Prowler is a Cluster Network Vulnerability Scanner, developed during Singapore Infosec Community Hackathon – HackSmith v1.0. It is implemented on a cluster of Raspberry Pi and it will scan a network for vulnerabilities, such as default/weak credentials, that can be easily exploited.
- Scan a network (or a particular subnet) for all IP addresses associated with active devices
- Determine if there are any open ports on the device
- Associate the ports with common services
- Test devices against a dictionary of factory default and common credentials
- Notify users of security lapses through an online dashboard
- Cluster Scan Demonstration Jupyter Notebook
- Single Scan Demonstration Jupyter Notebook
- Try out the web dashboard here
- Raspberry Pi Cluster HAT (with 4 * Pi Zero W)
- Raspberry Pi 3
- No external router needed!
- Raspbian Stretch (Controller Pi)
- Raspbian Stretch Lite (Worker Pi Zero)
- Note: For ease of setup, use the images provided by Cluster Hat! Instructions
- Python 3
- Firebase Real-time Database (to forward the information to the web dashboard)
- Bonus tool: pssh for executing SSH commands on all 4 pi zeros simultaneously.
- Clone the git repository:
git clone https://github.com/tlkh/prowler.git
- Install dependencies by running
sudo pip3 install python-libnmap dispy paramiko pyrebaseon the controller Pi
- From the controller Pi, SSH into each of the worker Pi using
ssh firstname.lastname@example.org run the same command on each:
sudo pip3 install python-libnmap dispy paramiko pyrebase
telepoton the controller Pi by running
sudo pip3 install telepotif you want to try running the Telegram bot.
dispy(website) is the star of the show. It allows allows us to create a job queue that will be processed by the worker Pi Zeros.
python-libnmapis the python wrapper around nmap, an open source network scanner. It allows us to scan for open ports on devices.
paramikois a python wrapper around SSH. We use it to probe SSH (port 22) on devices to test for common credentials.
pyrebaseis needed to upload our results to a Firebase Real-time Database
clusterhat onon the controller Pi to ensure that all Pi Zeros are powered up.
- Use pssh to run the command
/home/pi/dispy/py3/dispy/dispynode.py --clean --daemon&on the four Pi Zeros
python3 compute.pyon the controller Pi to start Prowler
To edit the range of IP addresses being scanned, edit the following lines in
test_range =  for i in range(0, 1): for j in range(100, 200): test_range.append("172.22." + str(i) + "." + str(j))
- To run ssh command on multiple devices
pssh -h pssh-hosts -l username -A -i "command"
- To create the cluster (in
cluster = dispy.JobCluster(compute, nodes='pi0_ip', ip_addr='pi3_ip')
- Check connectivity:
ping p1.local -c 1 && ping p2.local -c 1 && ping p3.local -c 1 && ping p4.local -c 1
- Temperature Check:
/opt/vc/bin/vcgencmd measure_temp && pssh -h workers -l pi -A -i "/opt/vc/bin/vcgencmd measure_temp" | grep temp
- rpimonitor (how to install):