Introduction

Tsunami is a general purpose network security scanner with an extensible plugin system for detecting high severity vulnerabilities with high confidence.

To learn more about Tsunami, visit the official .

Tsunami relies heavily on its plugin system to provide basic scanning capabilities. All publicly available Tsunami plugins are hosted in a separate repository.

Quick Start

To quickly get started with Tsunami scans,

Traditional install

1. install the following required dependencies:

   Copy

   nmap >= 7.80
   ncrack >= 0.7

2. start a vulnerable application that can be identified by Tsunami, e.g. an unauthenticated Jupyter Notebook server. The easiest way is to use a docker image:

   Copy

   docker run --name unauthenticated-jupyter-notebook -p 8888:8888 -d jupyter/base-notebook start-notebook.sh --NotebookApp.token=''

3. execute the following command:

   Copy

   bash -c "$(curl -sfL https://raw.githubusercontent.com/google/tsunami-security-scanner/master/quick_start.sh)"

The quick_start.sh script performs the following tasks:

1. Clone the and repos into $HOME/tsunami/repos directory.

2. Compile all and move all plugin jar files into $HOME/tsunami/plugins directory.

3. Compile the Tsunami scanner Fat Jar file and move it into $HOME/tsunami directory.

4. Move the tsunami.yaml example config into $HOME/tsunami directory.

5. Print example Tsunami command for scanning 127.0.0.1 using the previously generated artifacts.

REFERENCES