Springboot directory scanning

Overview

springboot_scan

Springboot directory scanning

项目由来

项目过程中发现现有的工具对springboot路径扫描大多存在误报和遗漏现象。

往往是存在以下几个现象:

1、请求频率过高时,服务器对于返回503等出错结果,此时无法准确判断访问页面是否为正常页面。

2、heapdump等大文件路径如果存在时,会使得扫描工具产生卡顿,从而无法继续扫描。

3、使用浏览器访问时,延迟加载页面成功,使用工具扫描时无法获取所有响应页面,导致漏报。

4、对于200的扫描结果无法判断,产生极大的误报。

尝试试用了大部分公开springboot目录扫描工具,发现都不可避免的产生以上问题,

[Go]springScan
[PY]SB-Actuator
[PY]springboot-check
[PY]SpringBootScan

在此种情况下,重新编写了一个适用于springboot的目录扫描工具。

目前支持以下功能:

1、使用多种方法【get、post、head】自动重试访问503页面和无结果页面。

2、使用多种关键数据【长度、大小、头部比特】用于自动过滤和辅助手动过滤非404的非正常页面。

3、支持多种方式代理【socks5、https】请求页面代理用于调试和绕过请求限制。

4、使用多个文件记录不同情景下过滤的URL,便于追踪产生的错误和漏报。

过程及结果文件 默认输出在当前【result-时间戳】目录下,
其中 scan_waive.txt 存放基于404、403、500状态码 过滤的URL。   (waive 放弃)
其中 scan_filter.txt  存放基于【长度、大小、头部比特】过滤的URL。(filter 过滤
其中 scan_retry.txt  存放根据请求结果自动重试的URL和对应重试次数。(retry 重试)


其中 scan_result.txt 存放状态码为200,并且不被过滤的URL,此文件为实际结果文件。     (result 结果)
其中 scan_manual.txt 存放当重试多次依然无法判断为正常请求时的URL,此文件结果需用户进行手动重试。(manual 手动)

5、通过fofa批量采集了2000站点的mapping路径加入字典文件。

快速使用

1、将目标URL填写在springboot_target.txt,并运行 ython springboot_scan.py

TODO:

1、对可能存在咯都的请求URL进行提示。(极小概率)

2、对敏感的响应内容进行提示。(极小概率,建议使用HAE插件替代)

Owner
WINEZERO
WINEZERO
Complet and easy to run Port Scanner with Python

Port_Scanner Complet and easy to run Port Scanner with Python Installation 1- git clone https://github.com/s120000/Port_Scanner 2- cd Port_Scanner 3-

1 May 19, 2022
Apk Framework Detector

🚀🚀🚀Program helps you to detect the major framework or technology used in writing any android app. Just provide the apk 😇😇

Daniel Agyapong 10 Dec 07, 2022
Generate MIPS reverse shell shellcodes easily !

MIPS-Reverse MIPS-Reverse is a tool that can generate shellcodes for the MIPS architecture that launches a reverse shell where you can specify the IP

29 Jul 27, 2021
Lite version of my Gatekeeper backdoor for public use.

MayorSec Backdoor Fully functioning bind-type backdoor This backdoor is a fully functioning bind shell and lite version of my full functioning Gatekee

Joe Helle 56 Mar 25, 2022
Scan all java processes on your host to check weather it's affected by log4j2 remote code execution

Log4j2 Vulnerability Local Scanner (CVE-2021-45046) Log4j 漏洞本地检测脚本,扫描主机上所有java进程,检测是否引入了有漏洞的log4j-core jar包,是否可能遭到远程代码执行攻击(CVE-2021-45046)。上传扫描报告到指定的服

86 Dec 09, 2022
Log4j exploit catcher, detect Log4Shell exploits and try to get payloads.

log4j_catcher Log4j exploit catcher, detect Log4Shell exploits and try to get payloads. This is a basic python server that listen on a port and logs i

EntropyQueen 17 Dec 20, 2021
Proof of concept GnuCash Webinterface

Proof of Concept GnuCash Webinterface This may one day be a something truly great. Milestones [ ] Browse accounts and view transactions [ ] Record sim

Josh 14 Dec 28, 2022
PoC for CVE-2020-6207 (Missing Authentication Check in SAP Solution Manager)

PoC for CVE-2020-6207 (Missing Authentication Check in SAP Solution Manager) This script allows to check and exploit missing authentication checks in

chipik 82 Nov 09, 2022
将hw时信息收集以及简单的漏洞操作步骤简单化

Braised-vegetables 将hw时信息收集以及简单的漏洞扫描操作步骤简单化 使用subfinder(被动子域名爆破收集) subdomain(主动域名爆破) nabbu(端口扫描) httpx(探测目录浏览) crawlergo(360深度爬虫) chorme(谷歌浏览器) xray(漏

19 Nov 15, 2022
💣 Bomb Crypto Bot 💣

💣 Bomb Crypto Bot 💣 ⚠️ Warning I am not responsible for any penalties incurred by those who use the bot, use it at your own risk. 📄 Documentation -

Matheus Benites 4 Apr 27, 2022
Deltaspy - an advanced keylogger that can send keylogs and screenshots to gmail

Deltaspy Deltaspy is a advanced keylogger which sends keylogs and screenshot to

Praanesh S 1 Dec 31, 2021
Windows Stack Based Auto Buffer Overflow Exploiter

Autoflow - Windows Stack Based Auto Buffer Overflow Exploiter Autoflow is a tool that exploits windows stack based buffer overflow automatically.

Himanshu Shukla 19 Dec 22, 2022
Tool for finding PHP source code vulnerabilities.

vulnz Tool for finding php source code vulnerabilities. Scans PHP source code and prints out potentially dangerous lines. This tool is useful for secu

Mateo Hanžek 1 Jan 14, 2022
Brute force attack tool for Azure AD Autologon/Seamless SSO

Brute force attack tool for Azure AD Autologon

nyxgeek 89 Jan 02, 2023
SSH Tool For OSINT and then Cracking.

sshmap SSH Tool For OSINT and then Cracking. Linux Systems Only Usage: Scanner Syntax: scanner start/stop/status - Sarts/stops/sho

Miss Bliss 5 Apr 04, 2022
vulnerable APIs

vulnerable-apis vulnerable APIs inspired by https://github.com/mattvaldes/vulnerable-api Setup Docker If, Out of the box docker pull kmmanoj/vulnerabl

9 Jun 01, 2022
Fuzzercorn - Bring libfuzzer to Unicorn

Fuzzercorn libfuzzer bindings for Unicorn. API // The main entry point of the fu

lazymio 23 Nov 17, 2022
Burp Suite extension for encoding/decoding EVM calldata

unblocker Burp Suite extension for encoding/decoding EVM calldata 0x00_prerequisites Burp Suite Java 8+ Python 2.7 0x01_installation clone this reposi

Halborn 16 Aug 30, 2022
Meterpreter Reverse shell over TOR network using hidden services

Poiana Reverse shell over TOR network using hidden services Features - Create a hidden service - Generate non-staged payload (python/meterpreter_rev

calfcrusher 80 Dec 21, 2022
Genpyteal - Experiment to rewrite Python into PyTeal using RedBaron

genpyteal Converts Python to PyTeal. Your mileage will vary depending on how muc

Jason Livesay 9 Oct 19, 2022