Custom Modules¶
Create custom security testing modules to extend APHIDS capabilities.
Overview¶
Custom modules allow you to integrate your own tools and scripts into the APHIDS framework.
Module Structure¶
Basic Module¶
class CustomModule:
def __init__(self):
self.name = "custom_scanner"
self.description = "Custom security scanner"
self.version = "1.0.0"
def execute(self, target, options):
# Your scanning logic here
results = self.scan(target, options)
return self.parse_results(results)
def scan(self, target, options):
# Execute your tool
pass
def parse_results(self, raw_output):
# Parse tool output to Hive format
pass
Creating a Module¶
Step 1: Define Module¶
Module Metadata: - Name - Description - Version - Author - Dependencies
Step 2: Implement Execution¶
Execute Method: - Accept target and options - Run your tool - Capture output - Handle errors
Step 3: Parse Output¶
Parser: - Convert tool output to Hive format - Extract assets - Identify vulnerabilities - Structure data
Step 4: Test¶
Testing: - Unit tests - Integration tests - Test with real targets - Validate output format
Step 5: Package¶
Packaging: - Create module package - Include dependencies - Add documentation - Version control
Module Types¶
Scanner Modules¶
Purpose: Discover assets and vulnerabilities
Examples: - Port scanners - Web scanners - Vulnerability scanners
Enumeration Modules¶
Purpose: Gather detailed information
Examples: - Service enumeration - User enumeration - Directory enumeration
Exploitation Modules¶
Purpose: Validate vulnerabilities
Examples: - Proof of concept exploits - Authentication bypass - Privilege escalation
Output Format¶
Asset Discovery¶
{
"assets": [
{
"type": "url",
"value": "https://example.com/admin",
"attributes": {
"status_code": 200,
"content_type": "text/html"
}
}
]
}
Vulnerability Discovery¶
{
"vulnerabilities": [
{
"title": "SQL Injection",
"severity": "critical",
"cvss": 9.8,
"description": "SQL injection in login form",
"affected_asset": "https://example.com/login",
"evidence": "..."
}
]
}
Best Practices¶
✅ Error Handling: Handle failures gracefully
✅ Logging: Detailed logging for debugging
✅ Documentation: Clear usage instructions
✅ Testing: Thorough testing
✅ Performance: Optimize for speed
✅ Security: Don't introduce vulnerabilities
Example Modules¶
Example 1: Custom Port Scanner¶
class CustomPortScanner:
def __init__(self):
self.name = "custom_port_scanner"
def execute(self, target, options):
ports = options.get('ports', '1-1000')
results = self.scan_ports(target, ports)
return self.parse_results(results)
Example 2: Custom Web Scanner¶
class CustomWebScanner:
def __init__(self):
self.name = "custom_web_scanner"
def execute(self, target, options):
results = self.scan_web(target)
return self.parse_results(results)
Troubleshooting¶
Module Won't Load¶
Check: - Python syntax - Dependencies installed - Module path - Permissions
Module Fails¶
Debug: - Check logs - Test manually - Validate input - Review error messages
Related: Modules Overview | Integration | Configuration