Mantis: Automating Security Discovery, Reconnaissance, and Vulnerability Scanning
Summary
Mantis is a powerful command-line security framework developed by PhonePe, designed to automate the entire workflow of asset discovery, reconnaissance, and vulnerability scanning. It efficiently processes top-level domains to uncover subdomains and certificates, conducts in-depth reconnaissance on active assets, and performs comprehensive scans for vulnerabilities, secrets, and misconfigurations. This robust tool integrates open-source and custom solutions, streamlining security assessments for organizations.
Repository Info
Tags
Click on any tag to explore related repositories
Introduction
Mantis, developed by PhonePe, is a robust command-line security framework designed to automate the entire workflow of asset discovery, reconnaissance, and vulnerability scanning. Written in Python, it streamlines the process of identifying digital assets, gathering intelligence, and detecting security flaws across an organization's attack surface. Mantis takes top-level domains as input and systematically progresses through discovering subdomains and certificates, performing reconnaissance on active assets, and concluding with comprehensive scans for vulnerabilities, secrets, misconfigurations, and phishing domains. Key features include automated discovery, recon, and scanning, distributed scanning capabilities, easy scan customization, dashboard support for vulnerability management, advanced alerting, and seamless integration of new security tools.
Installation
Mantis supports multiple installation types, with Docker being a recommended starting point for ease of setup. Before proceeding, ensure your system meets the minimum requirements: Ubuntu or macOS, 4GB RAM, 2 Cores, and 16GB Storage. The framework is CPU intensive, so running it on a dedicated VM is advised.
To install Mantis via Docker:
- Clone the Mantis repository:
git clone https://github.com/PhonePe/mantis.git - Navigate into the Docker setup directory:
cd mantis/setup/docker - Run the appropriate Docker setup script for your operating system:
./docker-setup-macos.sh # or ./docker-setup-ubuntu.sh
For uninstallation, run the following command in the same directory:
docker compose downA setup video is also available for guidance.
Examples
Mantis offers intuitive command-line options for onboarding new targets and performing scans.
Onboarding a new target (first-time scan):
- Using a Top-Level Domain (TLD):
mantis onboard -o org_name -t example.in - Using an IP address:
mantis onboard -o org_name -t 10.123.123.12 - Using an IP Range:
mantis onboard -o org_name -t 203.0.113.0-10 - Using an IP CIDR:
mantis onboard -o org_name -t 203.0.113.0/24 - Onboarding known assets from a file:
mantis onboard -o org_name -f input.txt - Adding a new subdomain to an existing organization:
mantis onboard -o org_name -t subdomain.example.in --sub
Performing subsequent scans:
- Scan all assets belonging to an organization:
mantis scan -o org_name - Scan all assets belonging to an organization and a specific application:
mantis scan -o org_name -a app_name - Scan an existing subdomain for an organization:
mantis scan -o org_name --sub subdomain.example.in
Why Use Mantis
Mantis stands out as an invaluable tool for security professionals and organizations due to its comprehensive automation capabilities. It significantly reduces manual effort by integrating discovery, reconnaissance, and scanning into a single, streamlined workflow. The framework's support for distributed scanning enhances scalability, allowing assessments of large and complex attack surfaces. With its customizable scan workflows, dashboard support for vulnerability management, and advanced alerting features, Mantis provides deep visibility and control over security posture. Its ability to easily integrate new and custom tools makes it a flexible and adaptable solution for evolving security needs.
Links
- GitHub Repository: https://github.com/PhonePe/mantis
- Official Documentation: https://phonepe.github.io/mantis/
- Join Discord: https://discord.gg/uJV8Y3uSGu