Hostile

Hostile is a framework and tooling for security testing virtualized environments such as hosting provider infrastructure. It provides guides on how to harden common hypervisors and containers.

Hostile is intended to be ran from inside of a Linux VM (eg. a VPS). It's useful for conducting black box penetration tests in virtualized environments. Instead of suggesting CVEs based on vulnerable versions, Hostile searches for common misconfigurations.

Enumeration and checks for:

Containers:
- LXC/LXD
- OpenVZ
Hypervisors:
- Xen
- VMware
- KVM/QEMU
- Hyper-V
Platforms:
- Proxmox
- XCP-NG
- OpenStack
- SolusVM
Network:
- IPv4 spoofing
- IPv6 spoofing
- Host/router access
Misc:
- Cloud-init scripts/configuration
- Random Number Generator (RNG) device

Features

Hypervisor/container/platform enumeration
Network security tests
Hardening checks
HTML reports

Here is a list of hardening checks implented. For detailed explanations and references see the Hostile wiki.

Name		Name	Last commit message	Last commit date
Latest commit History 8 Commits
.gitignore		.gitignore
LICENSE		LICENSE
README.md		README.md
config.go		config.go
detect_container.go		detect_container.go
detect_platform.go		detect_platform.go
detect_vm.go		detect_vm.go
enum.go		enum.go
go.mod		go.mod
go.sum		go.sum
interface.go		interface.go
ip_spoof.go		ip_spoof.go
linklocal.go		linklocal.go
lxc.go		lxc.go
main.go		main.go
network.go		network.go
rng.go		rng.go

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Repository files navigation

Hostile

Features

About

Uh oh!

Releases

Packages

Languages

License

RasterSec/hostile

Folders and files

Latest commit

History

Repository files navigation

Hostile

Features

About

Topics

Resources

License

Uh oh!

Stars

Watchers

Forks

Releases

Packages 0

Languages

Packages