被动式安全扫描器
2023-12-9 00:1:43 Author: 橘猫学安全(查看原文) 阅读量:11 收藏

介绍

W13scan 是基于Python3的一款开源的Web漏洞发现工具,它支持主动扫描模式和被动扫描模式,能运行在Windows、Linux、Mac上。

丰富的检测插件

使用

usage: w13scan [options]
optional arguments: -h, --help show this help message and exit -v, --version Show program's version number and exit --debug Show programs's exception --level {1,2,3,4,5} different level use different payload: 0-5 (default 2)
Proxy: Passive Agent Mode Options
-s SERVER_ADDR, --server-addr SERVER_ADDR server addr format:(ip:port)
Target: options has to be provided to define the target(s)
-u URL, --url URL Target URL (e.g. "http://www.site.com/vuln.php?id=1") -f URL_FILE, --file URL_FILE Scan multiple targets given in a textual file
Request: Network request options
--proxy PROXY Use a proxy to connect to the target URL eg:[email protected]:8080 or [email protected]:1080 --timeout TIMEOUT Seconds to wait before timeout connection (default 30) --retry RETRY Time out retrials times.
Output: output
--html When selected, the output will be output to the output directory by default, or you can specify --json JSON The json file is generated by default in the output directory, you can change the path
Optimization: Optimization options
-t THREADS, --threads THREADS Max number of concurrent network requests (default 31) --disable DISABLE [DISABLE ...] Disable some plugins (e.g. --disable xss sqli_error webpack) --able ABLE [ABLE ...] Enable some moudle (e.g. --enable xss webpack)

安装

安装w13scan需要依赖Python3.6以上环境.
git clone https://github.com/w-digital-scanner/w13scan.gitcd w13scan # 进入git目录pip3 install -r requirements.txtcd W13SCAN # 进入源码目录python3 w13scan.py -h

工具下载及项目地址:

https://github.com/w-digital-scanner/w13scan

如有侵权,请联系删除

推荐阅读

实战|记一次奇妙的文件上传getshell
「 超详细 | 分享 」手把手教你如何进行内网渗透
神兵利器 | siusiu-渗透工具管理套件
一款功能全面的XSS扫描器
实战 | 一次利用哥斯拉马绕过宝塔waf
BurpCrypto: 万能网站密码爆破测试工具
快速筛选真实IP并整理为C段 -- 棱眼
自动探测端口顺便爆破工具t14m4t
渗透工具|无状态子域名爆破工具(1秒扫160万个子域)
查看更多精彩内容,还请关注橘猫学安全
每日坚持学习与分享,觉得文章对你有帮助可在底部给点个“再看

文章来源: http://mp.weixin.qq.com/s?__biz=Mzg5OTY2NjUxMw==&mid=2247510803&idx=1&sn=c40925cec7d680a197866bd40a09aca1&chksm=c04d2c2df73aa53ba83def6a7dcdefee87ab6905b0a36194ad750e2748cb0129b27255613bbe&scene=0&xtrack=1#rd
如有侵权请联系:admin#unsafe.sh