Argus is a comprehensive Python-based toolkit designed for reconnaissance tasks in cybersecurity. The developers recently released version 2.0, expanding it to include 135 modules.
This tool consolidates network analysis, web app scanning, and threat intelligence into one interface. Users access modules through an interactive CLI that supports searching, favorites, and batch runs. Network and infrastructure modules cover DNS records, open ports, SSL chain analysis, and traceroute from 1 to 52.
Web application analysis spans 53 to 102, including CMS detection, content discovery, JavaScript analyzers, and CORS scanners. Security and threat intelligence modules, numbered 103 to 135, handle Shodan queries, VirusTotal scans, subdomain takeovers, and cloud exposure checks.
| Category | Module Count | Key Examples |
|---|---|---|
| Network & Infrastructure | 52 | DNS Records, Open Ports Scan, WHOIS Lookup |
| Web Application Analysis | 50 | Directory Finder, Technology Stack Detection, GraphQL Probe |
| Security & Threat Intelligence | 33 | Censys Recon, Subdomain Enumeration, JS Malware Scanner |
Profiles like “speed” or “deep” adjust thread counts and timeouts for different scan intensities.
Installation Methods
Installation options suit various environments. Direct run requires git clone, pip install requirements, and python -m argus. Pip users type pip install argus-recon, then argus.
Full setup uses an install.sh script after cloning. Docker builds an image with volume mounts for results. All methods support Linux, macOS, and Windows via Python 3.10+.
| Option | Commands | Best For |
|---|---|---|
| No Install | git clone https://github.com/jasonxtn/argus.git; cd argus; pip install -r requirements.txt; python -m argus | Quick tests |
| Pip | pip install argus-recon; argus | Minimal setup |
| Full | git clone …; chmod +x install.sh; ./install.sh; python -m argus | Development |
| Docker | git clone …; docker build -t argus-recon:latest .; docker run … | Containers |
The CLI screenshot shows the module menu clearly.
Launch with argus, list modules with “modules”, select via “use 1”, set target like “set target example.com”, then “run”. Commands include “runall infra” for categories and “show api_status” for integrations.
Configure API keys for Shodan, VirusTotal, and Censys in settings.py or env vars. Export outputs as TXT, CSV, or JSON. Version 2.0 breaks from legacy 1.x by adding 25+ commands, multi-threading, and UI improvements.
Security experts praise its breadth for red teaming and OSINT, reducing tool sprawl. Always obtain permission; the tool includes a legal disclaimer against misuse. Argus simplifies recon workflows for pentesters and analysts.
Follow us on Google News, LinkedIn, and X for daily cybersecurity updates. Contact us to feature your stories.
