Artemis is an open-source modular vulnerability scanner that checks different aspects of a website’s security and translates the results into easy-to-understand messages that can be shared with the organizations being scanned.
“The most important feature of the tool is report generation. Besides scanning, it is capable to generate a concise e-mail with vulnerability information and as few false positives as possible. We automatically send these e-mails to scanned entities. We don’t know about any other country where most public entities receive similarly advanced automatic periodic security scanning – and all other entities (including private companies) can register for free and get scanned as well,” Krzysztof Zając from CERT Polska, the creators of Artemis, told Help Net Security.
Artemis is built on the Karton framework, with its scanning capabilities handled by specialized Karton modules. Each module is designed to accept specific tasks, such as scanning a domain, perform an action, like enumerating subdomains via crt.sh, and then generate new tasks, such as identifying additional subdomains.
This modular approach allows Artemis to break down scanning into small, parallelized tasks, making the system highly scalable and easy to extend with new functionality.
The main goal of the developers is to integrate a variety of new tools to maximize vulnerability detection. In addition, they are constantly working to improve scanning speed and enhance the overall stability of the tool.
Artemis is available for free on GitHub.
Must read:
Subscribe to the Help Net Security ad-free monthly newsletter to stay informed on the essential open-source cybersecurity tools. Subscribe here!