zongdeiqianxing / Hscan
集成crawlergo、xray、dirsearch、nmap等工具的src漏洞挖掘工具,使用docker封装运行;使用oneforall自动遍历子域名并扫描;
Stars: ✭ 63
Programming Languages
python
139335 projects - #7 most used programming language
Projects that are alternatives of or similar to Hscan
A Red Teamer Diaries
RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.
Stars: ✭ 382 (+506.35%)
Mutual labels: nmap
Seccubus
Easy automated vulnerability scanning, reporting and analysis
Stars: ✭ 615 (+876.19%)
Mutual labels: nmap
Dracnmap
Dracnmap is an open source program which is using to exploit the network and gathering information with nmap help. Nmap command comes with lots of options that can make the utility more robust and difficult to follow for new users. Hence Dracnmap is designed to perform fast scaning with the utilizing script engine of nmap and nmap can perform various automatic scanning techniques with the advanced commands.
Stars: ✭ 861 (+1266.67%)
Mutual labels: nmap
Nmap
Nmap - the Network Mapper. Github mirror of official SVN repository.
Stars: ✭ 5,792 (+9093.65%)
Mutual labels: nmap
System Security Testing
🐧🔥System security testing tools(compatible with Debian/Centos/Ubuntu/Kali/Mint,use the nmap and hydra security testing tools)
Stars: ✭ 49 (-22.22%)
Mutual labels: nmap
Hellraiser
Vulnerability scanner using Nmap for scanning and correlating found CPEs with CVEs.
Stars: ✭ 413 (+555.56%)
Mutual labels: nmap
Gorsair
Gorsair hacks its way into remote docker containers that expose their APIs
Stars: ✭ 678 (+976.19%)
Mutual labels: nmap
Envizon
network visualization & vulnerability management/reporting
Stars: ✭ 382 (+506.35%)
Mutual labels: nmap
Nmap Bootstrap Xsl
A Nmap XSL implementation with Bootstrap.
Stars: ✭ 665 (+955.56%)
Mutual labels: nmap
本项目已停止维护,https://github.com/zongdeiqianxing/Autoscanner 转而维护这个项目;
tools下有几个工具,所以项目文件比较大,如果下载总是中断的话建议拆开下载各个项目然后直接拷贝dockefile和recon.py即可
0x01 hscan介绍
hscan是什么
hscan是一款旨在使用一条命令替代渗透前的多条扫描命令,通过集成crawlergo扫描和xray扫描、dirsearch、nmap、jsfinder、nikto等工具,并使用-u \ -f \ -d 等参数进行扫描目标方式的管理,最后利用docker安装完相关依赖进行封装,形成一款docker参数化扫描的工具。
使用-d参数时输入域名,脚本自动使用oneforall遍历子域名并传入扫描
hscan做了哪些
- 使用docker封装,使用参数运行
- 使用crawlergo爬取网接,传给xray扫描
- 使用dirsearch遍历目录及文件,传给xray扫描
- 集成jsfinder、nmap、nikto等工具,可拓展
- 增加xray扫描结束判断,避免实测中流量多大引起xray漏洞报告数量严重缺失
- 增加-u url扫描/ -f 文件/ -d 域名的扫描入口方式
- 集成crawlergo所需的浏览器 / chrome
- 集成所有脚本所需的依赖包
- 根据域名及扫描时间命名xray扫描报告
- ...
本来意欲所有工具多线程并发走,但是后来发现多线程流量大了xray扫描出的漏洞结果严重缺失,所以又控制了扫描频度
hscan流程图
0x02 hscan使用
1 拉取代码并build镜像
git clone https://github.com/zongdeiqianxing/hscan.git
docker build -t hscan .
2 在目录下执行命令,或直接执行docker_run.sh
docker run -ti --rm -v `pwd`/:/root/ hscan:latest -u testphp.vulnweb.com
其中:
Usage:
python3 recon.py -u url
python3 recon.py -f filename #-f参数使用时,为每行正则匹配域名,已测试的可适配OneforAll、subDoaminBrute的outut文件;手写域名进入也可;
python3 recon.py -d domain #-d参数使用时,输入主域名,自动使用OneForAll工具查找所有子域名,后自动使用Scan模块扫描。
3 扫描完毕后后即可在目录下看到html文件和url文件,其中html文件为xray扫描输出,url文件为其他工具的扫描输出
Note that the project description data, including the texts, logos, images, and/or trademarks,
for each open source project belongs to its rightful owner.
If you wish to add or remove any projects, please contact us at [email protected].