{"id":13549826,"url":"https://github.com/frizb/Vanquish","last_synced_at":"2025-04-02T23:31:11.752Z","repository":{"id":49806829,"uuid":"91028492","full_name":"frizb/Vanquish","owner":"frizb","description":"Vanquish is Kali Linux based Enumeration Orchestrator. Vanquish leverages the opensource enumeration tools on Kali to perform multiple active information gathering phases.","archived":false,"fork":false,"pushed_at":"2018-04-22T04:42:43.000Z","size":346,"stargazers_count":505,"open_issues_count":7,"forks_count":132,"subscribers_count":40,"default_branch":"master","last_synced_at":"2024-11-03T19:37:15.393Z","etag":null,"topics":["kali-linux","offensive-security","oscp","penetration-testing","penetration-testing-framework","python","vulnerability-assessment","vulnerability-scanners"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/frizb.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2017-05-11T22:25:38.000Z","updated_at":"2024-10-22T09:54:50.000Z","dependencies_parsed_at":"2022-08-12T20:40:39.533Z","dependency_job_id":null,"html_url":"https://github.com/frizb/Vanquish","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/frizb%2FVanquish","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/frizb%2FVanquish/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/frizb%2FVanquish/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/frizb%2FVanquish/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/frizb","download_url":"https://codeload.github.com/frizb/Vanquish/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":246910933,"owners_count":20853652,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["kali-linux","offensive-security","oscp","penetration-testing","penetration-testing-framework","python","vulnerability-assessment","vulnerability-scanners"],"created_at":"2024-08-01T12:01:25.984Z","updated_at":"2025-04-02T23:31:11.239Z","avatar_url":"https://github.com/frizb.png","language":"Python","funding_links":[],"categories":["Python"],"sub_categories":[],"readme":"# Vanquish – Get to Shell\n\n\u003cp align=\"center\"\u003e\n  \u003cimg src=\"https://raw.githubusercontent.com/frizb/Vanquish/master/Vanquish.png\" title=\"Vanquish - Kali Linux Enumeration Orchestrator\"/\u003e\n\u003c/p\u003e\n\nVanquish is a Kali Linux based Enumeration Orchestrator built in Python.  Vanquish leverages the opensource enumeration tools on Kali to perform multiple active information gathering phases. The results of each phase are fed into the next phase to identify vulnerabilities that could be leveraged for a remote shell.  \n\n[![asciicast](https://asciinema.org/a/AoAay13XL1qJuy35jt45FCIzp.png)](https://asciinema.org/a/AoAay13XL1qJuy35jt45FCIzp)\n\n## Vanquish Features\nSo what is so special about Vanquish compared to other enumeration scripts?\n\n1.\t**Multi-threaded** – Runs multiple commands and scans multiple hosts simultaneously.\n2.\t**Configurable** – All commands are configured in a separate .ini file for ease of adjustment\n3.\t**Multiphase** – Optimized to run the fastest enumeration commands first in order to get actionable results as quickly as possible.\n4.\t**Intelligent** – Feeds the findings from one phase into the next in order to uncover deeper vulnerabilities.\n5.\t**Modular** – New attack plans and commands configurations can be easily built for fit for purpose enumeration orchestration.\n\n## Getting Started\n\nVanquish can be installed on Kali Linux using the following commands:\n\n    git clone https://github.com/frizb/Vanquish\n    cd Vanquish\n    python Vanquish2.py -install\n    vanquish --help\n\n[![asciicast](https://asciinema.org/a/87e2AIjr9ZVF6RM8B9ObDNcEX.png)](https://asciinema.org/a/87e2AIjr9ZVF6RM8B9ObDNcEX)\n\nOnce Vanquish is installed you can scan hosts by leveraging the best of breed Kali Linux tools:\n\n    echo 192.168.126.133 \u003e\u003e test.txt\n    vanquish -hostFile test.txt -logging\n    echo review the results!\n    cd test\n    cd 192_168_126_133\n    ls -la\n\n## What Kali Tools does Vanquish leverage?\n| NMap | Hydra | Nikto | Metasploit |\n| Gobuster | Dirb | Exploitdb | Nbtscan |\n| Ntpq | Enum4linux | Smbclient | Rpcclient |\n| Onesixtyone | Sslscan | Sslyze | Snmpwalk |\n| Ident-user-enum | Smtp-user-enum | Snmp-check | Cisco-torch |\n| Dnsrecon | Dig | Whatweb | Wafw00f |\n| Wpscan | Cewl  | Curl | Mysql | Nmblookup | Searchsploit |\n| Nbtscan-unixwiz | Xprobe2 | Blindelephant | Showmount |\n\n## Running Vanquish\n\n- **CTRL + C**\n\n    CTRL + C to exit an enumeration phase and skip to the next phase (helpful if a command is taking too long)\n    Vanquish will skip running a command again if it sees that the output files already exist.\n    If you want to re-execute a command, delete the output files (.txt,.xml,.nmap etc.) and run Vanquish again.\n\n- **CTRL + Z**\n\n    CTRL + Z to exit Vanquish.\n    \n- **Resume Mode**\n\n    Vanquish will skip running a command again if it sees that the output files already exist.\n\n- **Re-run an enumeration command**\n\n    If you want to re-execute a command, delete the output files (.txt,.xml,.nmap etc.) and run Vanquish again.\n\n## Commandline Arguments\n\u003cpre\u003e\nCommand Line Arguments\nusage: vanquish [-h] [-install] [-outputFolder folder] [-configFile file]\n                [-attackPlanFile file] [-hostFile file] [-workspace workspace]\n                [-domain domain] [-dnsServer dnsServer] [-proxy proxy]\n                [-reportFile report] [-noResume] [-noColor]\n                [-threadPool threads] [-phase phase] [-noExploitSearch]\n                [-benchmarking] [-logging] [-verbose] [-debug]\n\nVanquish is Kali Linux based Enumeration Orchestrator.\n\noptional arguments:\n  -h, --help            show this help message and exit\n  -install              Install Vanquish and it's requirements\n  -outputFolder folder  output folder path (default: name of the host file))\n  -configFile file      configuration ini file (default: config.ini)\n  -attackPlanFile file  attack plan ini file (default: attackplan.ini)\n  -hostFile file        list of hosts to attack (default: hosts.txt)\n  -workspace workspace  Metasploit workspace to import data into (default: is\n                        the host filename)\n  -domain domain        Domain to be used in DNS enumeration (default:\n                        megacorpone.com)\n  -dnsServer dnsServer  DNS server option to use with Nmap DNS enumeration.\n                        Reveals the host names of each server (default: )\n  -proxy proxy          Proxy server option to use with scanning tools that\n                        support proxies. Should be in the format of ip:port\n                        (default: )\n  -reportFile report    filename used for the report (default: report.txt)\n  -noResume             do not resume a previous session\n  -noColor              do not display color\n  -threadPool threads   Thread Pool Size (default: 8)\n  -phase phase          only execute a specific phase\n  -noExploitSearch      disable searchspolit exploit searching\n  -benchmarking         enable bench mark reporting on the execution time of\n                        commands(exports to benchmark.csv)\n  -logging              enable verbose and debug data logging to files\n  -verbose              display verbose details during the scan\n  -debug                display debug details during the scan\n\u003c/pre\u003e\n\n## Custom Attack Plans\n\n**GoBuster Max**\n\nGoBuster Max is an attack plan that will run all the web application content detection dictionaries against your targets.\n\n    Vanquish -hostFile test.txt -attackPlanFile ./attackplans/gobuster-max.ini -logging\n    \n[![asciicast](https://asciinema.org/a/U6TvUgVUhLDI4zRKjLpEaY3Ps.png)](https://asciinema.org/a/U6TvUgVUhLDI4zRKjLpEaY3Ps)\n\n**Hydra Credentials Scanner**\n\nWe users love to reuse our passwords across multiple systems. As you explore a network and harvest usernames and passwords, its probably a good idea to check where else those username and passwords are also used.  This attack plan will do exactly that for a single host or across an entire network. Attack plans will also leverage what has been learned about a network from previous scans and will automatically use the discovered services as part of the credential testing.\n\nThis attack will use a list of known credentials for a network and test them against all hosts and services that have been discovered.\nStore the credentials in a file in the root of your scan path and name it: credentials.txt\n\nEx. File containing host list: /root/Documents/Vanquish/myhosts.txt\n    \n    /root/Documents/Vanquish/myhosts/credentials.txt\n\nStore each known credential in username:password format in the text file\nEx. credentials.txt\n\n    elvis:Password!\n    jamesdean:rockyou\n    justin:12345678\n\nNote: this attack plan does NOT create the \u003e\u003e \u003coutput\u003e.txt file so it can be run again and again without havingto delete the output files.  This allows new credentials to be added to the list and the network to be rescanned frequently.\n\n    python Vanquish2.py -hostFile hostlist.txt -attackPlanFile ./attackplans/credentials.ini\n    \n**Hydra Usernames and Passwords List Scanner**\n\nThis attack will use a list of known usernames and a list of known passwords for a network and test them against all hosts and services that have been discovered.\n\nStore the usernames in a file in the root of your scan path and name it: usernames.txt\nEx. File containing host list: /root/Documents/Vanquish/myhosts.txt\n\n    /root/Documents/Vanquish/myhosts/usernames.txt\n    \nStore the passwords in a file in the root of your scan path and name it: passwords.txt\nEx. File containing host list: /root/Documents/Vanquish/myhosts.txt\n    \n    /root/Documents/Vanquish/myhosts/passwords.txt\n    \nStore each username or password on a new line of the text file\nEx. usernames.txt\n\n    elvis\n    jamesdean\n    justin\n\nPasswords are stored in a similar manner in the passwords.txt file.\n\nNote: this attack plan does NOT create the \u003e\u003e \u003coutput\u003e.txt file so it can be run again and again without having to delete the output files.  This allows new credentials to be added to the list and the network to be rescanned frequently.\n\n    python Vanquish2.py -hostFile hostlist.txt -attackPlanFile ./attackplans/usernamespasswords.ini\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ffrizb%2FVanquish","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Ffrizb%2FVanquish","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ffrizb%2FVanquish/lists"}