ability to configure how many we want Rengine to attempt to deploy, because you can request an increase, which I was able to get to like 50 with Linode. All accounts start off with the ability to only create 20 concurrent active linodes, and 10 for Digital Ocean.

I'm on discord if you want to chat👋 BadRequests#2053

uBadRequest avatar Oct 04 '21 20:10 uBadRequest

Perfect, I'll add you on Discord, in the meantime I will watch the talk and will get back to you if I have any questions.

yogeshojha avatar Oct 05 '21 17:10 yogeshojha

@yogeshojha were you able to take a look at the videos? Let me know if you want to schedule a meeting so I can do a small demonstration

eschultze avatar Nov 17 '21 22:11 eschultze

Is this idea still alive?

tpirneci avatar Apr 28 '22 20:04 tpirneci

Hi @yogeshojha Let's talk, I know how to do it. 🥇

kobs0N avatar Jun 28 '22 21:06 kobs0N

Is this idea still alive? @yogeshojha

AmeerAssadi avatar Aug 24 '22 16:08 AmeerAssadi

Shadowclone could be alternative if axiom too hard to integrate https://github.com/fyoorer/ShadowClone this was faster than axiom and its more flexible too.

Messerschmidts-Reave avatar May 04 '23 10:05 Messerschmidts-Reave

Is this idea still alive?

ktecv2000 avatar Sep 24 '23 10:09 ktecv2000

@yogeshojha It could be an awesome improvement. As said @Messerschmidts-Reave Shadowclone seems more easy to implement

psyray avatar Nov 17 '23 18:11 psyray

We will try to implement ShadowClone when we have time I'm closing this issue, continue discussion on #961

psyray avatar Nov 18 '23 18:11 psyray