This repository contains a collection of web-based (vulnerable) security scanners, including (but not limited to) the vulnerabilities from "Never Trust Your Victim: Weaponizing Vulnerabilities in Security Scanners" [1]. DVAS also contains a simulation of CVE-2020-7354 and CVE-2020-7355 for Metasploit Pro [2].
DVAS comes with 2 main components:
- Scanner acts as a normal security scanner, gathering information from the selected target.
- Attacker acts as a malicious target that answers with an attack payload. NOTE: you do not need to use this component. You can build your own, or you can use RevOK.
This repository includes multiple deploy options.
git clone https://github.com/AvalZ/DVAS.git
ORgit clone [email protected]:AvalZ/DVAS.git
cd DVAS
docker-compose up
Scanner is now available at http://localhost:8080, while Attacker is available at http://localhost:8081.
Prerequisites:
- Nmap
- PHP 7.2+
(TODO)