Tool and Usage
Prowler is a fairly new project and was created as part of a hackathon. The software stack includes Ansible to do the provision. Python and related packages are used for the software itself. The Linux operating itself is powered by Raspbian, a Debian clone.
Why this tool?
A vulnerability scanner like Prowler can be used to scan the network for vulnerabilities. Prowler can perform active network scanning and uses fingerprinting. Part of the process it to test for default or weak credentials.
How it works
The website uses dispy and is responsible for the management of job queuing. Worker nodes pick up tasks and perform them by using a Python wrapper named python-libnmap. Not surprising, this leverages the well-known Nmap scanning tool. For SSH credential testing, the Python wrapper Paramiko is used.
According to the author, the tool is not actively maintained.
Usage and audience
Prowler (vuln) is commonly used for security assessment, vulnerability scanning, or vulnerability testing. Target users for this tool are pentesters, security professionals, and system administrators.
Tool review and remarks
The review and analysis of this project resulted in the following remarks for this security tool:
- + The source code of this software is available
- - No releases on GitHub available
Supported operating systems
Prowler (vuln) is known to work on Linux.
Prowler (vuln) alternatives
Similar tools to Prowler (vuln):
Archery is a Django-based application to perform vulnerability assessments and do vulnerability management.
OpenVAS is a framework of several services and tools offering a vulnerability scanning and vulnerability management solution.
Dagda is a security tool to perform static analysis of known vulnerabilities, malware and threats in Docker images and containers. It monitors both the Docker daemon and running containers to find anomalies and suspicious activities.
This tool page was updated at . Found an improvement? Help the community by submitting an update.