:globe_with_meridians: SD-WAN Internet Census Framework
This project is no longer maintained. It is stable and you still can use it for SD-WAN scanning, but currently, more preferable and accurate way to scan different things on the internet (not only SD-WAN solutions) is to use our new Grinder Framework.
SD-WAN Harvester
tool was created to automatically enumerate and fingerprint SD-WAN nodes on the Internet.
It uses Shodan search engine for discovering, NMAP NSE scripts for fingerprinting, and masscan to implement some specific checks.
SD-WAN Harvester
requires Python 3.6 or later and Nmap.
You also need an Shodan API key.
git clone https://github.com/sdnewhop/sdwan-harvester.git
pip
requirements:
python3.6 -m pip install -r requirements.txt
python3.6 harvester.py -h
./harvester.py -sk YOUR_SHODAN_KEY
or via an environment variable
export SHODAN_API_KEY=YOUR_API_KEY_HERE
./harvester.py (without -sk key)
-h, --help
- show the help message and exit.
-sk SHODAN_KEY, --shodan-key SHODAN_KEY
- set a Shodan API key.
-n, --new
- initiate a new discovery using Shodan.
-q QUERIES, --queries QUERIES
- specify the file containing SD-WAN queries and filters for Shodan.
Default value is shodan_queries.json
.
-d DESTINATION, --destination DESTINATION
- the directory where results will be stored.
Default value is results
.
-C CONFIDENCE, --confidence CONFIDENCE
- set the confidence level (certain
, firm
, or tentative
).
Default value is certain
.
-v [VULNERS [VULNERS ...]], --vulners [VULNERS [VULNERS ...]]
- the list of venodrs checked by Shodan vulnerability scanner. For example, --- vulners silver peak, arista, talari
command starts finding of known vulnerabilities for silver peak
, arista
and talari
products. Use --vulners all
to run scanning for all vendors.
By default, Shodan vulnerability scanning is turned off.
-mv MAX_VENDORS, --max-vendors MAX_VENDORS
- the Maximum Number of Vendors shown in reports.
Default value is 10
.
-mc MAX_COUNTRIES, --max-countries MAX_COUNTRIES
- the Maximum Number of Countries shown in reports.
Default value is 10
.
-maxv MAX_VULNERS, --max-vulners MAX_VULNERS
- the Maximum Number of Vulnerabilities shown in reports.
Default value is 10
.
-u, --update-markers
- Update map markers.
Show help
python3.6 harvester.py -h
Run an enumeration
python3.6 harvester.py -sk YOUR_API_KEY -n
Run an enumeration with firm
level of confidence
python3.6 harvester.py -sk YOUR_API_KEY -n -c firm
Run a vulnerability scan against talari
vendor
python3.6 harvester.py -sk YOUR_API_KEY -n -v talari
Run a new vulnerability scan for all vendors. The Maximum Number of Vendors is 8, the Maximum Number of Countries is 8, and the Maximum Number of CVEs is 8
python3.6 harvester.py -sk YOUR_API_KEY -n -v all -mv 8 -mc 8 -maxv 8
Run a new scan with all features enabled
python3.6 harvester.py -sk YOUR_API_KEY -n -v all -c all
Process data from previous scan results (for example, if you want to build new charts and graphics containing fewer vendors, countries, or vulners.)
python3.6 harvester.py -v -mv <num> -mc <num> -maxv <num>