https://github.com/inbug-team/SweetBabyScan./SbScan -h 192.168.0.0/16 -wsh 500 --wsp 500
./SbScan -h 192.168.188.0/24 -p 80,22,81-89
./SbScan --lpn --fpn weblogic
git clone https://github.com/inbug-team/SweetBabyScan.git --recursive
go mod tidygo mod vendor
set GOOS=windowsset GOARCH=amd64go build -ldflags="-s -w" -trimpath -o SbScan.exeset GOOS=windowsset GOARCH=386go build -ldflags="-s -w" -trimpath -o SbScan.exe
GOOS=darwin GOARCH=amd64 go build -ldflags="-s -w" -trimpath -o SbScanGOOS=darwin GOARCH=arm64 go build -ldflags="-s -w" -trimpath -o SbScanGOOS=linux GOARCH=amd64 go build -ldflags="-s -w" -trimpath -o SbScanGOOS=linux GOARCH=386 go build -ldflags="-s -w" -trimpath -o SbScan
./SbScan
./SbScan -h=192.168.188.1/24
./SbScan -h=192.168.188.1/24 -p=tiny./SbScan -h=192.168.188.1/24,10.0.0.1/16 -p=22,80,443
./SbScan -wsh=2048 -wsp=1024 -h=192.168.188.1/24,10.0.0.1/16 -p=22,80,443
./SbScan -h=192.168.188.1/24 -p=22,80 --nsh --nsp --nsw --nsv
./SbScan -h=ip.txt -wp=pass.txt -wu=user.txt -sf=test.xlsx -ssw=redis,ssh,mysql
./SbScan --helpUsage:./SbScan [flags]Flags:-il, -isLog 是否显示日志 (default true)-is, -isScreen 是否启用截图 (default true)-sf, -saveFile string 指定保存文件路径[以.xlsx结尾]-h, -host string 检测网段或者txt文件[以.txt结尾,一行一组回车换行] (default "192.168.0.0/16,172.16.0.0/12,10.0.0.0/8")-p, -port string 端口范围:tiny[精简]、normal[常用]、database[数据库]、caffe[咖啡厅/酒店/机场]、iot[物联网]、all[全部]、自定义 (default "tiny")-pt, -protocol string 端口范围:tcp、udp、tcp+udp (default "tcp+udp")-hb, -hostBlack string 排除网段-msh, -methodScanHost string 验存方式:PING、ICMP (default "PING")-wsh, -workerScanHost int 存活并发 (default 250)-tsh, -timeOutScanHost int 存活超时 (default 3)-r, -rarity int 优先级 (default 10)-wsp, -workerScanPort int 扫描并发 (default 250)-tspc, -timeOutScanPortConnect int 端口扫描连接超时 (default 3)-tsps, -timeOutScanPortSend int 端口扫描发包超时 (default 3)-tspr, -timeOutScanPortRead int 端口扫描读取超时 (default 3)-inpo, -isNULLProbeOnly 使用空探针-iuap, -isUseAllProbes 使用全量探针-wss, -workerScanSite int 爬虫并发 (default 16)-tss, -timeOutScanSite int 爬虫超时 (default 3)-ts, -timeOutScreen int 截图超时 (default 60)-lpn, -listPocNuclei 是否列举Poc Nuclei-lpx, -ListPocXray 是否列举Poc Xray-fpn, -filterPocName string 筛选POC名称,多个关键字英文逗号隔开-fvl, -filterVulLevel string 筛选POC严重等级:critical[严重] > high[高危] > medium[中危] > low[低危] > info[信息]、unknown[未知]、all[全部],多个关键字英文逗号隔开-tspn, -timeOutScanPocNuclei int PocNuclei扫描超时 (default 6)-wsPoc, -workerScanPoc int Poc并发 (default 100)-wsw, -workerScanWeak int 爆破并发 (default 6)-gsw, -groupScanWeak int 爆破分组 (default 10)-tsw, -timeOutScanWeak int 爆破超时 (default 6)-nsh, -noScanHost 跳过主机存活检测-nsw, -noScanWeak 跳过弱口令爆破-nsp, -noScanPoc 跳过POC漏洞验证-nsv, -noScanVul 跳过高危系统漏洞探测-ssw, -serviceScanWeak string 指定爆破协议:ssh,smb,snmp,sqlserver,mysql,mongodb,postgres,redis,ftp,clickhouse,elasticsearch,多个协议英文逗号分隔,默认全部-au, -aUser string 追加弱口令账号字典[以.txt结尾]-ap, -aPass string 追加弱口令密码字典[以.txt结尾]-wu, -wUser string 覆盖弱口令账号字典[以.txt结尾]-wp, -wPass string 覆盖弱口令密码字典[以.txt结尾]
2022-06-06(v0.0.5)[+]1.自定义输出文件[+]2.自定义爆破协议[+]3.自定义爆破账号密码文件(支持追加模式和覆盖模式)[+]4.自定义IP文件2022-06-01(v0.0.4)[x]1.修复POC Xray扫描引擎[x]2.修复外网是否可以达?可达下载chrome并截图[x]3.修复临时文件无法删除bug[+]4.优化进度条[+]5.新增跳过(主机存活、弱口令、POC、高危漏洞)参数2022-05-29(v0.0.3)[x]1.修改弱口令爆破阻塞bug[x]2.优化进度条显示2022-05-28(v0.0.2)[+]1.网卡识别[+]2.域控识别[+]3.MS17010漏洞探测[+]4.SMBGhost漏洞探测[+]5.POC Xray V2漏洞探测[+]6.POC Nuclei V2漏洞探测[+]7.弱口令爆破* FTP爆破* SSH爆破* SMB爆破* SNMP爆破* Redis爆破* MongoDB爆破* MySQL爆破* SQLServer爆破* PostGreSQL爆破* ElasticSearch爆破[+]8.结果存储到Excel2022-05-20(v0.0.1)[+]1.主机存活检测(PING|ICMP)[+]2.端口服务扫描(高精度探针指纹识别)[+]3.网站指纹爬虫(站点截图、CMS识别)
nuclei:https://github.com/projectdiscovery/nucleixray:https://github.com/chaitin/xray
推荐阅读
文章来源: http://mp.weixin.qq.com/s?__biz=Mzg5OTY2NjUxMw==&mid=2247498909&idx=1&sn=e7d00cdb4d3a9e6475923a0f7045506a&chksm=c04d7ba3f73af2b50e59116144cbdd8660978b6fece31507f6017b46ef9efb7ac9929e6b43c5#rd
如有侵权请联系:admin#unsafe.sh
如有侵权请联系:admin#unsafe.sh