Coder Social home page Coder Social logo

pudge_hub's Introduction

PudgeHub

  • Pudge的公开指纹和插件库.

  • 法律免责声明

未经事先双方同意,使用Pudge攻击目标是非法的。Pudge仅用于安全测试目的

为什么叫Pudge?

  • Pudge(帕吉)是DOTA2这个游戏中的一个近战力量英雄,他有一个被动技能:腐肉堆积。

给予帕吉魔法抗性加成,并且帕吉每次杀死一个敌方英雄,或者附近有敌方英雄死亡时,帕吉将获得额外的力量。腐肉堆积在学习之前就可以积累力量,但是学习之后才能获得这部分力量。 腐肉堆积最可怕的地方则是每当帕吉参与一个击杀,它就能给帕吉提供一定的力量属性永久加成,增加肢解的伤害并且让帕吉越来越难以被击杀。 一个熟练的帕吉玩家绝对是令人恐惧的,因为他能像疯了一样滚雪球、击垮敌队、成为一个不可阻挡的腐肉怪兽。

https://dota2.fandom.com/zh/wiki/%E5%B8%95%E5%90%89?variant=zh

  • 我觉得这很像我这个项目创建的初衷:参与团战获取经验和收集腐肉堆积点数,恰恰漏洞和指纹都需要收集,在后期发挥出作用。

指纹识别

  • 最后还是用自己收集的指纹吧!

关键词列表

["FastAdmin", "fastadmin.net"]
  • 匹配什么:body
  • 条件:关键词全部匹配到了才继续。

请求头字典

{"X-Powered-By": "ThinkCMF"}

{"Citrix-TransactionId": "*", "Set-Cookie": "xmscookie"}
  • 匹配什么:请求头
  • 条件:在返回的请求头中获取键为X-Powered-By的值,判断值里是否存在ThinkCMF,存在才继续。
  • 条件:如果Key本身就是特征,而Value是不确定的可以填*,例如第二个:只要判断请求头中有Citrix-TransactionId就可以了。

状态码

0
200
404
  • 匹配什么:状态码
  • 条件:只要状态码不为0,都要判断状态码与当前响应的状态码一致**(包括数据类型)**才继续。

图标哈希

["9672fea49d0e2d9f30961d485714aa3d"]
["1708240621"]

  • 匹配什么:获取图标的md5mmh3放在一个集合里

  • 条件:用指纹库中的哈希列表转集合,使用集合运算取并集,如果有并集才继续。

  • 序列化后的输出格式为web_fingerprint.json,Web指纹不再和EHole同步更新。

插件

Web插件

Web组件 数量 指纹 Web组件 数量 指纹 Web组件 数量 指纹
360新天擎 0 ✔️ 74cms 1 ✔️ 78oa办公系统 0 ✔️
acunetix-wvs 0 ✔️ adminer 1 ✔️ amazon 3 ✔️
apache-activemq 2 ✔️ apache-airflow 6 ✔️ apache-ambari 1 ✔️
apache-axis2 2 ✔️ apache-cocoon 1 ✔️ apache-druid 2 ✔️
apache-flink 1 ✔️ apache-hadoop 1 ✔️ apache-kylin 0 ✔️
apache-nifi 0 ✔️ apache-shiro 0 ✔️ apache-skywalking 1 ✔️
apache-solr 6 ✔️ apache-struts 14 ✔️ apache-tomcat 4 ✔️
atlassian-jira 23 ✔️ bullwark 1 ✔️ cisco 14 ✔️
citrix-access-gateway 6 ✔️ citrix-xenmobile 0 ✔️ codiad 0 ✔️
confluence 5 ✔️ coremail 1 ✔️ d-link 12 ✔️
dbshop 0 ✔️ dedecms 5 ✔️ dejavu 0 ✔️
dell 4 ✔️ discuz 0 ✔️ django 5 ✔️
docker 5 ✔️ drupal 5 ✔️ ecology泛微-e-weaver 1 ✔️
ecology泛微-协同商务系统 0 ✔️ ecology泛微e-mobile 0 ✔️ ecology泛微e-office 0 ✔️
ecology泛微云桥e-bridge 0 ✔️ ecology泛微协同办公oa 0 ✔️ ejinshan终端 0 ✔️
elastichd-dashboard 4 ✔️ elasticsearch 0 ✔️ emby 1 ✔️
eyou-亿邮邮件系统 1 ✔️ ezoffice 0 ✔️ f5-big-ip 2 ✔️
fastadmin 0 ✔️ ffay-lanproxy 1 ✔️ finereport 1 ✔️
formmail 0 ✔️ fortigate 1 ✔️ fortinet-fortigate 0 ✔️
foxycart 0 ✔️ ganttlab 0 ✔️ gate-one 1 ✔️
ghost 1 ✔️ gitea 0 ✔️ gitlab 7 ✔️
glpi 3 ✔️ gogs 1 ✔️ grafana 3 ✔️
harbor 1 ✔️ horde 2 ✔️ http基本认证 0 ✔️
huawei 2 ✔️ ibm-http-server 0 ✔️ igenus邮件系统 0 ✔️
javashop 0 ✔️ jboss 1 ✔️ jeecms 0 ✔️
jeedom 1 ✔️ jellyfin 2 ✔️ jenkins 10 ✔️
jetty 5 ✔️ jumpserver 0 ✔️ jupyter-notebook 0 ✔️
kibana 2 ✔️ laravel 6 ✔️ lucee 3 ✔️
magento 6 ✔️ mallbuilder 0 ✔️ message-solution 0 ✔️
metersphere 0 ✔️ microsoft-exchange 0 ✔️ minio 2 ✔️
mobileiron 1 ✔️ mongodb 1 ✔️ mongoexpress 0 ✔️
moodle 4 ✔️ nacos 3 ✔️ netdata 1 ✔️
netgear 7 ✔️ nexus-repository-manager 0 ✔️ nps 1 ✔️
odoo 1 ✔️ onethink 0 ✔️ opencti 0 ✔️
panabit智能网关 0 ✔️ phpcms 0 ✔️ phpmyadmin 5 ✔️
phpoa 0 ✔️ plesk 1 ✔️ portainer 0 ✔️
prometheus 2 ✔️ rabbitmq 1 ✔️ rap2 0 ✔️
rconfig 6 ✔️ ricoh 1 ✔️ ruijie-eweb网管系统 0 ✔️
ruijie-rg-uac 0 ✔️ ruijie-router-nbr 0 ✔️ ruijie-smart-web 0 ✔️
salesforce 1 ✔️ saltstack 2 ✔️ seeyon 2 ✔️
servicenow 1 ✔️ shopxo 1 ✔️ showdoc 2 ✔️
slack 3 ✔️ soffice 0 ✔️ solarwinds 3 ✔️
sonarqube 2 ✔️ sonicwall 2 ✔️ spammark邮件信息安全网关 0 ✔️
splunk 1 ✔️ splunkd 0 ✔️ spring-framework 16 ✔️
synology-diskstation-nas 0 ✔️ tbk-dvr 0 ✔️ thinkadmin 1 ✔️
thinkcmf 3 ✔️ thinkphp 4 ✔️ tpshop 1 ✔️
turbomail 0 ✔️ ueditor 1 ✔️ vectr 0 ✔️
vmware-esxi 0 ✔️ vmware-horizon 0 ✔️ vmware-secure-file-transfer 0 ✔️
vmware-vcenter 2 ✔️ vmware-vrealize-operations-manager 1 ✔️ vmware-vsphere 0 ✔️
wayos维盟ac集中管理系统 0 ✔️ weblogic 11 ✔️ webmin 1 ✔️
websvn 1 ✔️ weiphp 1 ✔️ wishoa 0 ✔️
wordpress 244 ✔️ wuzhicms 1 ✔️ xdcms 1 ✔️
xiuno 1 ✔️ xxl-job 1 ✔️ yapi 1 ✔️
yii-php-framework 2 ✔️ zabbix 3 ✔️ zcms 1 ✔️
zentao 0 ✔️ zimbra 4 ✔️ zte 1 ✔️
zyxel 1 ✔️ zzzcms 1 ✔️ 中新金盾防火墙 0 ✔️
任我行crm 0 ✔️ 任我行电商 0 ✔️ 会捷通云视讯平台 1 ✔️
华天动力协同oa办公系统 0 ✔️ 协众oa 0 ✔️ 协达oa 0 ✔️
同城多用户商城 0 ✔️ 启明星辰天清汉马usg防火墙 0 ✔️ 启明星辰天玥运维安全网关 0 ✔️
和信下一代云桌面vesystem 0 ✔️ 图创软件-图书馆站群管理系统 0 ✔️ 天融信topapp_lb负载均衡系统 0 ✔️
天融信数据防泄漏系统 0 ✔️ 奇安信终端安全管理系统qax天擎 0 ✔️ 好视通-fastmeeting 0 ✔️
孚盟云 0 ✔️ 宝塔面板 0 ✔️ 微三云管理系统 0 ✔️
数字化校园综合管理系统 0 ✔️ 正方协同办公oa 0 ✔️ 深信服-sangfor-ssl-vpn 0 ✔️
深信服终端检测响应平台-sangfor-edr 1 ✔️ 深信服行为感知系统 0 ✔️ 用友-grp-u8 0 ✔️
用友-turbocrm 0 ✔️ 用友-ufida-nc 0 ✔️ 用友nc 0 ✔️
用友软件fe协作办公平台 0 ✔️ 红帆ioffice 0 ✔️ 网康下一代防火墙 0 ✔️
蓝凌oa 0 ✔️ 蓝海卓越计费管理系统 0 ✔️ 迈捷邮件系统 0 ✔️
通达-tongda-oa 1 ✔️ 金笛邮件系统 0 ✔️ 齐治堡垒机 0 ✔️

pudge_hub's People

Contributors

actions-user avatar cn-kali-team avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.