Leviathan scans is for project auditing scanning framework. It is a mass auditing toolkit and it has wide range service discovery, brute force, SQL injection detection and running custom exploit capabilities.
Leviathan consists open source tool such mass scan, ncrack, dsss and provide us the flexibility of using them with a combination. This requires Python2 for run.
Leviathan consists open source tool such mass scan, ncrack, dsss and provide us the flexibility of using them with a combination. This requires Python2 for run.
Key features of Leviathan Scans
- Discovery: Leviathan can discover FTP, SSH, Telnet, RDP, MYSQL services running under a specific country or in an IP range by Shodan, Censys. It is also possible to manually discover running services on an IP range by integrated "Leviathan scan".
- Brute-Force: We can bruteforce the discovered services with integrated "ncrack" tool. It has wordlists which includes most popular combinations and default password for specific services.
- Remote Command Execution: We can run system commands remotely on compromised devices.
- SQL injection Scanner: Discover SQL injection vulnerabilities on websites with specific country extension or with our custom Google Dork.
- Exploit Specific Vulnerabilities: Leviathan can scan vulnerabilities targets with Shodan, Censys or masscan and mass exploit them by providing our own exploit or using pre-included exploits.
Integrated Tools
Masscan: It’s a very fast TCP port scanner by Robert David Graham. Leviathan uses masscan for detecting services on a huge IP range. https://github.com/robertdavidgraham/masscan
Ncrack: Ncrack is a high-speed network authentication cracking tool. Leviathan uses ncrack to brute force services such as FTP, SSH, RDP, Telnet, MYSQL etc. https://github.com/nmap/ncrack
DSSS (Damn Small SQLi Scanner): DSSS is a fully functional and minimal SQL injection vulnerability scanner by Miroslav Stampar. Leviathan uses DSSS to identify SQL Injection vulnerabilities on specific URLs. https://github.com/stamparm/DSSS
Ncrack: Ncrack is a high-speed network authentication cracking tool. Leviathan uses ncrack to brute force services such as FTP, SSH, RDP, Telnet, MYSQL etc. https://github.com/nmap/ncrack
DSSS (Damn Small SQLi Scanner): DSSS is a fully functional and minimal SQL injection vulnerability scanner by Miroslav Stampar. Leviathan uses DSSS to identify SQL Injection vulnerabilities on specific URLs. https://github.com/stamparm/DSSS
Installing Leviathan Scans
Leviathan is written in Python2 and Python2 is officially dead (No more supports). But to use Leviathan in Kali Linux latest version we don't need to manually install Python2 in Kali Linux because newer versions of Kali Linux also comes with Python2.
We can clone Leviathan from it's Github repository by using following command:
Then we can go to the folder by using cd command:
Now we give the installer script executable permissions using following command:
Then it will install it's requirements to run.
Now we run the installer script by using following command:
Now we run the installer script by using following command:
Let we run leviathan scans by applying following command:
In the following screenshot we can see that we have successfully run the leviathan framework:
From the Discovery menu we can use the discover and scanning sites like Shodan, Censys, Masscan, Web Scanner.
Discovery module helps us to identify machines which runs a specific service. We can extract pre-discovered machines with Shodan's or Censys's API (option 1-2) or we can scan them our-self with masscan tool (option 3) or we can discover websites according to a dork from Google (option 4).
In Attack module there are four options listed for our usage.
Following attacks will be done to the targets which are discovered
in 'Discovery' section.
In 'Brute Force' section we can make brute force attacks for following
protocols: ftp, ssh, telnet, rdp, mysql
In 'Web(SQL Injection)' section we can search for SQL Injection
vulnerabilities on pre-discovered URLs
In 'Custom Exploit' section we can run a custom exploit for
pre-discovered targets.
In 'Run remote command' section we can execute commands remotely
on compromised machines.
In the assets module we can see the lists of discovered machines and compromised machines.
We can use option 1 for showing discovered machines and option 2 for compromised systems.
In the configuration module we can change or add API keys for Google, Shodan or Censys.
We can use option 1 to add or change Google API Key, option for add or change Google CSE ID, similarly we can use option 3 for Censys UID option 4 for Censys Secret and for Shodan API key we can choose option 5 .
To see all the the configured API keys we can choose option 6 (Show Config File)
We can use these functions we can with leviathan scans tool.
Discovery module helps us to identify machines which runs a specific service. We can extract pre-discovered machines with Shodan's or Censys's API (option 1-2) or we can scan them our-self with masscan tool (option 3) or we can discover websites according to a dork from Google (option 4).
In Attack module there are four options listed for our usage.
Following attacks will be done to the targets which are discovered
in 'Discovery' section.
In 'Brute Force' section we can make brute force attacks for following
protocols: ftp, ssh, telnet, rdp, mysql
In 'Web(SQL Injection)' section we can search for SQL Injection
vulnerabilities on pre-discovered URLs
In 'Custom Exploit' section we can run a custom exploit for
pre-discovered targets.
In 'Run remote command' section we can execute commands remotely
on compromised machines.
In the assets module we can see the lists of discovered machines and compromised machines.
We can use option 1 for showing discovered machines and option 2 for compromised systems.
In the configuration module we can change or add API keys for Google, Shodan or Censys.
We can use option 1 to add or change Google API Key, option for add or change Google CSE ID, similarly we can use option 3 for Censys UID option 4 for Censys Secret and for Shodan API key we can choose option 5 .
To see all the the configured API keys we can choose option 6 (Show Config File)
We can use these functions we can with leviathan scans tool.
Leviathan is a mass audit toolkit which has wide range service discovery, brute force, SQL injection detection and running custom exploit capabilities. It consists open source tools such masscan, ncrack, dsss and gives you the flexibility of using them with a combination.
The main goal of this project is auditing as many system as possible in country-wide or in a wide IP range.
Legal Waning: While this may be helpful for some, there are significant risks. You could go to jail on obstruction of justice charges just for running leviathan, even though you are innocent. Your are on notice, that using this tool outside your "own" environment is considered malicious and is against the law. Use with caution.