Advanced offensive security & monitoring tool by Volkan Sah
Warning
Professional Use Only — Read Carefully! This tool is designed for experienced security professionals and researchers. It provides a modular framework for comprehensive security monitoring, CMS analysis, and Tor traffic observation. PoisonIvory is not a beginner script! It intentionally lacks automated dependency checks or full error handling to prevent misuse by unskilled users. Errors, missing components, or crashes are part of the intended learning curve.
PoisonIvory is a powerful, modular security tool that combines:
- Full CMS security scanning
- Comprehensive port, web, and SSL/TLS analysis
- Vulnerability assessment using tools like Nmap, Nuclei, Wapiti, OpenVAS
- Tor traffic monitoring and malicious relay detection
- Continuous suspicious activity logging
- Automated emergency scans on threshold events
It can be used for:
- Offensive security research (authorized environments only)
- Hardening your own infrastructure
- Educational purposes for security experts
- CMS domain & onion address monitoring
- Modular port, web, SSL/TLS & vulnerability scanning
- Integration with industry tools: Nmap, Nikto, Dirb, Gobuster, WhatWeb, SSLScan, testssl.sh, Nuclei, Wapiti, OpenVAS
- Suspicious traffic detection via regex patterns
- Emergency scans on repeated incidents
- Tor circuit management and relay blacklist support
- Continuous monitoring mode with automated reporting
PoisonIvory depends on several external tools:
- Python 3.x
scapy(optional, for packet sniffing)stem(optional, for Tor interaction)- Nmap, Nikto, Dirb/Gobuster, WhatWeb, SSLScan, testssl.sh, Nuclei, Wapiti, OpenVAS
Important: No automatic dependency check is included — this is intentional. You are expected to understand your environment, install necessary tools, and deal with errors appropriately.
-
Clone the repository
-
Run
python3 PoisonIvory.py create-configto generate a default config (soon!) -
Edit the configuration file to match your target
-
Run scans or start continuous monitoring:
python3 PoisonIvory.py scan <config_file> python3 PoisonIvory.py monitor <config_file>
For detailed options and functionality, read the code — this tool is made for people who actually read code.
- This tool must only be used in authorized environments (your own systems or with explicit permission)
- Unauthorized scanning or interception of traffic is illegal in most jurisdictions
- The author takes no responsibility for misuse, damage, or legal consequences
- You are responsible for understanding local laws and ethical guidelines
PoisonIvory intentionally exposes the user to errors if tools are missing or misconfigured. This serves two purposes:
- To prevent unskilled individuals from using the tool recklessly
- To encourage real learning through troubleshooting and analysis
If you don’t know how to handle a stack trace, you should not run this tool.
Because real-world security doesn’t work through clicky dashboards. If you need colors and icons, you’re in the wrong place. This tool is for terminal warriors who prefer raw output, log files, and clean reports.
This software is provided as-is, without warranty or guarantees of any kind. The author cannot be held responsible for any damage, legal trouble, or misuse. Use responsibly. Think before you scan. Learn before you execute.
If you appreciate this work:
- Give a ⭐ on On this Repo (PoisonIvory)
- Consider sponsoring development
- Or just… stay ethical and sharp
This README.md was crafted with the help of OpenAI's GPT-4o — powered by AI, perfected by humans.
