社区版，三端版本，下载链接文末获取

1. 1.做了一些优化优化扫描效率增强子域名收集功能增加了一些功能格式化时间戳函数进制转换函数sha，hmacsha函数url全字符编码函数rev 字符串反向函数添加 upper 字符串大写函数dir()basename()body_stringtitle_string添加burp的history导出文件转yml脚本的功能log4j2-rce的检测为自定义脚本(gamma)添加扫描时，可以指定POC的危害等级，分为low，medium，high，critical，通过--level参数指定为shiro插件添加文件加载功能，可以直接加载指定文件中的key可在配置文件中配置每个poc的标签，通过--tags来指定标签扫描更新了--list功能，可查看相关标签对应poc为 response 添加 icon_url 属性修复了一些问题修复cve-2021-29490误报严重问题修复报告只显示参考链接，不显示提交者的问题修复cache可能出现的请求不发送问题过滤部分冗余的错误日志修复一些意外导致panic的问题新增x命令支持对发现的web站点进行漏洞探测支持带宽控制与智能速率调节，最优化扫描效率支持多目标多端口随机探测，基于有限元的随机化方案支持ICMP/TCP/UDP主机存活探测支持SYN/CONNECT端口扫描支持URL/IP/域名/IP范围/CIDR等多种输入方式支持指纹识别该命令实际上是xray内置的、启用了printerservice-scantarget-parse这三个内置的插件的命令。其中service-scan提供 主机存活探测、服务指纹识别、web指纹识别 的功能可以查看 plugin-config.xray.yaml,module-config.xray.yaml获得详细配置信息，执行xray x --help 获取命令行参数与试用方法。示例：xray x -t example.comxray x -t http://example.comxray x -t example.com/24xray x -t 192.168.1.1/24xray x -t 192.168.1.1-192.168.1.254xray x -t 192.168.1.1-254xray x -t 192.168.1.1-254 -p 22,80,443-445新增385个poc，感谢师傅们的提交，更新后即可自动加载vmware-vcenter-cve-2021-21985-rce.yml74cms-cnvd-2021-45280.ymladobe-coldfusion-cve-2018-15961.ymlametys-cms-cve-2022-26159.ymlanmei-rce.ymlapache-airflow-cve-2020-13927-unauthorized.ymlapache-apisix-dashboard-api-unauth-rce.ymlatlassian-jira-unauth-user-enumeration.ymlauerswald-cve-2021-40859.ymlclickhouse-http-unauth.ymlcve-2022-24990-terramaster-fileupload.ymldedecms-cve-2017-17731-sqli.ymldedecms-mysql-error-trace.ymldedecms-search-php-sqli.ymldoccms-sqli.ymlearcms-download-php-exec.ymlearcms-index-uplog-php-file-upload.ymlemlog-cve-2021-3293.ymlewebs-fileread.ymleyoucms-cve-2021-39501.ymlezoffice-smartupload-jsp-upload.ymlfinecms-getshell.ymlfull-read-ssrf-in-spring-cloud-netflix.ymlgrafana-snapshot-cve-2021-39226.ymlhadoop-yarn-rpc-rce.ymlhikvision-readfile.ymlhongfan-oa-readfile.ymlinterlib-read-file.ymlivanti-endpoint-manager-cve-2021-44529-rce.ymljinhe-oa-readfile.ymljoomla-jck-cve-2018-17254-sqli.ymlkingdee-oa-apusic-readfile.ymllandray-oa-rce.ymllionfish-cms-image-upload-php-upload.ymllionfish-cms-wxapp-php-upload.ymlmastodon-cve-2022-0432.ymlmetersphere-plugincontroller-rce.ymlmetinfo-x-rewrite-url-sqli.ymlmovabletype-cve-2021-20837-rce.ymlnetpower-readfile.ymlnette-framework-cve-2020-15227-rce.ymlnginx-path-traversal.ymloa8000-workflowservice-sqli.ymlonethink-sqli.ymlphp-chat-live-uploadimg-html-upload.ymlphpcms-960-sqli.ymlphpweb-appplus-php-upload.ymlpigcms-file-upload.ymlprestashop-smartblog-cve-2021-37538.ymlqibocms-readfile.ymlrudloff-alltube-cve-2022-0692.ymlseeyon-oa-a6-information-disclosure.ymlspring-cloud-gateway-cve-2022-22947-rce.ymlsupesite-sqli.ymlsysaid-itil-cve-2021-43972.ymltongda-oa-action-upload-php-upload.ymltongda-oa-report-bi-func-php-sqli.ymlvoipmonitor-cve-2022-24260.ymlwanhuoa-upload-rce.ymlweaver-e-office-lazyuploadify-upload.ymlweaver-oa-eoffice-information-disclosure.ymlweijiaoyi-post-curl-ssrf.ymlwestern-digital-mycloud-ftp-download-exec.ymlwestern-digital-mycloud-jqueryfiletree-exec.ymlwestern-digital-mycloud-multi-uploadify-file-upload.ymlwestern-digital-mycloud-raid-cgi-exec.ymlwestern-digital-mycloud-sendlogtosupport-php-exec.ymlwestern-digital-mycloud-upload-php-exec.ymlwestern-digital-mycloud-upload-php-upload.ymlyonyou-erp-nc-readfile.ymlzhixiang-oa-sqli.ymlzoho-cve-2022-23779-info-leak.ymladobe-coldfusion-cve-2021-21087.ymlalibaba-anyproxy-fetchbody-fileread.ymlapache-apisix-cve-2020-13945-rce.ymlapache-guacamole-default-password.ymlatlassian-jira-cve-2019-3403.ymlbsphp-unauthorized-access.ymlcve-2017-16894-sensitive-documents.ymldelta-entelitouch-cookie-user-password-disclosure.ymldomoticz-cve-2019-10664.ymldruid-cve-2021-25646.ymldynamicweb-cve-2022-25369.ymlegroupware-spellchecker-rce.ymlelfinder-cve-2021-32682-rce.ymlemerge-e3-cve-2019-7256.ymlessl-dataapp-unauth-db-leak.ymlfinecms-cve-2018-6893.ymlfranklinfueling-cve-2021-46417-lfi.ymlfuelcms-cve-2018-16763-rce.ymlgenixcms-register-cve-2015-3933-sqli.ymlgetsimple-cve-2019-11231.ymlghostscript-cve-2018-19475-rce.ymljetty-servlets-concatservlet-information-disclosure-cve-2021-28169.ymljetty-web-inf-information-disclosure-cve-2021-34429.ymljira-cve-2021-26086.ymljoomla-history-cve-2015-7857-sqli.ymljquery-picture-cut-upload-php-fileupload-cve-2018-9208.ymljsrog-artifactory-cve-2019-9733.ymlkibana-cve-2019-7609-rce.ymlkodexplorer-directory-traversal.ymlmaccms-cve-2017-17733-rce.ymlmetabase-cve-2021-41277.ymlnostromo-cve-2011-0751-directory-traversal.ymlnuxeo-cve-2018-16341-rce.ymlodoo-cve-2019-14322.ymlphp-imap-cve-2018-19518-rce.ymlphpmoadmin-cve-2015-2208-rce.ymlpiwigo-cve-2022-26266-sqli.ymlrconfig-ajaxserversettingschk-cve-2019-16662-rce.ymlrconfig-commands-inc-cve-2020-10220-sqli.ymlresin-directory-traversal-cve-2021-44138.ymlruanhong-jvm-lfi.ymlruanhong-oa-xxe.ymlruckus-default-password.ymlseeyon-oa-a8-m-information-disclosure.ymlshowdoc-cnvd-2020-26585.ymlsocomec-cve-2019-15859.ymlspring-data-rest-cve-2017-8046-rce.ymlsubrions-search-cve-2017-11444-sqli.ymlteclib-glpl-cve-2019-10232.ymlterramaster-tos-cve-2022-24989.ymltibco-jasperreports-cve-2018-18809-directory-traversal.ymltongda-oa-login-code-php-login-bypass.ymltwonkyserver-cve-2018-7171-fileread.ymlvmware-workspace-cve-2021-22054-ssrf.ymlvmware-workspace-cve-2022-22954-rce.ymlvtigercrm-cve-2020-19363.ymlweaver-ecology-getsqldata-sqli-rce.ymlwordpress-site-editor-cve-2018-7422-lfi.ymlwso2-cve-2022-29464-fileupload.ymlwuzhicms-cve-2018-11528.ymlzabbix-cve-2019-17382.ymlzimbra-collaboration-server-cve-2013-7091-lfi.ymlzoneminder-cve-2016-10140-unauth-access.ymlapollo-default-password.ymlecology-oa-eoffice-officeserver-php-file-read.ymldptech-vpn-fileread.ymlezoffice-filupload-controller-getshell.ymlyachtcontrol-webapplication-cve-2019-17270.ymlatlassian-jira-cve-2019-3401.ymlemerge-e3-cve-2019-7254.ymlvbulletin-cve-2020-12720.ymlnetsweeper-webadmin-cve-2020-13167.ymlsearchblox-cve-2020-35580.ymlopensis-cve-2020-6637.ymlhd-network-real-time-monitoring-system-cve-2021-45043.ymlvisual-tools-dvr-vx16-cve-2021-42071.ymljsrog-artifactory-cve-2019-17444.ymlreolink-RLC-410W-CVE-2022-21236.ymltlr-2005ksh-cve-2021-45428.ymlzoho-manageengine-access-manager-plus-cve-2022-29081.ymlselea-ocr-anpr-arbitrary-get-file-read.ymleasyappointments-cve-2022-0482.ymlnetgear-ssl-vpn-20211222-cve-2022-29383.ymlhitachi-vantara-pentaho-business-analytics-cve-2021-34684.ymlmanageengine-opmanager-cve-2020-11946.ymlintelbras-wireless-cve-2021-3017.ymlsapido-router-unauthenticated-rce.ymlchina-telecom-zte-f460-rce.ymlchina-mobile-yu-router-information-disclosure.ymltlr-2855ks6-arbitrary-file-creation-cve-2021-46418.ymluniview-isc-rce.ymlfeiyuxing-route-wifi-password-leak.ymlchangjie-crm-sqli.ymlfhem-file-read-cve-2020-19360.ymlhikvision-ip-camera-backdoor.ymlkyocera-file-read.ymlniushop-cms-sqli.ymldlink-dap-1620-firmware-cve-2021-46381.ymlemby-mediaserver-cve-2020-26948.ymlzoho-manageengine-opmanager-cve-2020-12116.ymlzabbix-cve-2022-23134.ymltieline-ip-audio-gateway-cve-2021-35336.ymlselea-ocr-anpr-arbitrary-seleacamera-file-read.ymlmicroweber-cve-2022-0378.ymlatlassian-jira-cve-2022-0540.ymlsophosfirewall-bypass.ymlzoho-manageengine-desktop-central-cve-2021-44515.ymltenda-11n-ultra-vires.ymltenda-w15e-passsword-leak.ymlziguang-sqli-cnvd-2021-41638.ymlkemai-ras-ultra-vires.ymlcerebro-request-ssrf.ymlmotioneye-info-leak-cve-2022-25568.ymlyinda-get-file-read.ymljupyter-notebook-rce.ymle-message-unauth.ymlkkfileview-cve-2021-43734.ymldlink-dsl-28881a-ultra-vires.ymlkunshi-vos3000-fileread.ymlreolink-nvr-configuration-disclosure-cve-2021-40150.ymld-Link-dir-825-cve-2021-46442.ymlvite-cnvd-2022-44615.ymlgitblit-cve-2022-31268.ymlbigant-server-cve-2022-23347-lfi.ymlwordpress-page-builder-kingcomposer-cve-2022-0165-url-redirect.ymlhuayu-reporter-rce.ymld-link-dap-2020-cve-2021-27250.yml74cms-se-cve-2022-29720.yml74cms-se-cve-2022-33095.ymlpbootcms-rce-cve-2022-32417.ymle-office-v10-sqli.ymlyonyou-nc-file-upload.ymlxiaomi-cve-2019-18371.ymlyonyou-erp-u8-fil...

后台回复：1014

    如何获取封面？老粉都知道方法，新粉请看历史文章末尾

cobaltstrike_4.7内附一堆插件----你的主机已上线

burpsuite_pro_v2022.9.2破解版

cobaltstrike_4.6.1汉化内附一堆插件----你的主机已上线

再搞一个漏洞扫描工具，684个poc，支持mac，linux，win