Skip to content
This repository has been archived by the owner on Feb 13, 2021. It is now read-only.

Commit

Permalink
Merge pull request #1 from smoreface/patch-1
Browse files Browse the repository at this point in the history 
Update README.md
  • Loading branch information
@b1shan
b1shan committed Sep 25, 2015
2 parents ea76cc3 + b77d7d5 commit a09e0eb
Showing 1 changed file with 12 additions and 12 deletions.
24 changes: 12 additions & 12 deletions README.md
View file
Original file line number Diff line number Diff line change
@@ -1,39 +1,39 @@
Gryffin (beta)
==========

Gryffin is a large scale web security scanning platform. It is not a yet another scanner. It was written to solve two specific problems with existing scanners, that of, coverage and scale.
Gryffin is a large scale web security scanning platform. It is not yet another scanner. It was written to solve two specific problems with existing scanners: coverage and scale.

Better coverage translates to fewer false negatives. Inherent scalability translates to, capaility of scanning and supporting a large elastic application infrastructure. Or simply put, the ability to scan 1000 applications today to 100,000 applications tomorrow by straightforward horizontal scaling.
Better coverage translates to fewer false negatives. Inherent scalability translates to capability of scanning, and supporting a large elastic application infrastructure. Simply put, the ability to scan 1000 applications today to 100,000 applications tomorrow by straightforward horizontal scaling.

## Coverage
Coverage has two dimensions - one during crawl and the other during fuzzing. In crawl phase, coverage implies, being able to find as much of the application footprint. In scan phase or while fuzzing, it implies, being able to test each part of the application for applied set of vulnerabilities in a deep.
Coverage has two dimensions - one during crawl and the other during fuzzing. In crawl phase, coverage implies being able to find as much of the application footprint. In scan phase, or while fuzzing, it implies being able to test each part of the application for an applied set of vulnerabilities in a deep.

#### Crawl Coverage
Today a large number of web applications are template driven, that means, same code or path generates millions of URLs. For a security scanner, it just needs one of the million URLs that are generated by the same code or path. Gryffin's crawler does just that.
Today a large number of web applications are template-driven, meaning the same code or path generates millions of URLs. For a security scanner, it just needs one of the millions of URLs generated by the same code or path. Gryffin's crawler does just that.

##### Page Deduplication
Gryffin has a deduplication engine at its heart that compares the new page with the already seen pages. If the HTML structure of the new page is similar to the ones seen, it is classified as duplicate and not crawled further.
At the heart of Gryffin is a deduplication engine that compares a new page with already seen pages. If the HTML structure of the new page is similar to those already seen, it is classified as a duplicate and not crawled further.

##### DOM Rendering and Navigation
A large number of applications today are rich applications. They are heavily driven by client-side JavaScript. In order to discover links and code paths in such applications, Gryffin's crawler, uses PhantomJS for DOM rendering and navigation.
A large number of applications today are rich applications. They are heavily driven by client-side JavaScript. In order to discover links and code paths in such applications, Gryffin's crawler uses PhantomJS for DOM rendering and navigation.

#### Scan Coverage
As Gryffin is a scanning platform and not a scanner, it does not have its own fuzzer modules, even for fuzzing common web vulnerabilities like XSS and SQL Injection.
As Gryffin is a scanning platform, not a scanner, it does not have its own fuzzer modules, even for fuzzing common web vulnerabilities like XSS and SQL Injection.

It's not wise to reinvent the wheel where you do not have to. Gryffin at production scale at Yahoo uses open source and custom fuzzers. Some of these custom fuzzers might be open sourced in future and might or might not be part of Gryffin repository.
It's not wise to reinvent the wheel where you do not have to. Gryffin at production scale at Yahoo uses open source and custom fuzzers. Some of these custom fuzzers might be open sourced in the future, and might or might not be part of the Gryffin repository.

For demonstration purpose, Gryffin comes integrated with sqlmap and arachni. It does not endorse them or any other scanner in particular.
For demonstration purposes, Gryffin comes integrated with sqlmap and arachni. It does not endorse them or any other scanner in particular.

Philosophy is to improve scan coverage by being able to fuzz for just what you need.
The philosophy is to improve scan coverage by being able to fuzz for just what you need.

## Scale
While Gryffin is available as a standalone package, it's primarily built for scale.

Gryffin is built on the publisher-subscriber model. Each component is either a publisher or a subscriber or both. This allows Gryffin to scale horizontally by simply adding more subscriber or publisher nodes.
Gryffin is built on the publisher-subscriber model. Each component is either a publisher, or a subscriber, or both. This allows Gryffin to scale horizontally by simply adding more subscriber or publisher nodes.

## Operating Gryffin

### Pre-requisite
### Pre-requisites

1. Go
2. PhantomJS, v2
Expand Down

0 comments on commit a09e0eb

Please sign in to comment.