Skip to content

meebey/elephant-hunt

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

36 Commits
.github/workflows
.github/workflows
 
 
.vscode
.vscode
 
 
.envrc
.envrc
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
go.mod
go.mod
 
 
go.sum
go.sum
 
 
main.go
main.go
 
 
package.nix
package.nix
 
 
shell.nix
shell.nix
 
 

Repository files navigation

Elephant Hunt

GitHubCI pipeline status badge Go Report Card GitHub contributors License

GitHub Repo stars Twitter Follow

GitHub Release Date

A new risk-based methodology to identify application attack-surface by analyzing the running processes.

Supported features:

  • quantification of attack-surface with size of executable binary and its shared libraries (excluding non-executable code)

Future features/ideas:

  • a risk-score approach instead of raw technical numbers (e.g. bytes)
  • privileged vs unprivileged user -> privileged leads to high exposure of data
  • analyse and assess language safeness
  • analyse open ports (needs privileged user)
  • analyse and assess entry-points
    • listening TCP/UDP ports
    • Unix sockets
    • file read operations
  • report with break-down per executable and size of each loaded shared library

Required Software

  • GoLang

    $ apt-get install golang

Build

go build main.go

Run

go run main.go

About

Elephant Hunt: identify and reduce attack-surface

Resources

Readme

License

GPL-2.0 license
Activity

Stars

2 stars

Watchers

1 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Contributors 2

  •  
  •  

Languages