search

πŸ‘‹Welcome to the Ax Framework Wiki

circle-info

Costs: While Ax is free and open-source, spinning up servers requires a cloud account.

hashtag
Overview

The Ax Framework is a free and open-source tool utilized by Bug Hunters and Penetration Testers to efficiently operate in multiple cloud environments. It helps build and deploy repeatable infrastructure tailored for offensive security purposes.

Ax includes a set of Packer Provisioner files to choose from (JSONarrow-up-right or HCLarrow-up-right), or you can create your ownarrow-up-right (recommended).

Whichever Packerarrow-up-right Provisioner you select, Ax installs your tools of choice into a "base image". Then using that image, you can deploy fleets of fresh instances (cloud hosted compute devices). When building an image using the Defaultarrow-up-right Provisioner, you can connect and immediately access a wide range of tools useful for both Bug Hunting and Penetration Testing.

Various Ax Utility Scriptsarrow-up-right streamline tasks like spinning up and deleting fleets of instances, parallel command execution and file transfers, instance and image backups, and many other operations.

Ax Framework leverages the power of ephemeral, automated infrastructure to make cloud-based scanning operations fast and efficient. With Ax, you can quickly spin up disposable cloud instances, distribute your scanning workloads, and manage large-scale operations with ease. The framework supports running arbitrary binaries and scripts, determined by the specific Packer Provisioner you select and Modulearrow-up-right you use.

Once Ax is set up and configured, you can deploy a fleet of 50-100+ instances in just minutes, distribute a highly parallelized scan against a large scope of targets, and deliver rapid, reliable results. This functionality is known as ax scanarrow-up-right.

Ax attempts to follow the Unix philosophy by providing building blocks that allow users to easily orchestrate one or many cloud instances. This flexibility enables the creation of continuous scanning pipelines and the execution of general, one-off, highly parallelized workloads.

Currently Digital Ocean, IBM Cloud, Linode, Azure, AWS, Hetzner and GCP are officially supported cloud providers.

circle-info

Bash: Ax is predominantly written in Bash! This makes it easy to contribute to, and it was chosen because early versionsarrow-up-right were rapidly prototyped in this language.

Feel free to join us on discord! https://discord.com/invite/c6BHVfnarrow-up-right

hashtag
Quick links

βœ…Existing Userschevron-rightπŸ’ΏInstallation Guidechevron-rightπŸ’»Ax Controllerchevron-rightπŸ’‘How it Workschevron-right

hashtag
Fundamentals

We've put together some helpful guides so you can quickly familiarize yourself with the different aspects of Ax.

πŸ› οΈAx Utility Scriptschevron-rightπŸ”ŽBring Your Own Provisionerchevron-rightβš”οΈFleetschevron-rightπŸš€Scanschevron-rightπŸ€–Moduleschevron-rightπŸ“€Adding Simple Moduleschevron-right🎯Adding One-Shot Moduleschevron-rightπŸ“ŽMerging and Module Extensionschevron-rightβš™οΈHorizontal vs Vertical Scalingchevron-right🀝Responsibilitychevron-rightπŸ“–Terminologychevron-right
NextExisting Users

Last updated