overflow.docs

How to use

Overflow is based on node graphs, which are "blocks" (e.g. nodes) connected with each other. Each node gets something as input from nodes connected from the left, does something with it and passes the output along to other nodes, connected from the right.

To add a node, double-click empty space in your workspace. Then you can choose what type of node you want to add, set up the parameters, etc.

To connect nodes between each other, drag your mouse from a right-side connector to a left-side connector.

Please note: some modules require the corresponding tools to be installed an in PATH. If you don't have them installed in your system, the modules will not work and will throw an error!

On the bottom panel, there are logs and controls on the left side and the tasks view on the right side.

The logs display all vulnerable targets, errors and messages.

The tasks view displays all currently running tasks, such as scanning or auditing.

As for the controls...

Run - runs the current workspace, starting from the input nodes (such as overflow/const or overflow/crtsh)
Clear logs - clears the logs
Save - saves the workspace to a .json file
Load - loads the workspace from a .json file
Docs - opens this page

Nodes documentation

overflow/const

Allows you to paste in or type in a raw list of targets to scan. Targts are separated by newlines.

overflow/log

Logs a target as vulnerable with an optional custom messsage. The logged target will appear in the "Logs" section.

overflow/hasport

Takes in a list of targets as input and only outputs those targets that have a port in them.

overflow/iprange

Takes an IP and a mask, generates a CIDR notation with them (e.g. IP = 192.168.1.0, MASK = 24 -> CIDR = 192.168.1.0/24) and outputs all IPs for that notation.

Note: Please keep in mind that all IPs are stored in memory at once as strings, so please do not run this with masks lower than 12.

overflow/nmap

Takes in a list of targets as input and outputs targets with open ports using nmap (installed separately).

Example: 192.168.1.45 -> 192.168.1.45:80, 192.168.1.45:22

overflow/stripports

Takes in a list of targets with ports as input and outputs targets without their ports.

Example: 192.168.1.45:80 -> 192.168.1.45

overflow/crtsh

Makes a request to crt.sh and returns unique subdomains.

overflow/stripproto

Takes in a list of targets with protocols as input and outputs targets without their protocols.

Example: ftp://192.168.1.45 -> 192.168.1.45

overflow/prefixsuffix

Adds a prefix and a suffix to a target, can be useful for adding protocols, ports or paths.

overflow/metasploitcheck

Checks a target using metasploit (installed separately) with the specified exploit. Metasploit is launched with overflow if present on the system.

overflow/lograw

Logs text as-is.

overflow/strippaths

Strips paths from targets.

overflow/burp

Connects to a running Burp Suite (installed separately) instance and scans a webpage using a preset configuration (created in Burp Suite). Requires a valid URL as input and Burp Suite to be set up properly (google "burp suite rest api").

overflow/sublist3r

Like overflow/crtsh, but using Sublist3r (installed separately). The path to Sublist3r can be customized.

overflow/zap

Like overflow/burp, but connects to a running ZAP instance (installed separately). To set up ZAP, go to Settings -> API and generate an API key.

Has two modes: spider and scan. Please note that unless a URL was detected by ZAP with spider, scan can't scan it. Also, spider only returns targets, while scan only returns logs.

overflow/sqlmap

Takes a valid URL as an input and runs sqlmap (installed separately) with customizable parameters. The path to sqlmap can be customized.

overflow/hasproto

Takes in a list of targets as input and only outputs those targets that have a protocol in them.

overflow/haspath

Takes in a list of targets as input and only outputs those targets that have a path in them.

overflow/regex

Takes in a list of targets as input and only outputs those targets that match a set regex pattern.

overflow/regexmatch

Takes in a list of targets as input and outputs regex matches from the inputs.

overflow/regexreplace

Takes in a list of targets as input and outputs those targets with text matching set regex pattern replaces with set text.

overflow/deduplicate

Deduplicates a list of targets. Only works when given a list of targets, not when targets are sent individually.

overflow/sortabc

Alphabetic sorting of targets.

overflow/dns

DNS resolver. Resolves to both v4 and v6 IPs.

overflow/dnsreverse

Reverse DNS resolver. Resolves to domains. Uses ipinfo.io

overflow/file

Appends the input to the specified file.

overflow/logpost

Sends the targets to an HTTP endpoint using POST. It sets the User-Agent header to overflow and sends a JSON array.