Cerberus Recon v3.0
Hardening & recon suite//Multi-threaded//Zero deps
High-performance network reconnaissance and security auditing for Senior DevOps and Red Teamers. Multi-threaded port scanning, banner grabbing, and a built-in vulnerability intel database — all in pure Python, no `pip install` required.
/overview
Cerberus Recon is a Python framework that automates attack surface mapping with professional-grade speed and accuracy. Built for engineers who validate firewall rules, audit container exposure, and need answers in seconds — not in five tools chained over a Sunday afternoon.
Under the hood it's a multi-threaded engine doing concurrent TCP scans, paired with active
banner grabbing — HEAD requests for HTTP/S, raw \r\n probes for everything else.
Every result is correlated against an internal vulnerability intel database that classifies targets
from HARDENED to CRITICAL based on what's actually listening.
Three scan modes ship in the box: a 12-port quick audit for the most common attack surface, a standard 1-1024 well-known sweep, and a deep recon mode that walks the full 1-65535 TCP range. The CLI loops with OS-aware screen clearing so you can run repeated audits without restarting.
/features
- Multi-threaded scan engine — no blocking delays
- Three scan modes: top-ports, standard (1-1024), deep recon (1-65535)
- Active banner grabbing — HEAD for HTTP/S, raw probes elsewhere
- Built-in vulnerability intel database (SMB, RDP, Portainer, etc.)
- Hardening classifier: HARDENED → CRITICAL severity
- Persistent interactive CLI with OS-aware screen clearing
- Service fingerprinting surfaces version + config leaks
- Audit-ready output — clean target / port / banner / risk lines
- Zero external dependencies — pure stdlib
- Cross-platform: Linux, macOS, Windows
/vuln_db
Built-in risk reference shipped with every scan. Critical findings are flagged inline in the audit report.
- 21 · FTP — cleartext sniffing risk
- 22 · SSH — verify hardening + key types
- 80 · HTTP — directory traversal / exposure
- 111 · RPC — network enumeration vector
- 139 · NetBIOS — legacy LAN attack vector
- 443 · HTTPS — TLS misconfiguration
- 445 · SMB — CRITICAL · ransomware / EternalBlue
- 3306 · MySQL — data leak if exposed
- 3389 · RDP — primary botnet target
- 8080 · HTTP-Alt — dev/admin panel exposure
- 9443 · Portainer — Docker admin panel
/stack
/install
# clone the repository $ git clone https://github.com/BitJacker/cerberus-recon.git $ cd cerberus-recon # run it (Python 3.6+ — no pip install needed) $ python cerberus.py
BitJacker@recon:~$ Enter Target (or 'exit'): 192.168.1.1 Scan Modalities: 1. Top Ports (Quick Audit) 2. Standard (1-1024) 3. Deep Recon (1-65535) BitJacker@recon:~/option$ 1 =========================================================== SECURITY AUDIT REPORT | Target: 192.168.1.1 | Author: BitJacker =========================================================== PORT 22 | SSH - Remote Management (Verify hardening & keys) > Banner: SSH-2.0-OpenSSH_8.9p1 Ubuntu-3ubuntu0.6 PORT 445 | SMB - CRITICAL (Ransomware/WannaCry vector) [CRITICAL] > Banner: Indeterminate (Firewall/Timeout) ----------------------------------------------------------- WARNING: Found 1 critical vectors. Review firewall/iptables.