- 交互式界面
- 判断资产是否存活
- 扫描资产所开放的端口
- 识别资产服务指纹
- 识别蜜罐
- 识别设备
- 识别目标服务所存在的漏洞(OWASP Top 10)
- 大量IP批量扫描(为此而生)
- 资产指纹来源nmap,解析使用 https://github.com/boy-hack/nmap-parser
其中协议遵循的标准如下
| 序号 | 名称 | 备注 |
|---|---|---|
| 1 | ssh | RFC 4251 |
| 2 | http | RFC 4251 |
| 3 | https | RFC 4251 |
| 4 | rtsp | RFC 4251 |
| 5 | ftp | RFC 4251 |
| 6 | telnet | RFC 4251 |
- 使用SYN扫描,实测22000条IP地址扫描完成时间45min甚至更长,完成率65.12%
"165.22.22.24": {
"services": [
{
"port": 443,
"protocol": "http",
"service_app": [
"wordpress/4.9.18",
"apache/2.4.41",
"ubuntu/N",
null
]
},
{
"port": 80,
"protocol": "http",
"service_app": [
"wordpress/4.9.18",
"apache/2.4.41",
"ubuntu/N",
null
]
},
{
"port": 22,
"protocol": "ssh",
"service_app": [
"openssh/8.2"
]
}
],
"deviceinfo": null,
"honeypot": null
},
"165.22.22.76": {
"services": [
{
"port": 80,
"protocol": "http",
"service_app": [
"nginx/1.10.3"
]
}
],
"deviceinfo": null,
"honeypot": null
},
"165.22.22.81": {
"services": [
{
"port": 443,
"protocol": "http",
"service_app": [
"apache"
]
},
{
"port": 22,
"protocol": "ssh",
"service_app": [
"openssh/8.2"
]
},
{
"port": 80,
"protocol": "http",
"service_app": [
"apache"
]
}
],
"deviceinfo": null,
"honeypot": null
},