Last updated
Was this helpful?
Last updated
Was this helpful?
Tsunami is a general purpose network security scanner with an extensible plugin system for detecting high severity vulnerabilities with high confidence.
To learn more about Tsunami, visit the official .
Tsunami relies heavily on its plugin system to provide basic scanning capabilities. All publicly available Tsunami plugins are hosted in a separate repository.
To quickly get started with Tsunami scans,
install the following required dependencies:
start a vulnerable application that can be identified by Tsunami, e.g. an unauthenticated Jupyter Notebook server. The easiest way is to use a docker image:
execute the following command:
The quick_start.sh
script performs the following tasks:
Clone the and repos into $HOME/tsunami/repos
directory.
Compile all and move all plugin jar
files into $HOME/tsunami/plugins
directory.
Compile the Tsunami scanner Fat Jar file and move it into $HOME/tsunami
directory.
Move the tsunami.yaml
example config into $HOME/tsunami
directory.
Print example Tsunami command for scanning 127.0.0.1
using the previously generated artifacts.