This repository contains a collection of web-based (vulnerable) security scanners, including (but not limited to) the vulnerabilities from "Never Trust Your Victim: Weaponizing Vulnerabilities in Security Scanners" [1]. DVAS also contains a simulation of CVE-2020-7354 and CVE-2020-7355 for Metasploit Pro [2].
DVAS comes with 2 main components:
- Scanner acts as a normal security scanner, gathering information from the selected target.
- Attacker acts as a malicious target that answers with an attack payload. NOTE: you do not need to use this component. You can build your own, or you can use RevOK.
This repository includes multiple deploy options.
git clone https://github.com/AvalZ/DVAS.git
ORgit clone git@github.com:AvalZ/DVAS.git
cd DVAS
docker-compose up
Scanner is now available at http://localhost:8080, while Attacker is available at http://localhost:8081.
Prerequisites:
- Nmap
- PHP 7.2+
(TODO)