-
Notifications
You must be signed in to change notification settings - Fork 27
/
Copy pathnray-conf.yaml
185 lines (168 loc) · 6.43 KB
/
nray-conf.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
## Full documentation and further information can be found at https://nray-scanner.org
## Nray's advanced scanning is supposed to be configured solely via this configuration file
## Each directive is documented. It is probably best to start with the default configuration
## and tweak it to fit your use case.
## Note: Changing values with "internal" in the name / hierarchy may break nray in brutal
## and/or subtile ways because you are changing *internals*. You have been warned.
# IMPORTANT NOTE ON BLACKLISTS:
# This affects only target generation on the server. DNS resolution
# happens on the scannernode. This means that if example.local is at
# 10.0.0.10 and example.local is on the blacklist, the IP will
# still get scanned if it is in the target list. Of course, this
# affects also a blacklisted IP which is going to be scanned
# if a DNS entry not on the blacklist is pointing to it
# Enables Debug output
#debug: false
# Specifies on which port to listen for connections by scanner nodes
# Having multiple ports listening is fine
# This setting is only allowed for advanced scans
listen: [8601]
# Specify the hostname/address to listen on. 0.0.0.0 listens on all
# interfaces, 127.0.0.1 binds to the loopback interface.
host: "127.0.0.1"
# Enable TLS between server and nodes
#TLS:
# enabled: false
# CA: "/path/to/ca.pem"
# cert: "/path/to/servercert.pem"
# key: "/path/to/servercert-key.pem"
# forceClientAuth: false
# The interval that status information is printed to stdout
#statusPrintInterval: 15s
# Pools defines how many worker pools are available and therefore
# how often a target is scanned by different scanners
#pools: 1
# Set considerClientPoolPreference to true if clients should be able
# to request to be placed in a pool specified by them. If the pool
# doesn't exist, the server will fall back to assign pools with
# fewest nodes.
#considerClientPoolPreference: true
# This randomizes the nodeID, allowing to run multiple nodes on the same
# machine or in scenarios where no unique ID can be generated from the
# environment, for example container environments like Kubernetes
#allowMultipleNodesPerHost: false
#internal:
# # Seconds until a node that has not sent any heart beat expires
# nodeExpiryTime: 30
# # This setting affects the interval in seconds of expiry checks
# nodeExpiryCheckInterval: 10
# All targetgenerators are configured here
targetgenerator:
bufferSize: 5
# The default target generator
standard:
enabled: true
targets: ["192.168.178.1/28"]
#targetFile: "./targets.txt"
tcpports: ["top25"]
udpports: ["top25"]
blacklist: []
#blacklistFile: "./blacklist.txt"
maxHostsPerBatch: 150
maxTcpPortsPerBatch: 25
maxUdpPortsPerBatch: 25
# certificatetransparency:
# enabled: false
# # For regex debugging: https://play.golang.org/p/jgDiTmPlqdW
# domainRegex: '^(www[.]).*([.]com)$'
# tcpports: [top25]
# udpports: [top25]
# blacklist: []
# maxHostsPerBatch: 150
# maxTcpPortsPerBatch: 25
# maxUdpPortsPerBatch: 25
# ldap:
# enabled: false
# ldapSearchString: "(objectCategory=computer)"
# baseDN: "dc=contoso,dc=com"
# ldapAttribute: "dNSHostName"
# ldapServer: ""
# ldapPort: 636
# insecure: false
# ldapUser: ""
# ldapPass: ""
# tcpports: [top25]
# udpports: [top25]
# blacklist: []
# maxHostsPerBatch: 5
# maxTcpPortsPerBatch: 25
# maxUdpPortsPerBatch: 25
# Configuration of scanners goes here
scannerconfig:
workers: 900
# ratelimit defines how many workers call the scan() function per second.
# Having a rate limit allows us to utilize most ressources by having lots
# of workers that may wait for network IO/timeouts whereas in case of a
# burst (e.g. start of a scan) the rate limit blocks all workers from
# starting their job at once
# Expects a number or 'none' (lowercase!) if no limit should be applied.
#ratelimit: "none"
# tcp port scanner
tcp:
# Connect timeout in milliseconds
timeout: 1000ms
udp:
# Fast sends only probes for known protocols
fast: false
# Default payload. This is sent when the scanner is not aware of the protocol. See documentation
# for a complete list of protocols supported by the scanner
defaultHexPayload: "\x6e\x72\x61\x79"
# You may define/overwrite port:payloads at your wish. For encoding arbitrary data, see https://golang.org/ref/spec#Rune_literals
#customHexPayloads:
# "19": "A" # chargen. "A" is the same as "\x41" (hex) or "\101" (oct)
# Timeout to wait for a response
timeout: 1000ms
# zgrab2 is used for some higher-layer protocol scans
#zgrab2:
# enabledModules: []
# # Configuration for ssh scanner
# ssh:
# subscribePorts: ["tcp/22"]
# timeout: 2500ms
# ClientID: "SSH-2.0-Go-nray"
# CollectUserAuth: true # see what userauth methods are allowed
# # Configuration for http(s) scanner
# # HTTP scanner is currently a little bit buggy, there seem to be also bugs in the upstream implementation.
# # Use with caution
# http:
# subscribeHTTPPorts: ["tcp/80", "tcp/8080", "tcp/8000"]
# subscribeHTTPSPorts: ["tcp/443", "tcp/8443"]
# timeout: 2500ms
# # Values commented out are also defaults, therefore no need to specify them explicitly
# method: "GET"
# endpoint: "/"
# userAgent: "nray"
# retryHTTPS: true # If connection attempt via HTTP fails, try HTTPS?
# maxRedirects: 2
# Everything in the event node controls if and how data is written
events:
terminal:
# Any matching filter is going to be printed
filter:
environment: # empty filter is printed if a element of this type exists
#result.port: 80
#result.portscan.open: true
internal:
channelsize: 1000
json-file:
filename: "nray-output.json"
# If set to false, overwriteExisting will prevent nray to overwrite
# any existing output file.
overwriteExisting: false
internal: # Don't touch these unless you know what you do
channelsize: 10000 # Internal event buffer
synctimer: 10s # flush interval
#elasticsearch:
# # FQDN or IP of elasticsearch instance
# server: "elasticsearch.local"
# # specifies if HTTPS is used
# useTLS: true
# # elasticsearch port
# port: 443
# internal:
# # the index name nray is writing its events to
# indexname: "nray"
# # size of the internal buffer
# channelsize: 10000
# # time in seconds to commit results to elasticsearch
# committimer: 3