Sirius 开源免费的漏扫工具

Sirius 开源免费的漏扫工具

通用漏洞扫描工具,Scan是业内首款真正开源的，靠信息安全社区的集体技术力，功能上有超越部分商业产品的潜力。它的核心框架含四大关键模块：漏洞数据库、网络扫描引擎、代理发现机制和自定义评估分析

一、安装
推荐通过 Docker 方式安装 Sirius Scan，
具体操作步骤如下：首先克隆项目仓库至本地执行命令拉取源码：

git clone https://github.com/SiriusScan/Sirius.git # 进入项目根目录 cd Sirius # 启动 Docker 容器服务 docker compose up -d 

执行结果

[root@ops-tools-2-252 ~]# git clone https://github.com/SiriusScan/Sirius.git Cloning into 'Sirius'... remote: Enumerating objects: 18920, done. remote: Counting objects: 100% (285/285), done. remote: Compressing objects: 100% (203/203), done. remote: Total 18920 (delta 97), reused 200 (delta 75), pack-reused 18635 (from 2) Receiving objects: 100% (18920/18920), 174.97 MiB | 2.10 MiB/s, done. Resolving deltas: 100% (10335/10335), done. [root@ops-tools-2-252 ~]# cd Sirius/ [root@ops-tools-2-252 Sirius]# ll total 92 -rw-r--r-- 1 root root 409 Sep 28 15:29 cookies.txt -rw-r--r-- 1 root root 868 Sep 28 15:29 docker-compose.aws.yaml -rw-r--r-- 1 root root 1024 Sep 28 15:29 docker-compose.local.example.yaml -rw-r--r-- 1 root root 3087 Sep 28 15:29 docker-compose.override.yaml -rw-r--r-- 1 root root 1113 Sep 28 15:29 docker-compose.production.yaml -rw-r--r-- 1 root root 649 Sep 28 15:29 docker-compose.prod.yml -rw-r--r-- 1 root root 3693 Sep 28 15:29 docker-compose.staging.yaml -rw-r--r-- 1 root root 3426 Sep 28 15:29 docker-compose.user.yaml -rw-r--r-- 1 root root 4933 Sep 28 15:29 docker-compose.yaml drwxr-xr-x 4 root root 4096 Sep 28 15:29 documentation drwxr-xr-x 2 root root 50 Sep 28 15:29 environments -rwxr-xr-x 1 root root 1067 Sep 28 15:29 LICENSE drwxr-xr-x 2 root root 27 Sep 28 15:29 rabbitmq -rw-r--r-- 1 root root 3231 Sep 28 15:29 README.deployment.md -rw-r--r-- 1 root root 4644 Sep 28 15:29 README-DEVELOPMENT.md -rwxr-xr-x 1 root root 20935 Sep 28 15:29 README.md drwxr-xr-x 4 root root 4096 Sep 28 15:29 scripts drwxr-xr-x 6 root root 184 Sep 28 15:29 sirius-api drwxr-xr-x 3 root root 151 Sep 28 15:29 sirius-engine drwxr-xr-x 7 root root 4096 Sep 28 15:29 sirius-ui drwxr-xr-x 2 root root 201 Sep 28 15:29 tasks drwxr-xr-x 5 root root 66 Sep 28 15:29 templates [root@ops-tools-2-252 Sirius]# docker compose up -d [+] Running 23/23 ✔ sirius-rabbitmq Pulled 69.2s ✔ 8176e34d5d92 Pull complete 44.6s ✔ 26aa5c2fc28c Pull complete 45.2s ✔ 5a6866d83ad7 Pull complete 45.2s ✔ 424ad5823c0c Pull complete 45.3s ✔ d23f7e6945ef Pull complete 45.4s ✔ 2983462f8b69 Pull complete 63.2s ✔ 967a9b528d24 Pull complete 64.0s ✔ 8d0036e245ae Pull complete ......... => [sirius-engine development 15/20] COPY .air.toml .air.toml 0.1s => [sirius-engine development 16/20] COPY start.sh /start.sh 0.1s => [sirius-engine development 17/20] COPY start-enhanced.sh /start-enhanced.sh 0.0s => [sirius-engine development 18/20] COPY apps/ /engine/apps/ 0.1s => [sirius-engine development 19/20] RUN if [ -f /engine/apps/app-scanner/manifest.json ]; then mkdir -p /opt/sirius/nse/sirius-nse && cp /e 0.3s => [sirius-engine development 20/20] RUN dos2unix /start.sh /start-enhanced.sh && chmod +x /start.sh /start-enhanced.sh 0.4s => [sirius-engine] exporting to image 81.2s => => exporting layers 81.1s => => writing image sha256:c834afd227a90b85897887cec5a6869a3de610f89dc230392b2606275fedcf9a 0.0s => => naming to docker.io/library/sirius-sirius-engine 0.0s [+] Running 11/11 ✔ Network sirius Created 0.2s ✔ Volume "sirius_valkey_data" Created 0.0s ✔ Volume "sirius_node_modules" Created 0.0s ✔ Volume "sirius_rabbitmq_data" Created 0.0s ✔ Volume "sirius_postgres_data" Created 0.0s ✔ Container sirius-valkey Started 19.4s ✔ Container sirius-postgres Started 19.3s ✔ Container sirius-rabbitmq Started 19.3s ✔ Container sirius-ui Started 19.4s ✔ Container sirius-engine Started 19.4s ✔ Container sirius-api Started 19.3s [root@ops-tools-2-252 Sirius]# 

安装完成

查看启动情况

[root@ops-tools-2-252 Sirius]# docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 8582c416b3f3 sirius-sirius-engine "/start-enhanced.sh" 7 minutes ago Restarting (0) 44 seconds ago sirius-engine 3e5122f4e034 sirius-sirius-api "sh -c 'cd /api && g…" 7 minutes ago Up 3 minutes 0.0.0.0:9001->9001/tcp, :::9001->9001/tcp sirius-api 678373a05528 sirius-sirius-ui "docker-entrypoint.s…" 7 minutes ago Up 7 minutes 0.0.0.0:3000->3000/tcp, :::3000->3000/tcp sirius-ui 8e63498e7b62 valkey/valkey:latest "docker-entrypoint.s…" 7 minutes ago Up 7 minutes 0.0.0.0:6379->6379/tcp, :::6379->6379/tcp sirius-valkey 1d49fa1d6f57 rabbitmq:3.7.3-management "docker-entrypoint.s…" 7 minutes ago Up 7 minutes 4369/tcp, 5671/tcp, 0.0.0.0:5672->5672/tcp, :::5672->5672/tcp, 15671/tcp, 25672/tcp, 0.0.0.0:15672->15672/tcp, :::15672->15672/tcp sirius-rabbitmq 200814b488f7 postgres:15-alpine "docker-entrypoint.s…" 7 minutes ago Up 7 minutes 0.0.0.0:5432->5432/tcp, :::5432->5432/tcp sirius-postgres 

二、问题处理
安装中遇到很多问题，主要就是网络不通（都懂的）
报错：

[sirius-engine development 4/20] RUN go install github.com/air-verse/[email protected]:
30.24 go: github.com/air-verse/[email protected]: github.com/air-verse/[email protected]: Get “https://proxy.golang.org/github.com/air-verse/air/@v/v1.52.3.info”: dial tcp 142.250.198.81:443: i/o timeout

failed to solve: process “/bin/sh -c go install github.com/air-verse/[email protected]” did not complete successfully: exit code: 1

解决办法：
报错的核心是 go install github.com/air-verse/[email protected] 时访问 https://proxy.golang.org 超时，原因一般是网络问题（国内环境经常被墙）

1、关闭 Go Proxy，直接走 GitHub 在 Dockerfile 的 RUN go install ... 前加上： ENV GOPROXY=https://goproxy.cn,direct 修改Dockerfile /root/Sirius/sirius-engine/Dockerfile Install air for live reloading (compatible version with Go 1.23) RUN go install github.com/air-verse/[email protected] 大概在88行这里 前面加上 ENV GOPROXY=https://goproxy.cn,direct 重新运行 docker compose up -d 2、如果直接走 GitHub不行 替换如下 #RUN git clone https://hub.fastgit.org/SiriusScan/app-scanner.git \ RUN git clone https://gitclone.com/github.com/SiriusScan/app-scanner.git && cd app-scanner \ && git checkout main \ && go mod download \ && CGO_ENABLED=1 GOOS=linux go build -ldflags="-w -s" -o scanner main.go 3、如果还是报错，加代理 编辑dockerfile ENV GOPROXY=https://mirrors.aliyun.com/goproxy/,direct ENV GOSUMDB=off RUN git clone https://gitclone.com/github.com/SiriusScan/app-scanner.git && \ cd app-scanner && \ git checkout main && \ go mod download && \ CGO_ENABLED=1 GOOS=linux go build -ldflags="-w -s" -o scanner main.go 4、sirius-sirius-engine 不停的重启的问题 [root@ops-tools-2-252 sirius-engine]# docker ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES e2501cdf09bc sirius-sirius-api "sh -c 'cd /api && g…" 39 minutes ago Up 3 minutes 0.0.0.0:9001->9001/tcp, :::9001->9001/tcp sirius-api c4cfb6069495 sirius-sirius-engine "/start-enhanced.sh" 39 minutes ago Restarting (0) 33 seconds ago sirius-engine d438de48f910 sirius-sirius-ui "docker-entrypoint.s…" 39 minutes ago Up 39 minutes 0.0.0.0:3000->3000/tcp, :::3000->3000/tcp sirius-ui 0499ab2e452b rabbitmq:3.7.3-management "docker-entrypoint.s…" 39 minutes ago Up 39 minutes 4369/tcp, 5671/tcp, 0.0.0.0:5672->5672/tcp, :::5672->5672/tcp, 15671/tcp, 25672/tcp, 0.0.0.0:15672->15672/tcp, :::15672->15672/tcp sirius-rabbitmq cedfb34a00c8 postgres:15-alpine "docker-entrypoint.s…" 39 minutes ago Up 39 minutes 0.0.0.0:5432->5432/tcp, :::5432->5432/tcp sirius-postgres 4f9e1d1be399 valkey/valkey:latest "docker-entrypoint.s…" 39 minutes ago Up 39 minutes 0.0.0.0:6379->6379/tcp, :::6379->6379/tcp sirius-valkey [root@ops-tools-2-252 sirius-engine]# 在 app-terminal 的构建步骤中添加 Go 代理设置： dockerfile # Clone app-terminal RUN git clone https://gitclone.com/github.com/SiriusScan/app-terminal.git && \ cd app-terminal && \ git checkout ${APP_TERMINAL_COMMIT_SHA} && \ sed -i '/replace.*github.com\/SiriusScan\/go-api/d' go.mod && \ GOPROXY=https://mirrors.aliyun.com/goproxy/,direct GOSUMDB=off go mod tidy && \ GOPROXY=https://mirrors.aliyun.com/goproxy/,direct GOSUMDB=off go mod download && \ CGO_ENABLED=0 GOOS=linux go build -ldflags="-w -s" -o terminal cmd/main.go 

三、访问方式
安装完成后， 在浏览器中打开http://192.168.2.252:3000
初始用户名和密码：admin：password