Acheron is a RESTful vulnerability assessment and management framework built around search and dedicated to terminal extensibility. The framework was designed operating system agnostic and supports all major CPU architectures as well. The tool is built around a phased approach to vulnerability assessment that ensures quality by enforcing simplicity and enhancing productivity through search.
- Collection & Normalization of Vulnerability Data
- Supports many data types including: Nessus, Acunetix, Grendel, Burp, Nmap, Nikto, Nexpose, Zap, Retina, and More
- Input threat models, intelligence, and risks
- Search
- Acheron is built around search in order to inform and enhance rapid data analysis
- Your own personal Google to empower Prioritization, Triage, Remediation, and Reporting
- Automate & Analyze
- Incorporate authorized system/software inventories and watch them update based on real world data
- Automated corelation of vulnerability data to organization specific threats
- Data Management
- Track, categorize, and remediate vulnerabilities
- Triage and assign risk ratings
- Terminal Extensibility
- All data managed by Acheron can be accessed directly from the command line through both Bash and PowerShell
- This enables rapid remediation opportunity and infinite yet simplistic extensibility
Acheron follows the Vulnerability Assessment Framework and associated tactics, techniques, and procedures. See Vulnerability Assessment Framework
- 01 | Engagement Planning
- 02 | Threat Modeling
- 03 | Discovery
- 04 | Vulnerability Scanning
- 05 | Validation
- 06 | Remediation
- 07 | Reporting
-
Acheron Tech Stack
-
Python Parsers
-
MySQL Backend Database
-
Electron App GUI
-
Javascript
-
ReactJS
-
JSON Configuration Files
-
Building the GUI
-
Install npm
-
cd to gui/
-
run: npm install webpack
-
run: npm install -g electron
-
run: webpack
-
run: electron .
-
GUI should popup
Binary distributions available: exe
Acheron supports many OS and CPU builds via system agnostic design choices; however, it must be built to accomodate each. This (the main project archive) contains binary distributions for all major OS/CPU builds. It also contains all src/dev files.
This design was chosen so that anyone can download the main archive and use the tool. For leaner, OS Specific builds, see the Binary Distribution Repository: dist
For a lightweght src only build, download the src branch.