[Detailed tutorial on building an ARL lighthouse]

Mobile 2023-12-17 11:01:08 views: null

Article directory

Preface

ARL (Asset Reconnaissance Lighthouse) is designed to quickly discover and organize corporate extranet assets and build a basic database for the assets. It can actively discover and identify assets without login credentials or special access, allowing Party A's security team or penetration testers to quickly Find vulnerabilities in designated enterprise assets, reduce the possibility of assets being exploited by threats, and avoid possible adverse effects.

1. Preparation

1. System requirements:
Currently, Windows is not supported. It is recommended to use Docker for Linux and MAC. The system configuration is at least 2 cores and 4G.
Since there will be a large number of outsourcing during the automatic asset discovery process, it is recommended to use cloud servers to bring a better experience.
2. Experimental environment: VM platform + KALI

2. Install docker and docker-compose

sudo apt-get update
sudo apt install docker.io
sudo docker version

Insert image description here

If the download speed is very slow, it is recommended to update the default source of kali. It is recommended to use Alibaba’s source download
Then install docker-compose. In fact, just download it directly

sudo apt install docker-compose
sudo docker-compose version

Insert image description here

3. Install ARL lighthouse

sudo apt-get update
git clone https://github.com/TophantTechnology/ARL

If cloning doesn’t work, it doesn’t matter. You can also directly visit this website to download the resources and put them into Kali.

Then enter the docker directory under the ARL directory to create a container data volume

sudo su	(输入密码)
docker volume create --name=arl_db

Insert image description here
Then launch
Then type the following command in the ARL/docker folder:

docker-compose pull
docker-compose up -d
docker-compose stop  //停止服务
docker-compose start  //启动服务
docker-compose restart   //重启服务

Check the startup status:

docker container ls

Insert image description here

4. Log in to ARL Lighthouse

The lighthouse address is: https://[virtual machine ip]:5003
Insert image description here
Enter the login interface, the default account password is (admin/arlpass):
Insert image description here

It has been set up here. Let’s continue exploring for subsequent use!
In addition, the fofa account needs to be filled in ARL/app/config.py
Insert image description here

Guess you like

Origin blog.csdn.net/qq_61872115/article/details/134391359
Recommended
TIOBE May list: Fortran “resurrected” into Top 10
GCC 14.1 released
Ranking
B. Little Girl and Game【1300 / 回文字符串 博弈论】
CIKERS Shane 20190613
"Javascript advanced programming" study notes - the constructor and prototype
beeline hiveserver2 start
springboot - Automatically backup mysql data every day
Data Storage Full Solution--Detailed Persistence Technology
Detailed Explanation of Spring Web MVC DispatcherServlet—Official Original
TCP / IP protocol layers structure and function
Command type literal pos: unknown; Fallback type literal pos: unknown] with root cause
Design of multifunctional curtain controller with indoor anti-theft alarm
Daily
More
2024-05-08(18)
2024-05-07(34)
2024-05-06(6)
2024-05-05(0)
2024-05-04(18)
2024-05-03(8)
2024-05-02(0)
2024-05-01(4)
2024-04-30(36)
2024-04-29(5)

Code World

© 2018 codetd.com