{"id":13843955,"url":"https://github.com/tlkh/prowler","last_synced_at":"2025-07-14T04:40:25.773Z","repository":{"id":68778708,"uuid":"114380341","full_name":"tlkh/prowler","owner":"tlkh","description":"Distributed Network Vulnerability Scanner","archived":false,"fork":false,"pushed_at":"2019-01-23T14:49:29.000Z","size":63744,"stargazers_count":123,"open_issues_count":3,"forks_count":30,"subscribers_count":17,"default_branch":"master","last_synced_at":"2024-05-19T14:30:58.771Z","etag":null,"topics":["cluster-computing","jupyter-notebook","linux","python","raspberry-pi","security"],"latest_commit_sha":null,"homepage":"https://tlkh.github.io/prowler/","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/tlkh.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null}},"created_at":"2017-12-15T14:41:44.000Z","updated_at":"2024-05-16T02:45:38.000Z","dependencies_parsed_at":"2023-02-25T05:45:43.517Z","dependency_job_id":null,"html_url":"https://github.com/tlkh/prowler","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tlkh%2Fprowler","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tlkh%2Fprowler/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tlkh%2Fprowler/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tlkh%2Fprowler/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/tlkh","download_url":"https://codeload.github.com/tlkh/prowler/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":248650590,"owners_count":21139670,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["cluster-computing","jupyter-notebook","linux","python","raspberry-pi","security"],"created_at":"2024-08-04T17:02:31.434Z","updated_at":"2025-04-13T00:31:22.622Z","avatar_url":"https://github.com/tlkh.png","language":"Python","funding_links":[],"categories":["Python (1887)","Python"],"sub_categories":[],"readme":"# Prowler\n**Prowler** is a Network Vulnerability Scanner implemented on a Raspberry Pi Cluster, first developed during Singapore Infosec Community Hackathon - HackSmith v1.0.\n\n[![Black Hat Aresenal 2018](images/2018.svg)](https://www.blackhat.com/asia-18/arsenal/schedule/#prowler---cluster-network-scanner-9901) [![License: MIT](https://img.shields.io/badge/License-MIT-yellow.svg)](https://opensource.org/licenses/MIT)\n\n![dashboard](images/screenshot_dashboard.jpg)\n\n### Capabilities\n\n- Scan a network (a particular subnet or a list of IP addresses) for all IP addresses associated with active network devices\n- Determine the type of devices using fingerprinting\n- Determine if there are any open ports on the device\n- Associate the ports with common services\n- Test devices against a dictionary of factory default and common credentials\n- Notify users of security vulnerabilities through an [dashboard](https://github.com/tlkh/prowler-dashboard). [Dashboard tour](https://www.youtube.com/watch?v=ycgxt-BvVz0)\n\n### Planned Capabilities\n\n- Greater variety of vulnerability assessment capabilities (webapp etc.)\n- Select wordlist based on fingerprint\n\n### Hardware\n- Raspberry Pi [Cluster HAT](https://clusterhat.com/) (with 4 \\* Pi Zero W)\n- Raspberry Pi 3\n- Networking device\n\n![cluster](images/cluster.png)\n\n### Software Stack\n\n- Raspbian Stretch (Controller Pi)\n- Raspbian Stretch Lite (Worker Pi Zero)\n- Note: For ease of setup, use the images provided by Cluster Hat! [Instructions](https://clusterhat.com/setup-software)\n- Python 3 (not tested on Python 2)\n- Python packages see `requirements.txt`\n- Ansible for managing the cluster as a whole (`/playbooks`)\n\nKey Python Packages:\n\n- `dispy` ([website](http://dispy.sourceforge.net/)) is the star of the show. It allows allows us to create a job queue that will be processed by the worker nodes.\n- `python-libnmap` is the python wrapper around [nmap](https://nmap.org/), an open source network scanner. It allows us to scan for open ports on devices.\n- `paramiko` is a python wrapper around SSH. We use it to probe SSH on devices to test for common credentials.\n- `eel` is used for the web dashboard (seperate repository, [here](https://github.com/tlkh/prowler-dashboard))\n- `rabbitmq` ([website](https://www.rabbitmq.com/)) is used to pass the results from the cluster to the `eel` server that is serving the dashboard page. \n\n### Ansible Playbooks\n\nFor the playbooks to work, `ansible` must be installed (`sudo pip3 install ansible`). Configure the IP addresses of the nodes at `/etc/ansible/hosts`.\n**WARNING: Your mileage may vary as these were only tested on my setup**\n\n- `shutdown.yml` and `reboot.yml` self-explanatory\n- `clone_repos.yml` clone prowler and dispy repositories (required!) on the worker nodes\n- `setup_node.yml` installs all required packages on the worker nodes. Does not clone the repositories!\n\n\n## Deploying Prowler\n\n1. Clone the git repository: `git clone https://github.com/tlkh/prowler.git`\n2. Install dependencies by running `sudo pip3 install -r requirements.txt` on the controller Pi\n3. Run `ansible-playbook playbooks/setup_node.yml` to install the required packages on worker nodes.\n4. Clone the prowler and dispy repositories to the worker nodes using `ansible-playbook playbooks/clone_repos.yml`\n5. Run `clusterhat on` on the controller Pi to ensure that all Pi Zeros are powered up.\n6. Run `python3 cluster.py` on the controller Pi to start Prowler\n\nTo edit the range of IP addresses being scanned, edit the following lines in `cluster.py`:\n```\ntest_range = []\n\n for i in range(0, 1):\n \n for j in range(100, 200):\n \n test_range.append(\"172.22.\" + str(i) + \".\" + str(j))\n```\n\n### Old Demos\n- [Cluster Scan Demonstration Jupyter Notebook](http://nbviewer.jupyter.org/github/tlkh/prowler/blob/master/ClusterDemo.ipynb)\n- [Single Scan Demonstration Jupyter Notebook](http://nbviewer.jupyter.org/github/tlkh/prowler/blob/master/SingleDemo.ipynb)\n- Try out the web dashboard [here](https://tlkh.github.io/prowler/app/)\n\n## Useful Snippets\n- To run ssh command on multiple devices, install `pssh` and `pssh -h pssh-hosts -l username -A -i\n \"command\"`\n- To create the cluster (in `compute.py`): `cluster =\n dispy.JobCluster(compute, nodes='pi0_ip', ip_addr='pi3_ip')`\n- Check connectivity: `ansible all -m ping` or `ping p1.local -c 1 \u0026\u0026 ping p2.local -c 1 \u0026\u0026 ping p3.local -c 1 \u0026\u0026 ping p4.local -c 1`\n- Temperature Check: `/opt/vc/bin/vcgencmd measure_temp \u0026\u0026 pssh -h workers -l\n pi -A -i \"/opt/vc/bin/vcgencmd measure_temp\" | grep temp`\n- rpimonitor ([how to install](http://rpi-experiences.blogspot.sg/p/rpi-monitor-installation.html)):\n\n![more random graphs](images/rpimonitor.jpg)\n\n#### Contributors:\n\n- Faith See\n- Wong Chi Seng\n- Timothy Liu\n\n**ABSOLUTELY NO WARRANTY WHATSOEVER!** Feel free to submit issues though.","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ftlkh%2Fprowler","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Ftlkh%2Fprowler","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ftlkh%2Fprowler/lists"}