Elite modular security scanner — AI-driven heuristics, polymorphic evasion, zero-CGO architecture.
█████╗ ███╗ ██╗██╗ ██╗██████╗ ██╗███████╗
██╔══██╗████╗ ██║██║ ██║██╔══██╗██║██╔════╝
███████║██╔██╗ ██║██║ ██║██████╔╝██║███████╗
██╔══██║██║╚██╗██║██║ ██║██╔══██╗██║╚════██║
██║ ██║██║ ╚████║╚██████╔╝██████╔╝██║███████║
╚═╝ ╚═╝╚═╝ ╚═══╝ ╚═════╝ ╚═════╝ ╚═╝╚══════╝
Version: 2.0.0 | Author: Vladimir Unknown | License: MIT
| Category | Capabilities |
|---|---|
| Engine | Worker-pool concurrency, atomic state, context cancellation, zero memory leaks |
| Evasion | Polymorphic jitter, randomized delays, packet padding, DPI bypass |
| Proxy | SOCKS5 / HTTP / HTTPS rotation, health checking, automatic failover |
| Stealth | Ghost mode, browser fingerprint spoofing, cURL / Wget mimicry |
| Adaptive | AI-driven latency analysis, trend-based speed adjustment, anti-rate-limit |
| Scanner | 9 modules + subdomain discovery, CVSS scoring, heuristic likelihood analysis |
| Reporting | HTML (risk meter, CVSS vectors), JSON, CSV + encrypted SQLite history |
| API | gRPC remote control with TLS + token authentication |
| WAF Bypass | Double URL encoding, nested Base64, Unicode escape, comment injection |
| Anti-Sandbox | Honeypot detection, sandbox environment identification |
| Security | Input sanitization, panic recovery → crash.log, stripped + PIE binary |
| Platform | Linux / Windows / macOS, zero CGO dependencies, fully static binaries |
git clone https://github.com/SepJs/anubis
cd anubis
make deps build
sudo cp anubis /usr/local/bin/# Coming soon to a tap near you
brew install SepJs/anubis/anubisSet-ExecutionPolicy Bypass -Scope Process -Force
iex ((New-Object System.Net.WebClient).DownloadString('https://raw.githubusercontent.com/SepJs/anubis/main/install.ps1'))# Passive recon (stealth)
anubis -t https://example.com -l 1
# Active scanning with ghost mode
anubis -t https://example.com -l 2 --ghost --strategy polymorphic
# Deep aggressive scan
anubis -t https://example.com -l 3 --threads 20 --deep-scan# Ghost mode — zero stdout findings, minimal requests
anubis -t https://example.com -l 2 --ghost
# Proxy rotation (SOCKS5)
anubis -t https://example.com --proxy socks5://127.0.0.1:9050
# Polymorphic delay — rotates between 4 delay patterns
anubis -t https://example.com -l 2 --strategy polymorphic
# Randomized jitter with custom variance
anubis -t https://example.com -l 2 --strategy randomized
# Full stealth profile from config
anubis -c templates/default.yaml -t https://example.com# Use YAML config with profiles
anubis -c myconfig.yaml -t https://example.com -l 2
# Example config profiles:
# stealth — 3 threads, 500ms delay, ghost mode, polymorphic
# aggressive — 50 threads, 10ms delay, fixed strategy
# default — 10 threads, 150ms delay, jitter strategy# Profile mode (CPU/mem/trace)
anubis -t https://example.com -l 1 --profile
# Resume interrupted scan
anubis --resume
# Batch scan targets
anubis --batch --batch-file targets.txt -l 1
# Update to latest version
anubis --update
# Generate documentation
anubis --gendoc╭──────────────────────────────────────────────────────────────────────────────────╮
│ ANUBIS │
├──────────────┬───────────────────────────────────────────────────────────────────┤
│ ENGINE │ Worker-pool concurrency │ Atomic state │ Context cancellation │
│ │ Zero memory leaks │
├──────────────┼───────────────────────────────────────────────────────────────────┤
│ EVASION │ Polymorphic jitter │ Randomized delays │ Packet padding │
│ │ DPI bypass │
├──────────────┼───────────────────────────────────────────────────────────────────┤
│ PROXY │ SOCKS5/HTTP/HTTPS rotation │ Health checking │ Auto failover │
├──────────────┼───────────────────────────────────────────────────────────────────┤
│ STEALTH │ Ghost mode │ Browser fingerprint spoofing │ cURL/Wget mimicry │
├──────────────┼───────────────────────────────────────────────────────────────────┤
│ ADAPTIVE │ AI-driven latency analysis │ Trend-based speed adjustment │
│ │ Anti-rate-limit │
├──────────────┼───────────────────────────────────────────────────────────────────┤
│ SCANNER │ 9 modules + subdomain discovery │ CVSS scoring │
│ │ Heuristic likelihood analysis │
├──────────────┼───────────────────────────────────────────────────────────────────┤
│ REPORTING │ HTML (risk meter, CVSS vectors) │ JSON │ CSV │
│ │ Encrypted SQLite history │
├──────────────┼───────────────────────────────────────────────────────────────────┤
│ API │ gRPC remote control with TLS + token auth │
├──────────────┼───────────────────────────────────────────────────────────────────┤
│ WAF BYPASS │ Double URL encoding │ Nested Base64 │ Unicode escape │
│ │ Comment injection │
├──────────────┼───────────────────────────────────────────────────────────────────┤
│ ANTI-SANDBOX │ Honeypot detection │ Sandbox environment identification │
├──────────────┼───────────────────────────────────────────────────────────────────┤
│ SECURITY │ Input sanitization │ Panic recovery → crash.log │
│ │ Stripped + PIE binary │
├──────────────┼───────────────────────────────────────────────────────────────────┤
│ PLATFORM │ Linux / Windows / macOS │ Zero CGO dependencies │
│ │ Fully static binaries │
├──────────────┴───────────────────────────────────────────────────────────────────┤
│ Zero CGO │ Cross-Platform │ Static │
╰──────────────────────────────────────────────────────────────────────────────────╯
| Module | Level | Description |
|---|---|---|
| PORT_SCAN | ⚪ L1 | TCP port scanning with service detection |
| SSL_CHECK | ⚪ L1 | TLS/SSL certificate analysis |
| HEADERS | ⚪ L1 | HTTP security headers audit |
| SENSITIVE_FILES | ⚪ L1 | Sensitive file and directory discovery |
| DNS | 🟡 L2 | DNS enumeration and subdomain discovery |
| SQLI | 🟡 L2 | SQL injection detection |
| XSS | 🟡 L2 | Cross-site scripting detection |
| BRUTE_FORCE | 🟡 L2 | Default credential testing |
| DISCOVERY | 🟡 L2 | Passive + brute-force subdomain discovery |
| FINGERPRINT | 🔴 L3 | Web stack fingerprinting |
- ⚪ L1 – Recon: Basic reconnaissance and passive analysis
- 🟡 L2 – Attack: Active vulnerability testing
- 🔴 L3 – Deep: Advanced fingerprinting and deep inspection
Total Modules: 9
# Local tap
brew install --HEAD ./anubis.rb
# Future: official tap
brew tap SepJs/anubis
brew install anubis# One-liner install
iex ((New-Object System.Net.WebClient).DownloadString('https://raw.githubusercontent.com/SepJs/anubis/main/install.ps1'))FROM golang:1.21-alpine AS build
RUN apk add --no-cache git
COPY . /src
WORKDIR /src
RUN CGO_ENABLED=0 go build -o /anubis ./cmd/anubis
FROM alpine:3.19
RUN apk add --no-cache ca-certificates
COPY --from=build /anubis /usr/local/bin/anubis
ENTRYPOINT ["anubis"]This tool is for authorized security testing only. Scanning systems you don't own or have written permission to test is illegal. The author assumes no liability for misuse.