saucer-man / Saucerframe
python3批量poc检测工具
Stars: ✭ 242
Programming Languages
python
139335 projects - #7 most used programming language
Projects that are alternatives of or similar to Saucerframe
browserrecon-php
Advanced Web Browser Fingerprinting
Stars: ✭ 29 (-88.02%)
Mutual labels: exploit, vulnerability-detection, vulnerability-scanners
SQL Injection Payload
SQL Injection Payload List
Stars: ✭ 62 (-74.38%)
Mutual labels: exploit, vulnerability-detection, vulnerability-scanners
Vulscan
Advanced vulnerability scanning with Nmap NSE
Stars: ✭ 2,305 (+852.48%)
Mutual labels: exploit, vulnerability-scanners, vulnerability-detection
Angularjs Csti Scanner
Automated client-side template injection (sandbox escape/bypass) detection for AngularJS.
Stars: ✭ 214 (-11.57%)
Mutual labels: exploit, vulnerability-scanners
Pentest Tools Framework
Pentest Tools Framework is a database of exploits, Scanners and tools for penetration testing. Pentest is a powerful framework includes a lot of tools for beginners. You can explore kernel vulnerabilities, network vulnerabilities
Stars: ✭ 48 (-80.17%)
Mutual labels: exploit, vulnerability-scanners
Openvas Scanner
Open Vulnerability Assessment Scanner - Scanner for Greenbone Vulnerability Management (GVM)
Stars: ✭ 1,056 (+336.36%)
Mutual labels: vulnerability-scanners, vulnerability-detection
Whour
Tool for information gathering, IPReverse, AdminFInder, DNS, WHOIS, SQLi Scanner with google.
Stars: ✭ 18 (-92.56%)
Mutual labels: vulnerability-scanners, vulnerability-detection
Vailyn
A phased, evasive Path Traversal + LFI scanning & exploitation tool in Python
Stars: ✭ 103 (-57.44%)
Mutual labels: vulnerability-scanners, vulnerability-detection
Vuls
Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices
Stars: ✭ 8,844 (+3554.55%)
Mutual labels: vulnerability-scanners, vulnerability-detection
Patrowldocs
PatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform
Stars: ✭ 105 (-56.61%)
Mutual labels: vulnerability-scanners, vulnerability-detection
Patrowlengines
PatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform
Stars: ✭ 162 (-33.06%)
Mutual labels: vulnerability-scanners, vulnerability-detection
Safety
Safety checks your installed dependencies for known security vulnerabilities
Stars: ✭ 982 (+305.79%)
Mutual labels: vulnerability-scanners, vulnerability-detection
V3n0m Scanner
Popular Pentesting scanner in Python3.6 for SQLi/XSS/LFI/RFI and other Vulns
Stars: ✭ 847 (+250%)
Mutual labels: exploit, vulnerability-scanners
Lynis
Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.
Stars: ✭ 9,137 (+3675.62%)
Mutual labels: vulnerability-scanners, vulnerability-detection
Trivy
Scanner for vulnerabilities in container images, file systems, and Git repositories, as well as for configuration issues
Stars: ✭ 9,673 (+3897.11%)
Mutual labels: vulnerability-scanners, vulnerability-detection
H4cker
This repository is primarily maintained by Omar Santos and includes thousands of resources related to ethical hacking / penetration testing, digital forensics and incident response (DFIR), vulnerability research, exploit development, reverse engineering, and more.
Stars: ✭ 10,451 (+4218.6%)
Mutual labels: exploit, vulnerability-scanners
Detexploit
OSS Vulnerability Scanner for Windows Platform
Stars: ✭ 146 (-39.67%)
Mutual labels: vulnerability-scanners, vulnerability-detection
Killshot
A Penetration Testing Framework, Information gathering tool & Website Vulnerability Scanner
Stars: ✭ 237 (-2.07%)
Mutual labels: exploit, vulnerability-detection
Vfeed
The Correlated CVE Vulnerability And Threat Intelligence Database API
Stars: ✭ 826 (+241.32%)
Mutual labels: vulnerability-scanners, vulnerability-detection
Xattacker
X Attacker Tool ☣ Website Vulnerability Scanner & Auto Exploiter
Stars: ✭ 897 (+270.66%)
Mutual labels: exploit, vulnerability-detection
Saucerframe
saucerframe是一个基于python3的开源批量POC检测框架,默认使用协程异步请求,支持多线程并发,支持多种指定目标方式,可用于批量POC检测,也可根据需要扩展功能。欢迎star和pr
本项目用来交流学习,切勿用来做违法之事
特点
- 支持多线程并发/协程
- 指定目标支持多种方式
- 支持全局代理(socks5|socks4|http)
更新历史
点击查看/关闭
- 2020-10-14 支持一次运行全部poc脚本-
2019-11-25 重写进度条。
-
2019-08-10 增加输出等级,增加模块加载方式,支持同时指定多个poc和多种target加载方式。
-
2019-07-25 封装requests模块,新增全局代理选项,默认随机UA,重写censys api模块。
-
2019-07-14 增加进度条;去除并发数的限制;去除google api;优化了一些模块。
-
2019-05-09 增加logging模块,支持输出等级;增加censys api调用;IPY替换为内置库ipaddress、imp更新为importlib模块;规范大部分函数、变量命名;修改了程序逻辑。
-
2019-05-08 增加plugin目录,逐步添加plugin,方便poc调用。目前已添加随机user-agent
-
2019-04-18 更改默认并发方式为协程,自动根据扫描数量确定异步请求数量,优化了部分代码逻辑,速度提升
-
2019-02-26 增加协程模式,利用gevent模块实现异步请求。
-
2018-12-15 将第三方库colorama、IPy放进thirdlib中直接引用,减少依赖包的安装。
-
2018-12-10 测试框架编写完成
使用
安装方法:
git clone https://github.com/saucer-man/saucerframe.git
cd saucerframe
pip install -r requirement.txt
使用方法:
python3 saucerframe.py -h
python3 saucerframe.py --show
python3 saucerframe.py -s script-name -iU target-url
具体的参数说明:
# 1. 指定poc脚本(必需,支持同时指定多个poc)
-s all 指定全部脚本
-s redis_unauth,mongodb_unauth 指定单个/多个脚本
# 2. 指定目标(必需)
-iU www.xxx.com 单个目标
-iF target.txt 从文本中加载
-iR 192.168.1.1-192.168.2.100 根据ip地址范围加载
-iN 192.168.1.0/24 根据网段加载
-aZ "redis" ZoomEye api加载
-aS "redis" Shodan api加载
-aC "redis" Censys api加载
-aF "redis" Fofa api加载
# 3. 其他(可选)
-h 查看帮助信息
-t 300 并发数(默认100)
--proxy socks5://127.0.0.1:1080 使用sock5代理
-o result.txt 指定输出文件
-v 4 指定终端输出详细级别(1-5, 默认为2)
--show 查看所有poc
-eT 并发采用多线程方式
-eG 并发采用协程方式(默认)
POC编写
介绍已移至wiki
感谢
Note that the project description data, including the texts, logos, images, and/or trademarks,
for each open source project belongs to its rightful owner.
If you wish to add or remove any projects, please contact us at [email protected].