Axiom is a dynamic infrastructure framework to efficiently work with multi-cloud environments, build and deploy repeatable infrastructure focussed on offensive and defensive security.
Axiom works by pre-installing your tools of choice onto a 'base image', and then using that image to deploy fresh instances. From there, you can connect and instantly gain access to many tools useful for both bug hunters and pentesters. With the power of immutable infrastructure, most of which is done for you, you can just spin up 15 boxes, perform a distributed nmap/ffuf/screenshotting scan, and then shut them down.
Because you can create many disposable instances very easily, axiom allows you to distribute scans of many different tools including amass arjun aiodnsbrute anti-burl aquatone assetfinder corsy crackmapexec cf-check cngo commix concurl crlfuzz crobat dnscewl dalfox dirdar dnsgen dnsrecon dnsvalidator dnsx erlpopper exclude-cdn feroxbuster fff ffuf ffuz findomain gxss gau gauplus getJS github-endpoints github-subdomains gobuster gorgo gospider gowitness gxss hakrawler http2smugl httprobe httpx jaeles kiterunner kxss linkfinder masscan massdns medusa meg naabu nmap nuclei openredirex paramspider puredns rustscan responder s3scanner scrying shuffledns sn0int sqlmap subfinder subjack subjs testssl thc-hydra tlscout unimap wafw00f waybackurls webscreenshot whois & wpscan. Once installed and setup, you can distribute a scan of a large set of targets across 100-150 instances within minutes and get results extremely quickly. This is called axiom-scan.
Axiom supports several cloud providers, eventually, axiom should be completely cloud agnostic allowing unified control of a wide variety of different cloud environments with ease. Currently, DigitalOcean, IBM Cloud, Linode and Azure are officially supported providers. Google Compute is partially implemented and AWS is on the roadmap. If you would like prioritization of a feature or provider implementation, please contact me @pry0cc on Twitter and we can discuss :)
- Troubleshooting & FAQ
- Installation Instructions
- Scan Modules
- Installed Packages
The original and best supported provider for Axiom is Digital Ocean! If you're signing up for a new Digital Ocean account, please use my link!
Our third provider for axiom! Please use this link for
$20 $100 free credit on Linode :)
docker exec -it $(docker run -d -it --platform linux/amd64 ubuntu) sh -c "apt update && apt install git -y && git clone https://github.com/pry0cc/axiom ~/.axiom/ && cd && .axiom/interact/axiom-configure"
You should use an OS that supports our easy install.
For Linux systems you will also need to install the newest versions of all packages beforehand
sudo apt dist-upgrade.
bash <(curl -s https://raw.githubusercontent.com/pry0cc/axiom/master/interact/axiom-configure)
If you have any problems with this installer, or if using an unsupported OS please refer to Installation.
In this demo (sped up out of respect for your time ;) ), we show how easy it is to initialize and ssh into a new instance.
Sponsored By SecurityTrails!here!
If you like Axiom and it saves you time, money or just brings you happy feelings, please show your support through sponsorship! Click the little sponsor button in the header and sponsor for as little as $1 per month :)
Or buy me a coffee to keep me powered :)
Operating Systems Supported
|Windows||Yes||Yes||WSL w/ Ubuntu|
We've had some really fantastic additions to axiom, great feedback through issues, and perseverence through our heavy beta phase!
A list of all contributors can be found here, thank you all!
Tools to Date
for default provisioner
Packages Installed via apt-get
for default provisioner
Do you want to add a package to axiom? Read the wiki!