+-blue.svg){kind=icon}
PortPilot is a cutting-edge port scanning tool designed specifically for offensive security disciplines such as bug bounty hunting and penetration testing. Its unique distributed architecture allows scalable agents to be deployed globally, providing unparalleled scanning capabilities. Getting started with PortPilot is as easy as installing the agent and entering the RabbitMQ connection information. The newly added agent is dynamically integrated into the system, ensuring seamless functionality.
For ease of use, PortPilot comes with a web UI. But that's not all - it also supports API calls, offering flexibility in how you interact with the tool. To keep track of your scan results, you can conveniently use Grafana. In short, PortPilot is an indispensable tool for those seeking to augment their offensive security capabilities.
REACT_APP_BASE_URL: You can change the assignment of the variable according to your own server ip information. Or you can keep it as default.
Default .env variable:
REACT_APP_BASE_URL=http://127.0.0.1:8000-
make build: Use to build components of the project.
make build
-
make up: Use this command to start the application.
make up
-
make migrate: Run the following command to create and update the database.
make migrate
After following these steps, your application will be successfully installed.
Note: During the make migrate command you may be prompted to enter the password from your .env file.
-
make up: Use this command to start the application. Then Application will be avaible at http://localhost:8080
make up
-
make Down: Run the following command to stop application services.
make migrate
PortPilot plays a critical role. It serves as the conduit, directing the hosts that are to be scanned towards RabbitMQ. RabbitMQ, in turn, is consumed by agents. These agents are in a constant race with each other, each striving to be the first to pop the hosts that are queued up for scanning.
This competition is irrespective of the number of agents involved. Regardless of how many there are, the principle remains the same: the agent who succeeds in popping first initiates the scanning of the IP address embedded in the message. Once the scan is complete, the results are meticulously documented and stored in Elasticsearch for future reference and analysis.
