infrascan is an Infrastructure and Wireless signal scanning and enumeration tool that provides security teams with data-rich insights into infrastructure resources and targets. Designed with data-modeling and data-integration needs in mind, infrascan can be used on its own as an interactive CLI, orchestrated as part of a broader data pipeline, or leveraged from within the Method Platform.

The types of scans that infrascan can conduct are constantly growing. For the most up to date listing, please see the documentation here

To learn more about infrascan, please see the Documentation site for the most detailed information.

Quick Start

Get infrascan

For the full list of available installation options, please see the Installation page. For convenience, here are some of the most commonly used options:

• Download the latest binary from the Github Releases page
• docker run methodsecurity/infrascan
• docker run ghcr.io/method-security/infrascan
• Installation documentation

[!WARNING] Because many of the commands in infrascan directly use network interfaces it is highly reccommended to use the binary directly and not docker, whenever possible. It is possible to use Linux Docker on Linux, however various access must be granted and the setup is not easy.

Examples

# Discover wireless access points
infrascan discover waps --timeout 60

Developer Setup

infrascan uses Fern for creating multi-language bindings. This is used for structuring input and output amongst tools.

1. Install Fern: https://buildwithfern.com/learn/sdks/overview/quickstart

2. Generate your fern types with:

fern generate --group local

1. Ensure dependencies are installed and tested with:

./godelw verify

Building a Statically Compiled Container for Local Testing

(Reference reusable-build.yaml)

1. Build ARM64 builder image: docker buildx build . --platform linux/arm64 --load --tag armbuilder -f Dockerfile.builder

2. Build ARM64 image: docker run -v .:/app/infrascan -e GOARCH=arm64 -e GOOS=linux --rm armbuilder goreleaser build --single-target -f .goreleaser/goreleaser-build.yml --snapshot --clean

3. cp dist/linux_arm64/build-linux_linux_arm64/infrascan .

4. docker buildx build . --platform linux/arm64 --load --tag infrascan:local -f Dockerfile

5. Open shell: docker run -it --rm --entrypoint /bin/bash infrascan:local

6. OR run command without shell example: docker run infrascan:local discover dns certs --domain example.com -o json

(MacOS) Setting up Cursor / VSCode to properly lint Go files

Because there is CGO used in this project, it can be tricky to get the linters to fully recognize some of the C based dependencies. This sets up Cursor to inherit your shell init (e.g. .zshrc).

To ensure linting is working:

1. Setup Cursor shell command from inside Cursor (or Code):

• Open Command Palette
• Search for Shell Command: Install (cursor) shell command and run it
• Close cursor

1. Run Cursor from a terminal in this target repo folder with cursor .
2. Fix your user settings to point to your proper go executable

• take note of which go
• Open user settings with Command Palette -> Preferences: Open User Settings (JSON)
• Add:

"go.alternateTools": {
    "go": <your go path here>
}

1. Restart the Go Language Server

Contributing

Interested in contributing to infrascan? Please see our organization wide Contribution page.

Want More?

If you're looking for an easy way to tie infrascan into your broader cybersecurity workflows, or want to leverage some autonomy to improve your overall security posture, you'll love the broader Method Platform.

For more information, visit us here

Community

infrascan is a Method Security open source project.

Learn more about Method's open source source work by checking out our other projects here or our organization wide documentation here.

Have an idea for a Tool to contribute? Open a Discussion here.