Skip to content

Red team Arsenal - An intelligent scanner to detect security vulnerabilities in company's layer 7 assets.

Notifications You must be signed in to change notification settings

flipkart-incubator/RTA

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

28 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Red Team Arsenal  Tweet

Red Team Arsenal

Github Release Version Github Release Version License RTA loves Open source

Red Team Arsenal is a inhouse framework created by flipkart security team which monitors the external attack surface of the company's online assets and provide an holistic security view of any security anomalies. It's a closely linked collection of various security engines and tools to conduct/simulate attacks and monitor public facing assets for anomalies and leaks.

It's an intelligent framework that detects security anomalies in all layer 7 assets and reports the same.

As companies continue to expand their footprint on INTERNET via various acquisitions and geographical expansions, human driven security engineering is not scalable, hence, companies need feedback driven automated systems to stay put.

Installation

Supported Platforms

RTA has been tested both on Ubuntu/Debian (apt-get based distros) distros, it will also work with Mac-OS (but do replace the binaries folder with the binaries of the programs that match with your system architecture if you are running it on Mac OS)

Prerequisites:

There are a few packages which are necessary before proceeding with the installation:

  • Python 3.8, which is installed by default in most systems
  • Python pip: sudo apt-get install python3-pip

Also, you will need to update the config file and config_mail yml files with the following data

  • Google Chat Webhook URL
  • SMTP Credentials
  • Github Token
  • Mailing List
  • Custom Search Engine (API Key)

You can install all the requirements by running sudo pip3 install -r requirements.txt

Usage

Mention the domains you want to monitor inside 'input_files/domains.txt'

python3 scheduler.py

Configuring Google Chat:

You can receive notifications in Google Chat, this can be configured by adding the webhook URL to config.yml file.

Contributors

References

Thanks to the authors of the below creations.

About

Red team Arsenal - An intelligent scanner to detect security vulnerabilities in company's layer 7 assets.

Topics

Resources

Stars

Watchers

Forks

Packages

No packages published

Languages