Hi. First off, thanks so much for this very advanced security framework, that's 100% free! :3 <3

Well, I've gotten issues pulling files at times, even after turning off my firewall. At one time, it said I had some stuff already in the system, and if I want to replace them, and since I got them from the install of yours, I said no. I'm guessing no error from that. Then it tries to install your framework, and it keeps on failing. I've attached some screenshots and the install log file.

install.log

Thanks so much, sir! Shalom. <3 ^_^

it was work perfectly before i install some tools like assetfinder and wayback url
on terminal give me this:
MongoDB is running. Continuing...

• Serving Flask app 'toolkit-service'
• Debug mode: on
  tail: logs/toolkit.log: file truncated
• Serving Flask app 'toolkit-service'
• Debug mode: on
  on the browser give me this:

Compiled with problems:

ERROR

[eslint] EACCES: permission denied, mkdir '/home/kaskovish/ars0n-framework/client/node_modules/.cache'

Sir, could you please resolve this issue? I have installed this framework in Clein Kali Linux (2023.3), but I cannot get it to run in the browser, and I cannot add domains to the framework. The framework was suddenly stuck, and I cannot operate. If you have solved this issue, I would like to thank you. This framework helps me a lot, and I need it a lot.

[ERROR] 2024-02-06 18:40:12.225713 | Fire-Starter.py -- Amass Exception: [Errno 2] No such file or directory: './temp/amass.tmp'
and i do not have this directory i tried to find it and nothing

I recently made a docker container for ars0n framework so I can run it on one of my servers. The problem is the website is not fully accessible unless you are accessing it on localhost. Same goes for just a regular install. Switch to bridged adapter in vbox and try to access the website from the host box and you will see what I mean.

W: https://repo.mongodb.org/apt/debian/dists/buster/mongodb-org/4.4/Release.gpg: Key is stored in legacy trusted.gpg keyring (/etc/apt/trusted.gpg), see the DEPRECATION section in apt-key(8) for details.
--2024-02-29 19:35:33-- http://archive.ubuntu.com/ubuntu/pool/main/o/openssl/libssl1.1_1.1.1f-1ubuntu2_arm64.deb
Resolving archive.ubuntu.com (archive.ubuntu.com)... 91.189.91.82, 91.189.91.83, 185.125.190.36, ...
Connecting to archive.ubuntu.com (archive.ubuntu.com)|91.189.91.82|:80... connected.
HTTP request sent, awaiting response... 404 Not Found
2024-02-29 19:35:33 ERROR 404: Not Found.

dpkg: error: cannot access archive 'libssl1.1_1.1.1f-1ubuntu2_arm64.deb': No such file or directory
rm: cannot remove 'libssl1.1_1.1.1f-1ubuntu2_arm64.deb': No such file or directory
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
Package 'mongodb-server-core' is not installed, so not removed
The following packages were automatically installed and are no longer required:
cython3 kali-debtags libboost-dev libboost1.74-dev libhiredis0.14 libjavascriptcoregtk-4.0-18 libopenblas-dev libopenblas-pthread-dev libopenblas0
libperl5.36 libpython3-all-dev libpython3.12 libpython3.12-dev libqt5multimedia5 libqt5multimedia5-plugins libqt5multimediagsttools5
libqt5multimediawidgets5 librtlsdr0 libucl1 libwebkit2gtk-4.0-37 libxsimd-dev libzxing2 perl-modules-5.36 python3-all-dev python3-backcall
python3-beniget python3-future python3-gast python3-pickleshare python3-pythran python3-requests-toolbelt python3-rfc3986 python3-unicodecsv
python3.12-dev xtl-dev
Use 'sudo apt autoremove' to remove them.
0 upgraded, 0 newly installed, 0 to remove and 10 not upgraded.
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
E: Unable to locate package mongodb-org
Failed to start mongod.service: Unit mongod.service not found.
Failed to enable unit: Unit file mongod.service does not exist.
[!] Something went wrong! MongoDB was NOT installed successfully...

Hi ars0n,

firstable you have a great idea and a framework. Unfortunately i cannot use it and i don't know if i miss something or it has something to do with Kali and the MongoDB version.

Installation works fine but after running the first scan i see the command output but don't the results in the Web GUI.

I make some observations and here are some points that i found out. Maybe i don't understand or i'm confused, but i want to to let you know what makes me confusing.

If you need further information on specific data i will do the best that i can to collect the needed data and will provide this for you.

Many thanks from Düsseldorf, Germany :)

In the run.sh script there's mongodb mentioned.

#!/bin/bash

sudo systemctl enable mongodb 2>/dev/null
sudo systemctl start mongodb 2>/dev/null
node server/server.js &
cd client
npm run start

But the only service/unit related to MongoDB is "mongod" and NOT "mongodb"

See results below

systemctl status mongodb
Unit mongodb.service could not be found.

┌──(root㉿kali)-[~]
└─# systemctl status mongod
● mongod.service - MongoDB Database Server
Loaded: loaded (/lib/systemd/system/mongod.service; enabled; preset: di>
Active: active (running) since Wed 2023-09-20 05:42:49 EDT; 33min ago
Docs: https://docs.mongodb.org/manual
Main PID: 733 (mongod)
Memory: 251.9M
CPU: 17.600s
CGroup: /system.slice/mongod.service
└─733 /usr/bin/mongod --config /etc/mongod.conf

Sep 20 05:42:49 kali systemd[1]: Started mongod.service - MongoDB Database S>
Sep 20 05:42:49 kali mongod[733]: {"t":{"$date":"2023-09-20T09:42:49.475Z"},>

Next thing under "/etc/mongod.conf"

The port is 27017 and on your setup it's 8000. But if try to change it in the conf file to 27017 it doesn't work. Also the same way if a try it in the wildfire.py script.

network interfaces

net:
port: 27017
bindIp: 127.0.0.1

This is my kali version :

Linux kali 6.4.0-kali3-amd64 #1 SMP PREEMPT_DYNAMIC Debian 6.4.11-1kali1 (2023-08-21) x86_64 GNU/Linux

[+] Done! Start: 14:27:19 | Stop: 14:27:19

Automatically stopping

I just can't get the Add FQDN to add anything, in your video it pops up in a new page, mine responds exactly like in the SS, the button never responds :)

System python is kind tough to work with dependency wise across multiple projects - what would the community's thoughts be on creating a virtual environment in a hidden directory with a virtualenv in the home dir of the user and sourcing it in run.sh?

this framework does not run properly

After Installing It directly shows the FQDN button and it not working .

I tried installing again but it gives the same issue it show FQDN button and after clicking it doesn't work.

executing "python3 wildfire.py --start --scan -b site,site,site,site,site" will result in
File "/root/tools/ars0n-framework/toolkit/toolkit/engulf.py", line 13, in get_target_url_string
return thisFqdn['targetUrls'][0]
~~~~~~~~~~~~~~~~~~~~~~^^^
IndexError: list index out of range

From what I understand, it's like we are not providing any argument to the script.
One suggestion: besides the blacklist option, it would be nice if we were able to select a specific a fqdn which we want to perform a scan on :)

I have installed the framework but facing this error

Traceback (most recent call last):
  File "/home/kali/Downloads/ars0n-framework/toolkit/toolkit-service.py", line 1, in <module>
    from flask import Flask, jsonify, request
  File "/usr/lib/python3/dist-packages/flask/__init__.py", line 5, in <module>
    from .app import Flask as Flask
  File "/usr/lib/python3/dist-packages/flask/app.py", line 34, in <module>
    from . import cli
  File "/usr/lib/python3/dist-packages/flask/cli.py", line 15, in <module>
    from click.core import ParameterSource
ImportError: cannot import name 'ParameterSource' from 'click.core' (/usr/local/lib/python3.11/dist-packages/click/core.py)

What is the issue here?

When running python3 install.py I receive a "Something went wrong!" error.
I've tried installing on a fresh Kali build resulting in the same error.
I see the error pops up when it's trying to install Mongodb.

Hello there, Im unable to add a FQDN I had try already in different browsers but nothing please help, thanks in advanced.

so idk but there are a problems face while install nodjs maybe will put photo

https://easyupload.io/cko2ia

Hey rs0n,

So I've seen previous issues where the FQDN button wouldn't click due to the misconfigured mongod.
The main issue here is that the latest Mongo version is not integrating well with the latest Kali build, so an older version is needed.

Manual installations for Mongo are offered for Debian 10 (buster) only while the latest Kali build is Debian 11 (bullseye); however, the v10 build still works.

I provided the commands below to get it up and running so you can add it to the install.py script. If you'd like me to issue a pull request, I'd be more than happy to!

The mongodb-server-core package needs to be removed due to a conflict it makes with the mongodb-org-server.

wget -qO - https://www.mongodb.org/static/pgp/server-4.4.asc | sudo apt-key add -
echo "deb [arch=amd64] https://repo.mongodb.org/apt/debian buster/mongodb-org/4.4 main" >> /etc/apt/sources.list.d/mongodb-org-4.4.list
sudo apt-get update
sudo apt-get remove mongodb-server-core
sudo apt-get install mongodb-org
sudo systemctl start mongod
sudo systemctl enable mongod

This solved the problem for me, I tried all the fixes I can but this seemed to be the most stable.
Cheers!

[+] Assetfinder installed successfully!
[!] Gau is NOT already installed. Installing now...
--2023-12-17 11:31:06-- https://github.com/lc/gau/releases/download/v2.1.2/gau_2.1.2_linux_amd64.tar.gz
Resolving github.com (github.com)... 20.233.83.145
Connecting to github.com (github.com)|20.233.83.145|:443... connected.
HTTP request sent, awaiting response... 302 Found
----SNIP
Resolving objects.githubusercontent.com (objects.githubusercontent.com)... 185.199.108.133, 185.199.109.133, 185.199.110.133, ...
Connecting to objects.githubusercontent.com (objects.githubusercontent.com)|185.199.108.133|:443... connected.
(and its stuck here)

I m unable to install your framework on latest kali linux

Hello,
I'm giving a look to this framework, and I gave a check to install.py. I'm noting that all the dependency tools are saved in $HOME/Tools folder.

If I have already a tool like sublist3r installed by the package manager (so it is already installed in /bin folder instead of $HOME/Tools), the framework will still see it as "missing" tool?

I'm asking you this question because I was thinking to create an Arch Linux package for Athena OS of ars0n-framework (to be published in Athena repository) that could be installed easily by sudo pacman -S ars0n-framework where all dependencies are automatically installed. My doubt is that, if the framework requires that tools must be stored in $HOME/Tools it could not be effective.

Let me know please.

While running wildfire.py --scan, it kicks off Nuclei scans. The Nuclei scans open chrome windows for each test for prototype pollution. These aren't always closed automatically by the script, so would be good to have something that checks for stranded processes and kills them.

Traceback (most recent call last):
File "/home/kali/ars0n-framework/toolkit/wildfire.py", line 228, in
main(args)
File "/home/kali/ars0n-framework/toolkit/wildfire.py", line 212, in main
start(args)
File "/home/kali/ars0n-framework/toolkit/wildfire.py", line 36, in start
fqdn_json = json.loads(res.text)
^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3.11/json/init.py", line 346, in loads
return _default_decoder.decode(s)
^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3.11/json/decoder.py", line 337, in decode
obj, end = self.raw_decode(s, idx=_w(s, 0).end())
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3.11/json/decoder.py", line 355, in raw_decode
raise JSONDecodeError("Expecting value", s, err.value) from None
json.decoder.JSONDecodeError: Expecting value: line 1 column 1 (char 0)

so, I did run the wildfire command and when I refresh the page, the scan status is still "NOT Running"...

how can i set up in parrot os ?

I am not sure why but after I executed the following command: python3 wildfire.py -S localhost -P 8000 --start --scan and I can see that nuclei scan is running there is no output in what pages exactly did it find potential flaws and in the CVE Testing at the front page there is zero cves after scan managed to find some

Hello,
This framework is really wonderful, and I was wondering if it's possible to add in the recon tab, within the list, a category for directory bruteforcing.
Is there an option on node.js when compiling the server to add this?

Thank you so much :)

aa

Hello, I have a problem, during installation I get an error that something went wrong, I am sending the logs attached:
logs.txt

Hi @R-s0n,

I was following your tutorial in youtube and i successfully run the wildfire script same in the video but the scan doesnt finish because of this error below

[!] Something went wrong! Exception: HTTPConnectionPool(host='127.0.0.1', port=8080): Max retries exceeded with url: http://localhost:8000/api/auto/update (Caused by ProxyError('Cannot connect to proxy.', NewConnectionError('<urllib3.connection.HTTPConnection object at 0x7f413c1024d0>: Failed to establish a new connection: [Errno 111] Connection refused')))
[-] Running Assetfinder against domain.com
[!] Something went wrong! Exception: HTTPConnectionPool(host='127.0.0.1', port=8080): Max retries exceeded with url: http://localhost:8000/api/auto/update (Caused by ProxyError('Cannot connect to proxy.', NewConnectionError('<urllib3.connection.HTTPConnection object at 0x7f413c100bd0>: Failed to establish a new connection: [Errno 111] Connection refused')))
[-] Running Get All URLs against domain.com

Dear author:
I found a issues when i install the scripts on my m1 mac

I am receiving an error when trying to run a nuclei scan. I think port 1337 is not being opened somewhere the config is incorrect and needs to be updated to 8000

Error: AxiosError: connect ECONNREFUSED 127.0.0.1:1337
at AxiosError.from (/home/kali/bug_bountys/ars0n-framework/server/node_modules/axios/dist/node/axios.cjs:837:14)
at RedirectableRequest.handleRequestError (/home/kali/bug_bountys/ars0n-framework/server/node_modules/axios/dist/node/axios.cjs:3016:25)
at RedirectableRequest.emit (node:events:513:28)
at eventHandlers. (/home/kali/bug_bountys/ars0n-framework/server/node_modules/follow-redirects/index.js:14:24)
at ClientRequest.emit (node:events:513:28)
at Socket.socketErrorListener (node:_http_client:496:9)
at Socket.emit (node:events:513:28)
at emitErrorNT (node:internal/streams/destroy:151:8)
at emitErrorCloseNT (node:internal/streams/destroy:116:3)
at process.processTicksAndRejections (node:internal/process/task_queues:82:21)

Hi,
thinks for this excellent job .
Can you tel me how to continue scanning when i the scan is stopped with some reasons .
without starting from the beginning .
Or can i use only nuclei scan
is there a cmd for that.

installing on parrot OS

[+] Node is already installed. Checking version...
[-] Current Node Version: v12
[!] Node 18 is NOT already installed. Installing now...
[!] This can take 30+ minutes depending on your machine.
[!] Something went wrong! Please try to run the installer again or open an issue on the repo...