Azure Container Instance Distributed Operations
Project description
acido
Distributed security scanning framework for Azure Container Instances.
Acido (Azure Container Instance Distributed Operations) enables bug bounty hunters, penetration testers, and red team operators to scan at massive scale by distributing workloads across multiple Azure containers.
Table of Contents
Why Acido?
Speed: Distribute scans across 10, 50, or 100+ containers. What takes 24 hours on one machine completes in minutes with parallelization.
Cost-Effective: Pay only when scanning. Spin up 100 containers for 30 minutes, then destroy them - no idle infrastructure costs.
Tool Support: Works with any containerized security tool (nmap, masscan, Nuclei, Nikto, gowitness, etc.).
Simple: Split targets automatically, deploy containers, collect results, cleanup - all automated.
Inspired by axiom.
Installation
Prerequisites:
- Python 3.7+
- Docker
- Azure account (free tier works)
Setup:
- Install acido:
pip install acido
- Login to Azure:
az login
- Create Azure Container Registry:
az acr create --resource-group MyResourceGroup --name myregistry --sku Basic
- Configure acido:
acido -c
Provide: resource group name, registry server (e.g., myregistry.azurecr.io), registry username, registry password, and storage account name.
Note: For CI/CD pipelines, see .github/AZURE_PERMISSIONS.md for Service Principal setup.
Quick Start
- Create a target list (
targets.txt):
facebook.com
uber.com
paypal.com
- Create scanning image:
acido --create nmap
- Run distributed scan:
acido -f nmap-scan \
-n 3 \
--image nmap \
-t 'nmap -iL input -p 0-1000' \
-i targets.txt \
-o output \
--rm-when-done
Parameters:
-fFleet name-nNumber of container instances--imageImage name-tCommand to execute-iInput file (auto-split across containers)-oOutput file--rm-when-doneAuto-delete containers after completion
Results saved to output.json and all_output.txt.
CLI Reference
usage: acido [-h] [-c] [-f FLEET] [-im IMAGE_NAME] [--create-ip CREATE_IP]
[--ip] [-n NUM_INSTANCES] [-t TASK] [-e EXEC_CMD]
[-i INPUT_FILE] [-w WAIT] [-s SELECT] [-l] [-r REMOVE] [-in]
[-sh SHELL] [-d DOWNLOAD_INPUT] [-o WRITE_TO_FILE] [-rwd]
optional arguments:
-h, --help Show help message
-c, --config Configure acido
-f FLEET Fleet name
-im IMAGE_NAME Deploy specific image
--create-ip NAME Create IPv4 address for routing
--ip Use existing IPv4 address
-n NUM Number of instances
-t TASK Command to execute
-e EXEC_CMD Execute on selected instances
-i INPUT_FILE Input file for task
-w WAIT Max timeout
-s SELECT Select instances by name/regex
-l, --list List all instances
-r REMOVE Remove instances by name/regex
-in, --interactive Interactive session
-sh SHELL Execute and upload to blob
-d DOWNLOAD Download from blob
-o OUTPUT Save output in JSON
-rwd, --rm-when-done Remove containers after completion
Examples
Distributed Nmap Scan
Scan 1,000 hosts with 20 containers:
acido -f nmap-fleet \
-n 20 \
--image myregistry.azurecr.io/nmap:latest \
-t 'nmap -iL input -p- --min-rate 1000' \
-i targets.txt \
-o output \
--rm-when-done
Nuclei Vulnerability Scan
Scan 10,000 URLs with 50 containers:
acido -f nuclei-scan \
-n 50 \
--image myregistry.azurecr.io/nuclei:latest \
-t 'nuclei -list input -t /nuclei-templates/' \
-i urls.txt \
-o results
Masscan Port Discovery
Scan entire network with 100 containers:
acido -f masscan \
-n 100 \
--image myregistry.azurecr.io/masscan:latest \
-t 'masscan -iL input -p0-65535 --rate 10000' \
-i networks.txt \
-o masscan-results
Single IP Routing
Route all containers through one IP for whitelisting:
# Create IP
acido --create-ip pentest-ip
# Deploy with IP routing
acido -f scan -n 50 --ip \
--image myregistry.azurecr.io/nmap:latest \
-t 'nmap -iL input -p-' \
-i targets.txt
Credits
- Xavier Álvarez (xalvarez@merabytes.com)
- Juan Ramón Higueras Pica (jrhigueras@dabbleam.com)
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file acido-0.20.tar.gz.
File metadata
- Download URL: acido-0.20.tar.gz
- Upload date:
- Size: 24.0 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.10.19
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
faa9513a6605ba308b896cf46c56d3bf7e7c8d8c58831d8c391b99e1cb03300f
|
|
| MD5 |
b426859ac0fb36dc5fd6e298e896129d
|
|
| BLAKE2b-256 |
68ae4b5275dd30f9e7e6ddaed1be2b65033d3af6ea9013510da7c31ed1f3de83
|
File details
Details for the file acido-0.20-py3-none-any.whl.
File metadata
- Download URL: acido-0.20-py3-none-any.whl
- Upload date:
- Size: 25.3 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.10.19
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
9aee67d4bdfb9ae6e018b6dcaf7ff2ff9160c27d163e6b07904da93950b66946
|
|
| MD5 |
ffc7870dfb22d4b2099cc5fd9abd94be
|
|
| BLAKE2b-256 |
d32de49899ee5ba456e0add6a9f108b3a3ccf913404935093d964e366f346f5d
|
