Title: ARL Enhanced Renovation of Asset Scan Artifact

Pull Item

First clone it from GitHub to the server.

git clone https://github.com/ki9mu/ARL-plus-docker/

Modify the configuration file

Because ARL has a blacklist in the configuration file, sometimes the project is GOV or EDU or the like cannot be scanned, so modifying the configuration file here can lift the restrictions.

cd ARL-plus-docker/

vi config-docker.yaml just delete a few items in the blacklist here

After modification:

Add and modify Riskiq and fofa APIs

The Oneforall module is added in the enhanced version, so it needs to be opened in the configuration file, because the default code in the clone is Flase, and you can replace the switch you want to turn on here with Ttue.

vi oneforall-config/setting.py

After modification:

After modifying it to the configuration file, start docker. First add a volume, and then docker-compose up -d can be started directly. If it is very slow when pulling the image, you can change the docker source.

docker volume create --name=arl_db

docker-compose up -d

When you see a row of done, it means that it is successful. At this time, you need to enter the container to modify the python code, because there is also a blacklist in the python script. First use docker ps to check the container ID, then enter this container for modification, and use vi for editing.

docker ps #View container ID

docker exec -it corresponding ID bash

vi app/config.py before modification:

Add fingerprint

After successful installation, add a fingerprint to give your lighthouse a stronger fingerprint.

Address: https://vps:5003/

Default account secret: admin\arlpass

git clone https://github.com/loecho-sec/ARL-Finger-ADD

cd ARL-Finger-ADD

python ARL-Finger-ADD.py -O https://vps:5003/admin arlpassCOPY

Installation successfully

Log in with the default password, and then modify the default password in the upper right corner to use it happily.