SWARM – Modular Distributed Pentest Framework

Swarm is an open source modular distributed penetration testing Tool that use distributed task queue to implement communication in the master-slave mode system and use MongoDB for data storage. It consists of a distributed framework and function modules.

SWARM - Modular Distributed Pentest Tool
SWARM – Modular Distributed Pentest Tool

The function module can be an entirely new implement of some penetration functions or it can be a simple wrap of an existing tool to implement distributed functionality. Because of the modularity architecture it is easy to customize and extend new features under the distributed framework.

Now in this version 0.6.0 it has five modules:

  • Subdomain name scan module
  • Directories and files scan module
  • Nmap extension module
  • Sitemap crawler module
  • Intruder module

It is recommended that you use configuration file to configure the framework instead of using cli arguments if your requirement is high. The configuration files locate in /etc/swarm/.

On the configuration folder there are 6 conf files to update the settings and customize the scanning , bruteforce attack, crawler settings such as timeout or specify the payload for the attack to establish connection with the compromised hosts. The files are dirsc.conf , domainsc.conf , intruder.conf , nmap.conf sitemap.conf , swarm.conf.

You can read more and download the framework over here: https://github.com/a7vinx/swarm

Share