Mantis: Automating Security Discovery, Reconnaissance, and Vulnerability Scanning

Introduction

Mantis, developed by PhonePe, is a robust command-line security framework designed to automate the entire workflow of asset discovery, reconnaissance, and vulnerability scanning. Written in Python, it streamlines the process of identifying digital assets, gathering intelligence, and detecting security flaws across an organization's attack surface. Mantis takes top-level domains as input and systematically progresses through discovering subdomains and certificates, performing reconnaissance on active assets, and concluding with comprehensive scans for vulnerabilities, secrets, misconfigurations, and phishing domains. Key features include automated discovery, recon, and scanning, distributed scanning capabilities, easy scan customization, dashboard support for vulnerability management, advanced alerting, and seamless integration of new security tools.

Installation

Mantis supports multiple installation types, with Docker being a recommended starting point for ease of setup. Before proceeding, ensure your system meets the minimum requirements: Ubuntu or macOS, 4GB RAM, 2 Cores, and 16GB Storage. The framework is CPU intensive, so running it on a dedicated VM is advised.

To install Mantis via Docker:

1. Clone the Mantis repository:

   git clone https://github.com/PhonePe/mantis.git

2. Navigate into the Docker setup directory:

   cd mantis/setup/docker

3. Run the appropriate Docker setup script for your operating system:

   ./docker-setup-macos.sh
   # or
   ./docker-setup-ubuntu.sh

For uninstallation, run the following command in the same directory:

docker compose down

A setup video is also available for guidance.

Examples

Mantis offers intuitive command-line options for onboarding new targets and performing scans.

Onboarding a new target (first-time scan):

• Using a Top-Level Domain (TLD):

  mantis onboard -o org_name -t example.in

• Using an IP address:

  mantis onboard -o org_name -t 10.123.123.12

• Using an IP Range:

  mantis onboard -o org_name -t 203.0.113.0-10

• Using an IP CIDR:

  mantis onboard -o org_name -t 203.0.113.0/24

• Onboarding known assets from a file:

  mantis onboard -o org_name -f input.txt

• Adding a new subdomain to an existing organization:

  mantis onboard -o org_name -t subdomain.example.in --sub

Performing subsequent scans:

• Scan all assets belonging to an organization:

  mantis scan -o org_name

• Scan all assets belonging to an organization and a specific application:

  mantis scan -o org_name -a app_name

• Scan an existing subdomain for an organization:

  mantis scan -o org_name --sub subdomain.example.in

Why Use Mantis

Mantis stands out as an invaluable tool for security professionals and organizations due to its comprehensive automation capabilities. It significantly reduces manual effort by integrating discovery, reconnaissance, and scanning into a single, streamlined workflow. The framework's support for distributed scanning enhances scalability, allowing assessments of large and complex attack surfaces. With its customizable scan workflows, dashboard support for vulnerability management, and advanced alerting features, Mantis provides deep visibility and control over security posture. Its ability to easily integrate new and custom tools makes it a flexible and adaptable solution for evolving security needs.

Links

• GitHub Repository: https://github.com/PhonePe/mantis
• Official Documentation: https://phonepe.github.io/mantis/
• Join Discord: https://discord.gg/uJV8Y3uSGu