Coder Social home page Coder Social logo

lay0us / londly01-safety-tool Goto Github PK

View Code? Open in Web Editor NEW

This project forked from startagain2016/londly01-safety-tool

0.0 0.0 0.0 34 KB

自动化进行资产探测及漏洞扫描|红蓝对抗 | 快速打点 | 适用黑客进行赏金活动、SRC活动、大规模攻击使用 | 护网

Python 100.00%

londly01-safety-tool's Introduction

                               Londly

一款红队在大量的资产中实现自动化全端口扫描、标题识别、指纹识别、爆破、漏扫的二开工具

0x00 项目概述

 将原理简单概述一下,把收集到的ip放到ip.txt中,进行CDN过滤,masscan全端口扫描,Fscan扫描,httpx标题识别,将整理的URL进行Finger+observer双重指纹识别,xray+nuclei漏扫。

0x01 使用方法

 将xray nuclei Finger observer fscan masscan httpx放到根目录下,实现自动化,使用xray高级版效果更佳。
 执行:python3 londly.py -i ip.txt  -p 1-65535 --rate 1000 2>&1 &
 执行完上面命令,等着收成果即可,建议使用VPS,一次扫描100个ip
 引入fscan是为了扫描web资产和一些弱口令,例如tomcat存在弱口令后进入系统上传war包,拿shell。
 项目整体结构如下:
 ![图片](https://user-images.githubusercontent.com/118274389/216054889-69efb88d-3260-4753-bcd7-c971e85990a7.png)

0x02 项目地址

 fscan地址
 https://github.com/shadow1ng/fscan
 
 observer地址
 https://github.com/0x727/ObserverWard
 
 Finger地址
 https://github.com/EASY233/Finger
 
 nuclei地址
 https://github.com/projectdiscovery/nuclei
 
 masscan地址
 https://github.com/robertdavidgraham/masscan
 
 httpx地址
 https://github.com/projectdiscovery/httpx
 
 xray地址
 https://github.com/chaitin/xray

0x03 后续项目扩展

 例如:整理的IP有192.168.1.3和192.168.1.5 那么192.168.1.4大概率也是需要收集的资产,所有在加个脚本将192.168.1.4自动添加,然后进行后续的指纹和扫描任务。

0x04 免责声明

 该项目仅供授权下使用,禁止使用该项目进行违法操作,否则自行承担后果,请各位遵守《中华人民共和国网络安全法》!

londly01-safety-tool's People

Contributors

londly01 avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.