Focus Areas:
Penetration Testing
This Tool Demo covers following tools where the speaker has contributed or authored
MANTIS
MANTIS
Abstract
Mantis is an asset inventory framework that has the capability to distribute a single scan across multiple machines, provides easy customization, dashboard support, and advanced alerting capabilities. We have not reinvented the wheel. Rather, we have tried to design an architecture that provides the essential features for a framework that involves the complexity of integrating multiple tools that are outside our control.
Our key differentiators include:
- Recon Automation
- Asset Discovery (subdomain, certificates)
- Tech Recon
- Scan
- Secrets Scanning (JS, WaybackUrls, Github - experimental)
- Identifying Phishing domains
- Misconfigurations
- Distribute a single scan and fasten your scan speeds by 2x.
- Understanding scan efficiency and failure points of a scan drilled down at a subdomain level
- Adding new tools in no time
- Advanced Alerting based on
- Teams
- Apps
- Assets/Findings
- User Tagging
- Default Dashboard support (AppSmith)
- Integration with DNS services (Route53)
- Workflow Customisation (choose tools and modules you want to run)
- Automated Scheduled Scans