Home

🚀 Quick Start Guide

Get started with VIGIL in minutes! This guide will walk you through your first security assessment.

🎯 First Security Scan

Step 1: Basic Network Discovery

Discover all active hosts on your local network:

# Basic host discovery
python vigil.py --discover 192.168.1.0/24

# With verbose output
python vigil.py --discover 192.168.1.0/24 -v

# Save results to file
python vigil.py --discover 192.168.1.0/24 --output results.json

Step 2: Targeted Port Scanning

Scan specific hosts for open ports and services:

# Quick scan of common ports
python vigil.py -t 192.168.1.10 -p 22,80,443,3389

# Full port range scan
python vigil.py -t 192.168.1.10 -p 1-65535

# Fast scan (skip CVE checks)
python vigil.py -t 192.168.1.10 --fast

Step 3: Security Assessment

Perform comprehensive security analysis:

# Full security assessment with CVE checks
python vigil.py -t 192.168.1.10 -p 1-1000 --cve-check -v

# With custom timeout for slow networks
python vigil.py -t 192.168.1.10 --timeout 2.0 -v

Step 4: Real-time Monitoring

Activate IDS monitoring mode:

# Basic monitoring
python vigil.py --vigilant -i "Ethernet"

# With custom alert threshold
python vigil.py --vigilant -i "Ethernet" --alert-threshold 5

# Custom packet filter
python vigil.py --vigilant --bpf "tcp and port 443"

📊 Understanding the Output

Discovery Results

[+] Host Discovery Results
┌──────────────┬─────────────┬──────────────┬─────────────┐
│ IP Address   │ MAC Address │ Vendor       │ Response    │
├──────────────┼─────────────┼──────────────┼─────────────┤
│ 192.168.1.1  │ aa:bb:cc... │ Cisco Systems│ 2.3ms       │
│ 192.168.1.10 │ dd:ee:ff... │ Apple Inc.   │ 1.8ms       │
└──────────────┴─────────────┴──────────────┴─────────────┘

Port Scan Results

[+] Port Scan Results
┌──────────────┬──────┬─────────────┬─────────────┬───────────────┐
│ Port         │ State│ Service     │ Version     │ CVE           │
├──────────────┼──────┼─────────────┼─────────────┼───────────────┤
│ 22           │ OPEN │ SSH         │ OpenSSH 7.4 │ CVE-2018-15473│
│ 80           │ OPEN │ HTTP        │ Apache 2.4  │ CVE-2017-7679 │
│ 443          │ OPEN │ HTTPS       │ nginx 1.18  │ None          │
└──────────────┴──────┴─────────────┴─────────────┴───────────────┘

IDS Monitoring

[!] IDS Alert: SYN Flood Detected
    Source: 192.168.1.100
    Target: 192.168.1.10
    Count: 150 connections in 10s
    Threshold: 10 connections

🔧 Common Use Cases

1. Network Security Audit

# Complete network assessment
python vigil.py --discover 192.168.1.0/24 --save-results
python vigil.py -t 192.168.1.10 -p 1-1000 --cve-check -v
python vigil.py -t 192.168.1.20 -p 1-1000 --cve-check -v

2. Web Server Security Check

# Focus on web services
python vigil.py -t example.com -p 80,443,8080,8443 --cve-check -vv

3. Internal Network Monitoring

# Continuous monitoring
python vigil.py --vigilant -i "Ethernet" --alert-threshold 10 --log-file security.log

4. Quick Security Check

# Fast assessment for large networks
python vigil.py -t 192.168.1.0/24 --fast --threads 200

⚡ Performance Tips

For Large Networks

# Increase thread count
python vigil.py -t target.com --threads 200

# Use fast mode
python vigil.py -t target.com --fast

# Scan specific port ranges
python vigil.py -t target.com -p 21,22,23,25,53,80,110,143,443,993,995

For Slow Networks

# Increase timeout
python vigil.py -t target.com --timeout 3.0

# Reduce threads
python vigil.py -t target.com --threads 50

For Accurate Results

# Enable verbose mode
python vigil.py -t target.com -vv

# Enable all checks
python vigil.py -t target.com --cve-check --no-fast

🛠️ Advanced Examples

Custom Packet Filtering

# Monitor only HTTPS traffic
python vigil.py --vigilant --bpf "tcp and port 443"

# Monitor specific subnet
python vigil.py --vigilant --bpf "net 192.168.1.0/24"

# Monitor specific protocols
python vigil.py --vigilant --bpf "icmp or udp"

Output Formats

# JSON output
python vigil.py -t target.com --output results.json --format json

# CSV output
python vigil.py -t target.com --output results.csv --format csv

# XML output
python vigil.py -t target.com --output results.xml --format xml

🔍 What to Look For

Critical Security Indicators

• Open SSH with old versions: Often vulnerable to brute force
• HTTP without HTTPS: Potential data interception
• Default ports: May indicate default configurations
• Multiple web services: Potential attack surface

Network Anomalies

• Unexpected open ports: May indicate malware or backdoors
• Services on non-standard ports: Potential evasion techniques
• Multiple versions of same service: Configuration issues

🚨 Security Best Practices

Before Scanning

1. Get Permission: Always have written authorization
2. Test Environment: Start with non-production systems
3. Network Impact: Be aware of scanning impact

During Scanning

1. Monitor Performance: Watch for network degradation
2. Log Everything: Keep detailed scan logs
3. Be Responsible: Don't exploit found vulnerabilities

After Scanning

1. Review Results: Analyze findings carefully
2. Prioritize Issues: Focus on critical vulnerabilities
3. Document Everything: Create security assessment reports

🆘 Getting Help

If you need assistance:

1. Check the User Guide for detailed documentation
2. Review Troubleshooting for common issues
3. Visit GitHub Discussions for community support
4. Open an Issue for bugs or feature requests

🎯 Next Steps

• Read the complete User Guide
• Check the Command Reference
• Learn about Configuration options

---

Ready to become a security expert? Start exploring VIGIL's advanced features!

Last updated: 2025-04-22