Coder Social home page Coder Social logo

qwe1433223 / fast-go Goto Github PK

View Code? Open in Web Editor NEW
35.0 1.0 4.0 84.53 MB

一款高效的收集并且处理web资产的工具,整合了一些开源工具与自制的小工具

Dockerfile 0.10% Python 51.31% PowerShell 3.79% Batchfile 0.19% HTML 44.62%

fast-go's Introduction

开源工具

OneForAll,Web-SurvivalScan,403 ByPasser

作用

在SRC信息收集中,搜集到的子域可能有成千上万条,状态码为200的少说也有上百条,要是都对这些子域进行测试,那得产生几何倍数的请求(各种爆破)

好在有些站点是使用同一模板开发的,比如丁香园的资产,多个子域实际就是一台服务器中的同一个web,此时可以判断web的静态文件以及JS文件是否与另一个站点相同,来排除来自同一模板的资产。

在此基础上,我把一些开源工具给整合起来了,更方便进行资产处理

流程

OneForAll
FOFA处理
URLS_TO_IPS
存活扫描
资产去重
403_ByPasser

用法

1. 在工具运行目录创建一个项目文件夹

将FOFA导出的资产(csv格式的)放到这个项目内,导出的字段要包含:link 创建一个OneForAll目标界定.txt 文件,界定子域名爆破目标

2. PowerShell环境下运行 start.ps1

./start.ps1 项目名称(也就是刚刚创建的那个文件夹) 可选参数1或0

第二个可选参数选0就好,不用选1

3.运行结束的样子,最后不建议对一大堆403资产进行ByPass

4.运行结果

包括各种状态的web,IPS,存活报告,以及去重的报告,后续进行SRC挖掘选择单独开发资产.txt里的目标进行测试就好,项目名.txt内是所有资产(未做存活扫描及去重),200.txt是状态码200的资产

fast-go's People

Contributors

qwe1433223 avatar

Stargazers

avatar avatar avatar avatar BigZe avatar zhifan avatar avatar Lay0us avatar twin avatar GKDshell avatar 絢辻詞 avatar Ro1i avatar 之乎者也 avatar <svg onload=alert(1)> avatar NightEmperor avatar hirak0 avatar no surrendering avatar avatar avatar avatar via avatar avatar avatar avatar avatar r3d avatar avatar KYhvedn avatar avatar avatar ZhangSan avatar Franklin avatar avatar 黄承开 avatar avatar

Watchers

avatar

Forkers

startagain2016 awdscan sec-fork lay0us

fast-go's Issues

存在bug,除了新建文件夹放入我的cvs,还需要配置什么吗,楼主

所在位置 C:\tools\fast-go\FAST-GO--\start.ps1:56 字符: 35

  • #鍒涘缓鏂囦欢澶?$folderPath = $璧勪骇鏀堕泦 + "\" + $project + "\OneForAll"
  •                               ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

表达式或语句中包含意外的标记“\" + $project + "\OneForAll"
if (-Not (Test-Path $folderPath)) {
New-Item -Path $folderPath -ItemType Directory
}

鎵ц 瀛愬煙鍚嶇垎鐮?segmentation("瀛愬煙鍚嶇垎鐮?”。

所在位置 C:\tools\fast-go\FAST-GO--\start.ps1:6 字符: 29

  • if ($argsList.Length -eq 0) {
  •                         ~

语句块或类型定义中缺少右“}”。
所在位置 C:\tools\fast-go\FAST-GO--\start.ps1:62 字符: 37

  • 鎵ц 瀛愬煙鍚嶇垎鐮?segmentation("瀛愬煙鍚嶇垎鐮?)

  •                                 ~

表达式或语句中包含意外的标记“)”。
所在位置 C:\tools\fast-go\FAST-GO--\start.ps1:73 字符: 9

  • $璧勪骇鏀堕泦鐩爣鏂囦欢 = "$project$project.txt"
  •     ~~~~~

表达式或语句中包含意外的标记“爣鏂囦欢”。
所在位置 C:\tools\fast-go\FAST-GO--\start.ps1:101 字符: 8

  • } else {
  •    ~

语句块或类型定义中缺少右“}”。
+ CategoryInfo : ParserError: (:) [], ParseException
+ FullyQualifiedErrorId : UnexpectedToken

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.