被动式安全扫描器
2023-12-1 09:2:18 Author: HACK之道(查看原文) 阅读量:7 收藏

介绍

W13scan 是基于Python3的一款开源的Web漏洞发现工具,它支持主动扫描模式和被动扫描模式,能运行在Windows、Linux、Mac上。

丰富的检测插件

使用

usage: w13scan [options]
optional arguments: -h, --help show this help message and exit -v, --version Show program's version number and exit --debug Show programs's exception --level {1,2,3,4,5} different level use different payload: 0-5 (default 2)
Proxy: Passive Agent Mode Options
-s SERVER_ADDR, --server-addr SERVER_ADDR server addr format:(ip:port)
Target: options has to be provided to define the target(s)
-u URL, --url URL Target URL (e.g. "http://www.site.com/vuln.php?id=1") -f URL_FILE, --file URL_FILE Scan multiple targets given in a textual file
Request: Network request options
--proxy PROXY Use a proxy to connect to the target URL eg:[email protected]:8080 or [email protected]:1080 --timeout TIMEOUT Seconds to wait before timeout connection (default 30) --retry RETRY Time out retrials times.
Output: output
--html When selected, the output will be output to the output directory by default, or you can specify --json JSON The json file is generated by default in the output directory, you can change the path
Optimization: Optimization options
-t THREADS, --threads THREADS Max number of concurrent network requests (default 31) --disable DISABLE [DISABLE ...] Disable some plugins (e.g. --disable xss sqli_error webpack) --able ABLE [ABLE ...] Enable some moudle (e.g. --enable xss webpack)

安装

安装w13scan需要依赖Python3.6以上环境.
git clone https://github.com/w-digital-scanner/w13scan.gitcd w13scan # 进入git目录pip3 install -r requirements.txtcd W13SCAN # 进入源码目录python3 w13scan.py -h

工具下载及项目地址:

https://github.com/w-digital-scanner/w13scan


文章来源: http://mp.weixin.qq.com/s?__biz=MzIwMzIyMjYzNA==&mid=2247512130&idx=1&sn=917a873d97a55cc2c07abeca645a9658&chksm=96d04b47a1a7c25140bea64a902d2de8df4afe6aed4a28db6cbfd9e980e3d6701a4d73c54228&scene=0&xtrack=1#rd
如有侵权请联系:admin#unsafe.sh