Shulou(Shulou.com)05/31 Report--

Editor to share with you what Pulsar is, I believe that most people do not know much about it, so share this article for your reference, I hope you will learn a lot after reading this article, let's go to understand it!

Pulsar

Pulsar is an automated network footprint scanning platform designed for red team researchers, penetration testers, and Bug Hunter to help us discover as many externally oriented assets as possible without knowing much about the target organization's infrastructure. While realizing the visualization of network data, Pulsar can also give the basic vulnerability score for the target and try to find out the weak points in the infrastructure and their relationship with other resources. In addition, it can be used as a custom vulnerability scanner to scan for large-scale or unknown security issues. It is worth mentioning that Pulsar is 100% free, and you can use all of its features directly without any API key.

Core function

1. Scanning and discovery of sub-domain names

2. Cloud resource discovery

3. Basic vulnerability scanning

4. Scanning strategy and optimization

5. Data visualization

6. Collaboration and data export

7. Planning and notification

8. REST API support

9. External API integration

10. OAUTH integration

11. Custom scanner extension

Integrated project

1 、 OWASP Amass

2 、 Nmap

3 、 RIPEstat API

4 、 CloudEnum

5 、 SSH Audit

6 、 WhatWeb

7 、 NVD Data Feed

Tool installation

To use email reminders, edit the EMAIL_BACKEND SETTINGS parameter in the portal/portal/settings.py file before installing the tool.

Windows installation

Dependency requirement

1 、 Git-tools

2. Docker engine and Docker-Compose:

Installation operation

First, clone the latest version of the Pulsar project source code locally using the following command:

Git clone https://github.com/FooBallZ/pulsar

Next, change to the project directory and run the PowerShell installer:

PS >.\ install.ps1

Then, follow the installer instructions to complete the tool installation. Here, you need to make sure that the generated password is stored and that the administrator password can be changed in the Django administrator console in / admin/.

Finally, visit https://localhost:8443/ to log in to the Pulsar console and generate default credentials.

Linux installation

Dependency requirement

1. Git-tools- uses package management tools to install git:

Sudo apt install git

2. Docker engine and Docker-Compose:

Installation operation

First, clone the latest version of the Pulsar project source code locally using the following command:

Git clone https://github.com/FooBallZ/pulsar

Next, change to the project directory and run the Bash installer:

#. / install.sh

Then, follow the installer instructions to complete the tool installation. Here, you need to make sure that the generated password is stored and that the administrator password can be changed in the Django administrator console in / admin/.

Finally, visit https://localhost:8443/ to log in to the Pulsar console and generate default credentials.

Tool use

The recommended workflows are as follows:

1. Start by adding new assets to the console

2. Run the passive Discovery scan task (active option disabled)

3. Mark all false positives in the "Network" tab

4. Run active scan

5. View and export scan results

6. Run periodic scans again with repeated scans enabled

Asset View

Add assets

Click the "Add" button to create a new asset object. The new asset definition includes:

1. Name-short name of organization

2. Domain name-Root domain name, which is used to enable enumeration tasks

Scan assets

Click the "Scan" button to initialize the scanning process and open the following policy configuration window:

Export assets

Click the "Export" button to export the data in the following format:

CSV

JSON

MARKDOWN

PDF

Custom scan plug-in

The sample plug-in configuration is as follows:

Customize scan settings and variabl

Settings such as the Nmap scan flag can be configured in the scan_settings variable in the portal/pulsar/modules/scanner_utils.py file:

Scan_settings = {'heavy_processes': [' amass', 'zdns'], # consider Nmap'cmd_timeout':' 2hrs, # linux timeout syntax i.e. 10s 10m 10h 10d amassable timeoutlines: '10m sS timeoutlines:' 20mm sS timeoutlines:'- noalts', 'nmap_tcp_flags':'-Pn-n-sS-vv','nmap_udp_flags':'- Pn-n-sU-vv' 'resolvers':' 1.1.1.1Partition 53 Magazine 8.8.8.8Vers53Power64.64.64.6 Vuitry 53'} Cooperation Group 74.82.42.42Formula 53recovery1.0.1handler53'} collaboration group

The collaboration group in the Django administrator console allows us to create a collaborative workgroup and support multiple users to access asset objects at the same time. To configure collaboration groups, you need to complete the following two steps.

First, create a new collaboration group, and then assign users and roles:

Next, assign assets to the collaboration group:

Tool architecture

Pulsar is a platform-as-a-service product based on Docker-Compose files. Its implementation architecture is easily extensible and can be compatible and deployed to a variety of common cloud environments.

The architecture of the Docker container is as follows:

The above is all the content of this article "what is Pulsar?" thank you for reading! I believe we all have a certain understanding, hope to share the content to help you, if you want to learn more knowledge, welcome to follow the industry information channel!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.