Giters

CYBERTHREATANALYSIS / ESXi_ransomware_scanner

ESXi EZ - A custom scanner that takes list of IPs either in JSON, CSV or individually and checks for infection CVE-2021-21974

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

ESXi_ransomware_scanner

A program that scans IP addresses for signs of ESXi compromise by grabbing the ransom note from an html page and comparing the strings.

Requirements

  • python 3.x
  • requests
  • BeautifulSoup
  • tqdm
  • colorama

Installation

Use the package manager pip to install the required packages.

    pip install requests
    pip install bs4
    pip install tqdm
    pip install colorama

Usage

Run the program with Python 3:

python ESXi_EZ_Scanner.py

Menu

The program will display the following menu:

Scanning a single IP address

Select option 1 from the menu and enter the IP address you wish to scan. The program will then display a message indicating whether the IP address is infected or not.

Scanning IP addresses from a CSV file

Select option 2 from the menu and enter the name of the CSV file. The file should contain a list of IP addresses, with one IP address per row. The program will then scan each IP address and display a message indicating whether each IP address is infected or not.

Scanning IP addresses from a JSON file

Select option 3 from the menu and enter the name of the JSON file. The file should contain a list of IP addresses, with each IP address represented as a string in the list. The program will then scan each IP address and display a message indicating whether each IP address is infected or not.

Contributing

Pull requests are welcome. For major changes, please open an issue first to discuss what you would like to change.

About

ESXi EZ - A custom scanner that takes list of IPs either in JSON, CSV or individually and checks for infection CVE-2021-21974

Languages

Language:Python 100.0%