Argus: Open-source information gathering toolkit

Argus is an open-source toolkit that simplifies information gathering and reconnaissance. It features a user-friendly interface and a collection of powerful modules, enabling the exploration of networks, web applications, and security configurations.

Argus offers a collection of tools categorized into three main areas:

Network and infrastructure tools

These tools help you gather data about a network, uncovering vital details about servers, IP addresses, DNS records, and more:

• Associated Hosts: Discover domains associated with the target.
• DNS Over HTTPS: Resolve DNS securely via encrypted channels.
• DNS Records: Collect DNS records, including A, AAAA, MX, etc.
• DNSSEC Check: Verify if DNSSEC is properly configured.
• Domain Info: Gather information such as registrar details and expiry dates.
• Domain Reputation Check: Check domain trustworthiness using various reputation sources.
• IP Info: Retrieve geographic and ownership details of an IP address.
• Open Ports Scan: Scan the target for open ports and services.
• Server Info: Extract key server details using various techniques.
• Server Location: Identify the physical location of the server.
• SSL Chain Analysis: Analyze the SSL certificate chain for trustworthiness.
• SSL Expiry Alert: Check SSL certificates for upcoming expiry.
• TLS Cipher Suites: List the supported TLS ciphers on the server.
• TLS Handshake Simulation: Simulate a TLS handshake to check for security issues.
• Traceroute: Trace the path packets take to reach the target.
• TXT Records: Fetch TXT records, often used for verification purposes.
• WHOIS Lookup: Perform WHOIS queries to gather domain ownership details.
• Zone Transfer: Attempt to perform DNS zone transfers.
• HTTP/2 and HTTP/3 Support Checker: Check if the server supports HTTP/2 and HTTP/3.

Web application analysis tools

These modules focus on understanding the structure and security of web applications:

• Archive history: View the target’s history using internet archives.
• Broken links detection: Find broken links that may lead to user frustration or security gaps.
• Carbon footprint: Evaluate the environmental impact of a website.
• CMS detection: Detect the type of CMS used, like WordPress, Joomla, etc.
• Cookies analyzer: Analyze cookies for secure attributes and potential privacy issues.
• Content discovery: Discover hidden directories, files, and endpoints.
• Crawler: Crawl the site to uncover data and map out its structure.
• Robots.txt analyzer: Analyze the robots.txt file for hidden resources.
• Directory finder: Look for directories that may not be indexed publicly.
• Email harvesting: Extract email addresses from the target domain.
• Performance monitoring: Monitor the website’s response time and load performance.
• Quality metrics: Assess the quality of the site’s content and user experience.
• Redirect chain: Follow redirects to analyze if they’re safe or malicious.
• Sitemap parsing: Extract URLs from the site’s sitemap.
• Social media presence scan: Analyze the social media profiles linked to the target.
• Technology stack detection: Identify the technologies and frameworks the site uses.
• Third-party integrations: Discover any third-party services integrated into the site.

Security and threat intelligence tools

The security modules in Argus are designed to assess the target’s defenses and gather threat intelligence:

• Censys reconnaissance: Use Censys for in-depth details about the target’s assets.
• Certificate authority Recon: Examine the certificate authority details.
• Data leak detection: Check for potential data leaks and sensitive data exposure.
• Exposed environment files checker: Identify publicly exposed .env files.
• Firewall detection: Identify whether a firewall or WAF is protecting the target.
• Global ranking: Look up the site’s global ranking to gauge its popularity.
• HTTP headers: Extract and evaluate HTTP response headers.
• HTTP security features: Check for secure HTTP headers such as HSTS and CSP.
• Malware and phishing check: Scan the site for signs of malware and phishing risks.
• Pastebin monitoring: Search paste sites for leaks associated with the target.
• Privacy compliance: Verify compliance with GDPR and other privacy regulations.
• Security.txt check: Locate and analyze the security.txt file for vulnerability disclosure policies.
• Shodan reconnaissance: Use Shodan to discover open ports, services, and vulnerabilities.
• SSL Labs report: Get a detailed SSL/TLS assessment via SSL Labs.
• SSL pinning check: Check if SSL pinning is implemented on the site.
• Subdomain enumeration: Discover subdomains of the target domain.
• Subdomain takeover: Test whether subdomains are vulnerable to takeover.
• VirusTotal scan: Check the target’s reputation using VirusTotal.

Whether you’re conducting research, performing authorized security assessments, or exploring network infrastructures out of curiosity, Argus delivers a wealth of information.

Argus is available for free on GitHub.

Must read:

• 33 open-source cybersecurity solutions you didn’t know you needed
• 20 free cybersecurity tools you might have missed
• 15 open-source cybersecurity tools you’ll wish you’d known earlier
• 20 essential open-source cybersecurity tools that save you time

I have read and agree to the terms & conditions

Leave this field empty if you're human: