Weaviate unauth enumeration tool. Enumerates the full attack surface of an exposed Weaviate instance with no credentials.
nuclide-research.com
go install github.com/nuclide-research/weavscan@latestOr build from source (no external dependencies):
git clone https://github.com/nuclide-research/weavscan
cd weavscan
go build -o weavscan .weavscan [flags] <target-url>
| Flag | Description |
|---|---|
--probe |
Phase 0 only: auth check + meta |
--hunt |
Phase 3c: semantic nearText hunt across all vectorized classes |
--tenants |
Phase 3b: enumerate and sweep all tenants |
--grpc |
Probe gRPC port :50051 |
--metrics |
Probe Prometheus metrics endpoint :2112 |
--write-canary |
Inject canary object (requires --authorize-write) |
--authorize-write |
Explicit authorization gate for write operations |
--class <name> |
Target a single class |
--concepts <csv> |
nearText concepts for --hunt |
--limit <n> |
Records per scroll page (default: 50) |
--max-records <n> |
Max records per class (default: 500) |
--timeout <sec> |
HTTP timeout (default: 15) |
-o <file> |
Write JSON output to file |
-q |
Quiet: JSON to stdout only |
-v |
Verbose: log HTTP exchanges |
# Full enumeration
weavscan http://target:8080
# Probe only
weavscan http://target:8080 --probe
# Full + semantic hunt + tenant sweep + JSON output
weavscan http://target:8080 --hunt --tenants -o findings.json
# Side channel probes
weavscan http://target:8080 --grpc --metrics
# Targeted concepts
weavscan http://target:8080 --hunt --concepts "ssn,diagnosis,salary,password"
# Confirm write access (authorized assessments only)
weavscan http://target:8080 --write-canary --authorize-writeGET /v1/meta-- version, module config, embedded API key detection- Auth state check via
/v1/schemaresponse code
- All class definitions, property names, data types
- Multi-tenancy config and tenant list per class
- Shard topology per class
- Object count via GraphQL Aggregate (no record fetch)
- Sensitivity scoring on class names and property names
- Pattern matching: medical/PII/credential/HR/legal/communication
- Object count tier weighting
- Classes ranked highest-sensitivity-first
- REST cursor scroll (
after-based pagination) across all classes - Tenant-aware scroll when
--tenantsset - GraphQL
nearTextsemantic hunt when--huntset --huntonly fires on classes with a configured vectorizer
GET /v1/nodes-- hostnames, status, versionGET /v1/cluster/statistics-- cluster internalsGET /v1/backups/{filesystem,s3,gcs,azure}-- backup locationsGET /v1/classifications-- ML classification job list
- gRPC :50051 -- HTTP/2 preface probe
- Prometheus metrics :2112 -- object counts, query rates, memory
POST /v1/batch/objects-- canary injection- Requires both
--write-canaryand--authorize-write; neither alone fires
Human-readable colored output by default. JSON with -o or -q.
weavscan :: http://target:8080
2026-06-20T15:30:19Z
## Meta
version : 1.30.0
auth : OPEN (no auth)
modules : img2vec-neural
## Schema (3 classes)
CLASS OBJECTS SCORE VECTORIZER
...
## Summary
severity : CRITICAL
classes : 3 total, 2 sensitive
objects : ~20298 estimated
findings : 500 extracted
Built for authorized security assessment of AI/ML infrastructure. Operates within the NuClide research methodology -- verification-first, restraint-governed, primary-source evidence. Use on systems you are authorized to test.