Scan4all Versions Save

Official repository vuls Scan: 15000+PoCs; 23 kinds of application password crack; 7000+Web fingerprints; 146 protocols and 90000+ rules Port scanning; Fuzz, HW, awesome BugBounty( ͡° ͜ʖ ͡°)...

2.9.1

4 months ago

Changelog

fff03b51 fixed can not run nuclei 2023-12-21
ccfac880 fixed #125 #148 #151 #153 #159 2023-12-21

2.9.0

4 months ago

Changelog

94077cbb rm nuclei-templates 2023-12-21
3afe27e8 性能优化 2.9.0
f618cd42 up build xml 2023-12-21
be8422ef fixed #165 and fuzz bug 2023-12-21
096ef3d3 性能优化 2.9.0
a5e1efa3 change readme 2023-12-11
478a382d change package to GhostTroops 2023-12-11
2cc363a4 thanks Donate：@b1win0y @BL4CKR4Y 2023-12-11
f6513f8f optimization 2023-11-27

2.8.9

5 months ago

Changelog

9a9e2d5b 性能优化 2.8.9

2.8.8

5 months ago

Changelog

7f12abaa up 2023-11-22
b71167d6 FileFuzz default false 2023-11-22

2.8.7

6 months ago

Changelog

4a569aaa fixed dir for windows 2023-10-31
57a92842 fixed config/51pwn/yaml/Fortinet FortiOS/ for windows can not build bug 2023-10-31

2.8.6

6 months ago

Changelog

e6c3d2bb x 2023-10-30
6418f65a up 2023-10-30
7471d506 fixed 2023-10-30
523bb61e up 2023-10-30
6d81101c fix build.xml 2023-10-30
40d6c242 up build*.xml 2023-10-30
a7b02fce add Free one id Multi-target web netcat for reverse shell 2023-10-30
4f105fc7 up 2023-10-28
4ad682b8 up 2023-10-28
b221610b up dict 2023-10-21
448b0d37 up 2023-10-14
2fce8712 fixed webscan 2023-10-11
4321354f 2023-10-01 Optimize support for nuclei@latest 2023-10-08
dea0e92e add /server-info.action 2023-10-06
372ed9e4 up goby_pocs 2023-09-30
54f642ac Update README.md
cc544309 up go to 1.20.7;up nuclei to latest 2023-09-17
437cce21 add more nuclei yaml pocs 2023-09-16
2a7faf78 fixed md miss thanks 2023-09-04
c04fd8ec fixed md 2023-09-04
b57cfa13 fixed xx
9e07d125 1 close EnableSubfinder;2 fixed naabu repeat bug 2023-09-04
3111056a 1 close EnableSubfinder;2 fixed naabu repeat bug 2023-09-04
930b67f0 up 2023-09-01
f14472ef 持续演进 2023-09-01
aeef00ae 恢复前版本 2023-08-31
d5b98061 x 2023-08-30
fcc67500 add config/51pwn/nsqd.yaml 2023-04-25
012c3754 x 2023-03-30
bf090a27 up 2023-03-30
eca52146 up 2023-03-30
108ccc35 fixed 去除空的default解决性能问题 2023-03-26
45ad8731 x 2023-03-26
2cccf37f add TPALL 2023-03-02
87488d0c add config/51pwn/CVE-2023-25194.yaml 2023-02-23
eab78ada add config/51pwn/CVE-2023-25194.yaml 2023-02-23
90699fb4 x 2023-02-23
ae21f31a x 2023-02-09
c515d088 up 2023-02-08
c71acab7 add pocs_go/ruby/chkRuby 2023-01-15
c0ce0661 添加poc 小工具tools/cve/main.go 2023-01-13
05207522 up 2023-01-06
b9681ee0 更新[email protected]，修正vendor/github.com/tj/go-update/update.go:65:17 2023-01-01
4db39c4c up 2023-01-01
019c68b8 up 2022-12-14
a30fc495 up 2022-12-10
59f22981 add ymlFiles 2022-12-07
6f233ec0 add 2022-12-07
edaba7de 加若干厂商名 2022-12-07
6201d238 add src_url_name_all.txt 增加若干公司名称 2022-12-07
6fad2d6e up 2022-12-07
f6adbbdc add weed yaml 2022-12-06
c0ba4211 add etcd.yaml 2022-12-05
1a5d2663 x 2022-12-04
178824bf x 2022-12-04
e6e84794 设置CGO_ENABLED=0 ，避免出现 /lib/x86_64-linux-gnu/libc.so.6: version GLIBC_2.34 not found (required by 2022-12-04
85fc9a72 设置CGO_ENABLED=0 ，避免出现 /lib/x86_64-linux-gnu/libc.so.6: version GLIBC_2.34 not found (required by 2022-12-04
e1a89f93 up 2022-11-27
41385f35 add grpc 2022-11-26
5890c919 u 2022-11-18
3a38667d up 2022-11-18
83f0d8c5 合并命令的集成
b71be626 up 2022-11-15
f80c7a6f x 2022-11-11
8a651a19 add CVE-2022-26911.yaml 2022-11-10
1d71a98f x 2022-11-03
8694ce9d add 51pwn 2022-11-03
ae29aa69 up 2022-10-30
b440a818 fix jaeles db not init 2022-10-30
f1a442da integrated jaeles，add new web PoCs 370，By default, nuclei is turned on and jaeles scanning is turned on
08012442 性能优化 2.8.5
0a1ec0ab fix logs 2022-10-15
e826d1c7 fix nmap到下一流程未使用域名的bug 2022-10-15
ab54d02c fix pipeline 2022-10-15
2dd30f50 up 2022-10-14
6a57b045 add log4j小工具 2022-10-14
a254deec Spring Framework RCE via Data Binding on JDK 9+ (CVE-2022-22965) 2022-10-13
bd2a0c0a 优化 2022-10-13
f9a83286 性能优化 2.8.4
e32d6fac 1、fuzz、及所有请求输出限制为800k，避免被反制、进行内存攻击导致程序崩溃 2、修复naabu、nmap扫描后使用ip继续走后续流程，导致无法正确访问目标的bug，https通常是限定只能域名访问的 3、file fuzz针对 aac、abw、arc、avif、avi、azw、bin、bmp、bz、bz2、cda、csh、css、csv、doc、docx、eot、epub、gz、gif、ico、ics、jar、jpeg、jpg、js、json、jsonld、mid、midi、mjs、mp3、mp4、mpeg、mpkg、odp、ods、odt、oga、ogv、ogx、opus、otf、png、pdf、php、ppt、pptx、rar、rtf、sh、svg、tar、tif、tiff、ts、ttf、txt、vsd、wav、weba、webm、webp、woff、woff2、xhtml、xls、xlsx、xml、xul、zip、3gp、3g2、7z 的Content-Type: 进行类型识别，跳过无用的fuzz,例如请求的是jpg，返回200的html 2022-10-12
2f5289ee 3、file fuzz针对 aac、abw、arc... 的Content-Type: 进行类型识别，跳过无用的fuzz 2022-10-11
efbefc67 add dnsx;1、fuzz、及所有请求输出限制为800k，避免被反制、进行内存攻击导致程序崩溃 2、修复naabu、nmap扫描后使用ip继续走后续流程，导致无法正确访问目标的bug，https通常是限定只能域名访问的 2022-10-11
181848ad fix submodules 2022-10-11
3e092921 性能优化 2.8.4
a427a4ca fixed panic: sync: WaitGroup is reused before previous Wait has returned 2022-10-11
5bdfad9c x 2022-10-11
43e6a291 up nuclei to 2.7.8 2022-10-10
3c5f01ed x 2022-10-10
138aa6fe add VMware/vCenter/CVE-2022-22954 VMware/vCenter/CVE_2022_22972 gitlab/CVE-2022-2185 go_poc_check jenkins/CVE_2016_0792 jenkins/CVE_2016_0792_test ms/CVE-2021-26855_2 ms/CVE_2021_26855 ms/exchange/chkproxyshell ms/exchange/confirmtoken ms/exchange/proxyln ms/exchange/proxyln_test ms/exchange/proxytoken oracle/weblogic/CNVD-C-2019-48814 shiro/CVE_2016_4437 2022-10-10
86f0a3c5 Pro add CVE-2022-35914 2022-10-08
a5e38d63 add CVE-2022-35914 ;change nuclei dir to config 2022-10-08
4e4dec01 nuclei将不再更新；调整包名为ProScan4all 2022-10-08
d727ddda fixed 无法结束的bug 2022-10-08
1cff773f fix close server hub 2022-10-08
63bde91d fix enable nuclei fuzz 2022-10-08
23f1753c 更新、调整 2022-10-07
09a92615 up 2022-10-07
530744d9 fix eable少了e的bug，增加了filefuzz时bywaf的功能 2022-10-07
16e8b297 - 2022-10-03 优化了fuzz，http2.0下测试18秒可以完成6万的扫描，同时合并、去除冗余的结果 - 2022-10-03 优化：所有的web扫描前，均做有效检测，避免无效扫描，提升了效率 2022-10-07
00ada232 x 2022-10-06
aaf4b50a x 2022-10-06
7740374a up 2022-10-06
7b4a398d add vCenter/CVE_2021_21985.go vCenter/c_21972.go vCenter/c_21985.go vCenter/c_22005.go 2022-10-06
03852552 fix PipelineHttp 2022-10-05
d91f8054 fix action use private mod 2022-10-05
8e7a29f2 fix action 2022-10-05
a4d6d4ca add 2022-10-05
a7b7c0a9 x 2022-10-05
f9cfe06a fix action upx 2022-10-05
c785c92a fix action upx 2022-10-05
8d78d24f fix 2022-10-05
44a3376a fix someMapMutex.Unlock() vendor/github.com/projectdiscovery/nuclei/v2/pkg/protocols/http/request.go 2022-10-05
bdd33d18 fix action 2022-10-05
788be64f fix action 2022-10-05
19a62d71 upx 2022-10-05
c902867e up 2022-10-05
0c8be1b9 延时关闭nucleiRunner，确保结果都发送到服务器 2022-10-05
d42caacb 重构被动模式，同时修正nuclei多实例bug 2022-10-05
3f88829a 一个正确可编译的版本 2022-10-04
83ecf173 一个正确可编译的版本 2022-10-04
bee81558 up vendor 2022-10-03
b8fe42d3 1、重构了webscan 2、优化filefuzz，重用http1.1 keep-alive 3、优化，优先使用http2.0，提高效率 4、增加veo师傅的poc 2022-10-03
ea6c8bce up vendor 2022-10-02
140ff6ba up brute/dicts/filedic.txt 2022-10-01
e568832b add submodule update 2022-10-01
7dd5baa4 up autoUpSubmodule 2022-10-01
f9dda2e5 add autoUpSubmodule 2022-10-01
ca23b3fd config/nuclei-templates 2022-10-01
1894757f up PoCs,add new Payload 2022-09-29
dc5aebf6 up PoCs 2022-09-29
06bd3791 add mychromedp 封装基于浏览器的爬虫，支持多tab，禁止图片、css加载 2022-09-29
b53d2582 add vendor/github.com/emersion 2022-09-28
ec1afe4d fix pop3 not import message 2022-09-28
c9316e1c 优化密码破解的控制流程 2022-09-27
1f9429a8 1、优化 pop3、pop3s 密码破解算法，每个目标相同端口，多个密码破解复用一次网络链接，提高破解效率; 2、支持pop3s 995port破解 2022-09-27
dace9dd5 fix nmap 2022-09-25
0f544e3d fix masscan 2022-09-25
95d6cab9 fix masscan 2022-09-25
daaaf3b0 1、Up PoCs 2、Refactor the engine model 3、add async do cmd 4、Optimize masscan code 2022-09-24
b7ee32c1 up PoCs 2022-09-23
4fb555aa linux arm 2022-09-22
0d490266 up PoCs 2022-09-22
95edef3e Merge pull request #114 from jusk9527/main
10b51e27 add goby poc
a1011fe1 性能优化 2.8.1
4d696ccf fix go.mod auto clear bug
3939b9a4 Delete readme-update.yml
32ac7b8d 性能优化 2.8.1
829e9ace fix jarm-go can not build bug 2022-09-18
6c8cf29c 性能优化 2.8.1
365c8394 fix
7e596742 up scripts 2022-09-18
6a668855 up scripts 2022-09-18
ea4fcc39 up scripts 2022-09-18
a18c0de8 Up PoCs 2022-09-18
b76185a5 性能优化 2.8.1
254a3394 Optimize filefuzz to improve running speed 2022-09-18
f254ee2a Optimize filefuzz 2022-09-18
ae868fd0 upgrade all dependencies 2022-09-17
b3452bc9 fixed bug:Configs.ConfigJsonMap.Exploit.Logs is "" #111 By @hktalent 2022-09-17
569b0b96 Up PoCs 2022-09-17
57493a28 up PoCs 2022-09-16
42442db0 up 2022-09-13
a2e5c0a6 fix szUrl to url 2022-09-12
f4a6d284 up PoCs 2022-09-12
6700b958 优化 catch_http 2022-09-11
7577b33e up PoCs 2022-09-09
5e405f66 fix 指纹识别的问题 #107 2022-09-08
d76d87ca up PoCs 2022-09-07
ebcd4326 up PoCs 2022-09-06
6b774cdd up PoCs 2022-09-06
0b744580 fix After the update, the version has not changed. #104 2022-09-03
1ad7c1fc up PoCs, nuclei to 2.7.7 2022-09-02
fc31b519 up PoCs, nuclei to 2.7.7 2022-09-02
f8382bb9 up lib/goby 2022-09-02
bd73133d Up PoCs 2022-09-01
900dfe66 up localFinger.json 2022-09-01
c22c67c6 up PoCs 2022-09-01
786ac93e add dockerhub-push.yml 2022-09-01
782e6f16 性能优化 2.7.8
95f9c3bf 性能优化 2.7.9
f7c1fd58 up build for arm 2022-08-31
2a09b64d up build for arm 2022-08-31
eb9b54f3 up build for arm 2022-08-31
f57e7830 up PoCs 2022-08-31
abdcffd4 fix fingerprint; up PoCs 2022-08-30
963841d2 up PoCs 2022-08-29
7ab1d0c9 up PoCs 2022-08-27
820068f9 up PoCs 2022-08-25
2ee07374 fix PoCs 2022-08-23
93dbf285 add 3 PoCs 2022-08-23
22b17f0c up wechat qrcode 2022-08-23
c9ac3648 up go to 1.19 2022-08-23
ed1cc674 Optimize automated compilation scripts 2022-08-23
dcc63289 Optimize automated compilation scripts 2022-08-23
dde58396 Optimize automated compilation scripts
6bb0ca8a up 2022-08-23
cfd11006 up PoCs 2022-08-22
699d68a6 add chumeng123.jar.src.zip 2022-08-19
561b7dee fixed invalid char '–' #93 2022-08-18
4fc3262c 集成 @xiaotu0821 chumeng 师傅的json版本POC for Web-Scan 2022-08-18
5e9d93cd fix db 2022-08-18
bbab7097 fixed Unable to update, update error reported. #92 2022-08-18
15ee6f66 fix
051cace3 up md
1bbe02a7 up md
07300c58 up md
d4f6bd52 add PoCs:CVE-2022-27925、aolynk-br304-default-passwordl、xerox7-default-password、zabbix-default-password 2022-08-18
1fa9b366 add file2hex 文件转换为hex 辅助yaml编写
725e50bb up nuclei to latest 2022-08-17
ac652525 up PoCs 2022-08-17
093aadbd up PoCs 2022-08-16
eef7fbc3 up PoCs 2022-08-16
78283206 up PoCs 2022-08-14
064a3701 up PoCs 2022-08-10
32364637 up md 2022-08-09
52ead5d5 1、up PoCs 2、add supply chain 2022-08-09
34c47842 up PoCs 2022-08-07
53705ce8 add svn and irc crack 2022-08-07
d885db2e add vnc password crack 2022-08-06
b0626ea8 fixed #79 2022-08-06
0d699cf6 性能优化 2.7.4
e88868eb 1、change priorityNmap to false 2、add socks5 password crack 3、add update scan4all args 4、up PoCs 2022-08-06
bd4978d1 up workflow.jpg 2022-08-06
1cbd7b6d fixed Off-by-one error detected #82 2022-08-06
9f6a53cd up PoCs 2022-08-06
c8c7488c change priorityNmap to default false 2022-08-06
cca5f91d up PoCs 2022-08-05
e0794d27 up PoCs 2022-08-05
4e1b51f2 add data dir 2022-08-05
bef02bc7 rm wcvs 2022-08-05
360864f8 完善es脚步 2022-08-04
b1fd10b9 完善es脚步 2022-08-04
b4186fdb 完善es脚步 2022-08-04
e475c1ed 1、close nuclei fuzz PoCs 2、add enableMultNuclei controls new features 2022-08-04
96b0601c 1、up PoCs 2、fixed filefuzz TestIs404 bug 3、fixed nuclei hang bug 2022-08-04
fd66eaee up md 2022-08-03
1a0d36f8 up md 2022-08-03
b99e7a2b Merge pull request #73 from hktalent/dev
6ea0a841 fixed xrayPocs功能存在问题 #72 2022-08-03
4e87d510 fixed #71 2022-08-03
f6da120f Merge pull request #69 from hktalent/main
53ce72b6 Merge pull request #68 from hktalent/dev
92be0f01 Merge pull request #67 from hktalent/main
7ef04499 up md 2022-08-03
e8f16c31 Merge pull request #66 from hktalent/dev
cb23c494 add sysinfo 2022-08-03
c1d8e2c2 Update README_CN.md
fcb06f6f Merge pull request #65 from hktalent/dev
a84d7f28 up PoCs;优化nuclei 参数控制 2022-08-02
9fb297b3 add pop3 2022-08-02
d7221c6d Merge pull request #63 from hktalent/dev
8e974301 up PoCs 2022-08-02
4f0cc276 up md 2022-08-02
694fd318 add pop3 2022-08-01
3b6c1e12 Merge pull request #59 from hktalent/dev
82dbb9b1 fixed #57 2022-08-01
0c07415a fixed #56 2022-08-01
06c1e231 Merge pull request #55 from hktalent/dev
3ab30a01 fixed #52 2022-08-01
fcd14a3c nuclei多实例并行伤透了我的心
1f9042ec Merge pull request #54 from hktalent/dev
685fa1c1 up md 2022-08-01
f5477b26 up md 2022-08-01
acad9feb 优化filefuzz 2022-08-01
1e359061 up PoCs 2022-08-01
c5e4c216 fixed #51 2022-08-01
0bac84ce up 2022-08-01
23991736 up 2022-08-01
4a48e512 up 2022-08-01
14d6a834 优化db 2022-07-31
6b0a18ff up 2022-07-31
3f3bcf5f up md 2022-07-31
98516dfc up md 2022-07-31
1fd8bd3b up md 2022-07-31
15cf7c15 up md 2022-07-31
9f18e901 up PoCs 2022-07-31
50ae2c5d up
41f7d1f8 性能优化 2.6.9
f5298936 Speed up and optimize 2022-07-31
ee945392 Close the nuclei progress bar when there are multiple instances 2022-07-31
1ed39c7a 优化内存回收 2022-07-31
414af4ca Optimize, differentiate between different protocols, multi-instance, parallel execution of nuclei 2022-07-31
3d2e40f2 hydra performance optimization 2022-07-30
d1513c0c up md 2022-07-30
b7c1c6d0 1、fixed filefuzz The bug that the object is nil when the network is abnormal 2、fixed #44 3、Memory overhead optimization 2022-07-30
4735540f add goanywhere-mft-log4j-rce PoC 2022-07-30
87080fbc fixed #44 优化init执行顺序 2022-07-30
168689b0 up PoCs 2022-07-30
1d2d403b fixed 调整初始化顺序 #33 2022-07-30
2feb133f add Support via parameter Cookie='PHPSession=xxxx' ./scan4all -host xxxx.com, compatible with nuclei, httpx, go-poc, x-ray POC, filefuzz, http Smuggling 2022-07-30
655935e8 up md 2022-07-30
8058091f 1、优化代码，统一结果输出，便于维护 2022-07-30
30715252 add support HTTP Request Smuggling: CL-TE、TE-CL、TE-TE 2022-07-30
b6122f03 1、up nuclei-templates 2、up http Smuggling 2022-07-30
5159dc34 add bypass-firewalls-by-DNS-history.sh 2022-07-29
4efce5c2 up md 2022-07-29
562cff3d up goby_pocs and nuclei_templates 2022-07-29
a384f581 fix 2022-07-29
785fe86f goby and goby_PoCs 2022-07-28
b9703497 1、调整main 2、重新fix nuclei #2301 之bug，否则nuclei会爆内存错误、异常退出；期待官方尽快merge我的PR 2022-07-28
741d3611 1、调整main 2、重新fix nuclei #2301 之bug，否则nuclei会爆内存错误、异常退出；期待官方尽快merge我的PR 2022-07-28
84d81740 1、调整main 2、重新fix nuclei #2301 之bug，否则nuclei会爆内存错误、异常退出；期待官方尽快merge我的PR 2022-07-28
b5028430 up md 2022-07-28
8b2ed1db 1、Add CVE-2022-1388 2、支持直接使用 nmap xml结果进行扫描 ./scan4all -l b40961095a2e28d6a9d8aaf4c430faba7ab56110.xml -v #41 2022-07-28
e0fd28a7 fix Confluence_CVE-2022-26134.yaml误报 2022-07-28
f3b1553b up PoCs 2022-07-28
7b6e69d4 up PoCs 2022-07-27
004ebe1f fixed CVE-2022-30525误报 By @hktalent 2022-07-27
be010c88 fixed: can not read /Users/51pwn/.config/nuclei/.nuclei-ignore By @hktalent 2022-07-27
36ab1f52 fixed: can not read /Users/51pwn/.config/nuclei/.nuclei-ignore By @hktalent 2022-07-27
8822b178 up md 2022-07-27
0bc323d3 up nuclei-templates 2022-07-27
48f9926c 为分布式pro版本提供扩展接口 2022-07-26
2c3f6f08 放开包的可见性，将在另外一个项目中中更高层次分布式集成 2022-07-26
329ed5cd up nuclei-templates 2022-07-26
e47cab6b up 2022-07-26
822fd5ca 性能优化 2.6.4
96930026 1、up PoCs 2、 update nuclei to v2.7.5 2022-07-25
89f08dd5 Refactor the package structure 2022-07-24
0083ff8c changed weblogic-bea_wls_internal-detect.yaml by @hktalent
f1285112 Fixed -np Skip pocs_go check fix by @hktalent in #38 Added Check Smuggling TE_CL by @hktalent Added CVE-2022-1386 jira-servicedesk-signup check poc 2022-07-24
948fabfb up md 2022-07-22
91b673ea up 2022-07-22
f1bcdde0 up md 2022-07-22
5fc01c84 fix ThinkPhp_Collection_14_PoCs 误报 2022-07-22
314c9010 up md, docker ubuntu install: apt update;apt install -yy libpcap0.8-dev 2022-07-22
fac5b4c3 up md 2022-07-22
b10749d3 up test 2022-07-22
0ad497ba 性能优化 2.6.2
13e20caa fix #28 2022-07-22
2fbc9324 fix #28 2022-07-22
e736f147 up md 2022-07-22
598493e4 up nuclei-templates 2022-07-22
99ac88b3 up nuclei-templates 2022-07-22
1e53a7af up md 2022-07-22
11f90744 add 'noScan=true ./scan4all -l list.txt -v -debug' for #26 2022-07-22
844e5cc4 add 'noScan=true ./scan4all -l list.txt -v -debug' for #26 2022-07-21
48fce2ab up nuclei-temlates and xry 2022-07-21
7655e5d0 up xray 2.0 2022-07-21
9a97a740 fix mongod 指纹名称和代码定义不一致的bug 2022-07-21
f92dcfb5 fix mongod 指纹名称和代码定义不一致的bug 2022-07-21
5f4bb2a8 fix #21 2022-07-21
45e1b297 add CVE-2022-30525 CVE-2022-33891 CVE-2021-24284 2022-07-21
b815bc60 fix HoneyportDetection 2022-07-21
bb20ba90 fix CheckIsErrPageAI bug;add support windows nmap 2022-07-21
5c9ae23f 整理包结构；添加 uncover 2022-07-21
b9aa2a10 add 联动python3 log4j-scan，结合tmux后台运行，结果并自动发送到配置到es中 2022-07-20
23774e9d 1、添加蜜罐检测，并自动跳过目标，默认false跳过蜜罐检测 2、修复nuclei多实例并发导致多内存问题，改天PR给官方 2022-07-20
d97248d3 up md 2022-07-20
154976ad up md 2022-07-20
67215389 add web cache vulnerability scanner 2022-07-19
ee5af2bd add spider 2022-07-19 20:27:1658233675
ccb4f9fa 性能优化 2.5.8
0a067f77 up nuclei-templates 2022-07-19 18:10:1658225444
6994ff4b add CVE_2021_26855 exp 2022-07-19 18:06:1658225182
3d3638c6 add winbox、CVE-2018-14847、CVE-2021-26855检测 2022-07-19 14:44:1658213052
755d3ac5 1、添加Microsoft Exchange Server指纹检测；2、增加Microsoft Exchange Server CVE-2021-26855检测 2022-07-19 14:01:1658210476
1886b729 add ms17-010检测 2022-07-19 13:20:1658208042
01ce3382 优化线程总控 2022-07-19 12:30:1658205032
e0cb0257 优化线程总控 2022-07-19 11:45:1658202310
b0c5924c 添加 winrm密码爆破 2022-07-19 11:30:1658201411
8b0b8802 fix 弱密码检测init方法在config加载前执行的bug 2022-07-19 09:13:1658193181
97623c4b up md and nuclei-templates 2022-07-19 08:45:1658191541
f19bbd22 up md and nuclei-templates 2022-07-19 08:30:1658190656
cf41edd7 up md 2022-07-19 08:22:1658190145
03bd42e2 添加routerOS 8728端口密码破解 2022-07-18 23:06:1658156770
f8438329 添加routerOS 8728端口密码破解 2022-07-18 23:02:1658156568
db357cf1 性能优化 2.5.7
3929f3b1 nuclei优化只处理critical,high,medium检测，便于提高效率 2022-07-18 22:23:1658154191
ec0b9365 1、添加整合了ThinkPhp 14个PoC 2、update nuclei to 2.7.4 2022-07-18 17:23:1658136185
52bb453d add test多实例nuclei代码 2022-07-18 15:13:1658128389
a25cba3a fix 优化多线程控制，优化内存开销，更加稳定 2022-07-17 22:33:1658068432
fc00a72d fix [error] unsupported data type: &[] 2022-07-17 16:50:1658047843
66b81e14 fix 减少外部go异步 2022-07-17 16:47:1658047665
4fff1b01 up go.sum 2022-07-17 16:39:1658047198
43650f7e up md 2022-07-17 16:32:1658046740
7507b722 1、实现了第一版本基于sqlite + 相似度计算、存储异常、404等页面信息，作为永久识别使用 2、优化pocs_go，便于各种场景异步管道调用，解决循环引用弊端，修复未记录pocs_go检测结果到 ES的bug 2022-07-17 16:22:1658046121
7871a8d0 up 2022-07-16 23:11:1657984288
7151ca3f up md 2022-07-16 23:07:1657984020
77661b4c 1、优化http密码爆破，支持外挂字典 2、重写、优化file fuzz，包括性能优化，字典优化、内存开销优化 a、同时fix vscan中多线程并发内存共享bug b、同一目标错误次数达到20关闭当前目标所有乡村，退出无意义fuzz c、增加智能算法，识别404、识别异常页面 d、顺带check Shiro指纹 e、优化并发、多线程控制 f、优化跳转检测：状态码、html跳转、js跳转 3、优化POCcheck中case为小写，提高效率 2022-07-16 22:51:1657983064
6d72e97f update Readme 2022-07-16 09:32:1657935149
429cfcfe update config/nuclei-templates 2022-07-16 09:20:1657934424
722ee3ba add snmp,Elasticsearch密码爆破 2022-07-16 09:17:1657934262
ee6cd019 性能优化 2.5.5
71fd8e87 fix nmap \nadd snmp密码爆破模块
75527c34 fix eHoleFinger、localFinger指纹默认为and，fg指纹默认为or关系 2022-07-15 17:11:1657876297
9b916981 指纹识别算法优化,可记录命中字符串 2022-07-15 14:29:1657866583
115faf74 指纹识别算法优化 2022-07-15 13:49:1657864141
332488f2 fix 优化指纹算法 2022-07-15 11:44:1657856670
4be977bb add CVE-2020-13935 2022-07-15 09:48:1657849721
350a9982 add CVE-2020-13935 2022-07-15 09:47:1657849675
9139b4a0 fix 默认先关闭nuclei，当前官方版本有bug 2022-07-14 23:00:1657810827
daf4a30a 性能优化 2.5.3
26678ac3 up 2022-07-14 18:07:1657793260
a538fc46 fix 1、优化指纹算法faviconhash相同组件、同一目标只匹配1次；2、相同目标相同组件命中两次就停止该组件其他规则；3、内存使用优化 2022-07-14 18:01:1657792871
1ecb3300 update nuclei-templates 2022-07-14 14:50:1657781408
a759ab6c up 2022-07-14 13:50:1657777804
77e53519 up 2022-07-14 13:48:1657777722
9acd8396 reset nmap bash shell 2022-07-14 12:03:1657771386
862201fd fix 1、优化内存开销 2、支持url类型指纹 2022-07-14 11:58:1657771098
cdb517a1 fix fuzz正则表达式消耗资源bug 2022-07-13 09:17:1657675058
586ebbfa 性能优化 2.5.1
9cba801e update nuclei-templates 2022-07-12 10:04:1657591449
383d1cdb fix AutomaticScan默认开启后导致nuclei模版不会扫描的bug 2022-07-12 10:00:1657591231
95a836e2 fix main.go:35:4: fmt.Println arg list ends with redundant newline 2022-07-12 09:34:1657589698
a1241d9a fix 配置文件未获取到时不应该返回key的bug 2022-07-12 09:24:1657589097
664a17eb fix filefuzz处理不当导致cpu持续上升的bug 2022-07-12 09:21:1657588876
70483efa fix 无效的空行 2022-07-11 11:53:1657511632
9385370d fix 线程过多、目标多时内存开销过大多bug 2022-07-11 11:30:1657510229
fe1c26a9 性能优化 2.4.9
f56ab188 fix 线程过多、目标多时内存开销过大多bug 2022-07-11 11:27:1657510051
a587d1a6 增加fuzz能力，同时去重 2022-07-11 10:02:1657504978
0fcb0b97 下一步计划：加载osvdb 并驱动执行 2022-07-11 08:58:1657501103
cca6e294 add CVE-2022-24706.go 2022-07-10 10:39:1657420745
91f16c77 update nuclei-templates 2022-07-10 02:54:1657392847
5b0dcaba fix #14 2022-07-10 02:46:1657392398
ef6a8ca6 fix 当将非http端口加上http进行盲打时发生当req和header无效导致当内存错误 2022-07-10 02:42:1657392140
4e7222a6 fix 当将非http端口加上http进行盲打时发生当req和header无效导致当内存错误 2022-07-10 02:26:1657391186
accc51fd fix 命令行参数容错 2022-07-10 02:17:1657390642
996549fa fix 1、优先使用环境变量，再使用config.json变量；2、优化密码破解代码 2022-07-10 02:12:1657390321
644d9130 fix 默认开启nucleiwappalyzer technology detection 功能 2022-07-10 01:43:1657388594
6aab426b fix govalidator.IsURL将ip检测为url导致x1.Hostname()为空值的bug，修复后-l 文件列表支持http ip 域名形态格式;优化参数容错 2022-07-10 01:33:1657388031
236d4748 fix windows不支持优先使用nmap，还没有时间去建立bat程序 2022-07-09 23:57:1657382230
7664f0e3 fix 添加参数priorityNmap允许关闭默认优先使用nmap，可以看到扫描进度，避免使用者以为程序卡死了 2022-07-09 23:53:1657382001
dde99da2 fix md 2022-07-08 23:47:1657295237
97cf57f6 fix -l hostfile is url can not do nmap bug 2022-07-08 23:35:1657294532
c95dece2 fix 优化naabu close bug 2022-07-08 23:13:1657293197
b2191d1d up vendor
719c8342 fix 优化，如果检测到系统有nmap，则优先使用nmap，否则继续使用老到流程走naabu流程，性能飞起来
f360bbdd fix nuclei模版参数目录定位bug 2022-07-08 13:38:1657258724
ac82b929 fix 优化代码 2022-07-08 13:13:1657257204
2a297a90 fix 第一次运行无法读取config/config.json的bug 2022-07-08 13:12:1657257132
43b7ed85 性能优化 2.4.5
b0dfbb1b fix update vendor 2022-07-08 11:53:1657252417
be515d86 fix 始终启用嵌入nuclei-template 2022-07-08 11:52:1657252327
91fe3946 fix 嵌入配置文件和本地比较，不相同时才更新，以本地文件准 2022-07-08 11:49:1657252178
3697ccac fix 嵌入config目录未正确使用配置文件的bug,配置文件将自动export到当前目录 2022-07-08 11:42:1657251752
3f036588 fix 异步nmap无结果的bug 2022-07-08 08:24:1657239869
fde4785d fix naabu TopPorts to full
33b8dcba fix naabu TopPorts to full
442c7552 fix main.go:49:21: call of hydra.DoNmapRst copies lock value: sync.WaitGroup contains sync.noCopy
d740d6ac fix repeat 51pwn 2022-07-07 09:05:1657155923
21dbb8da fix update nuclei-templates 2022-07-07 08:40:1657154444
8600edcb fix 成功密码破解输出空结果的bug 2022-07-06 18:16:1657102594
05e1cda0 fix nuclei-templeates 2022-07-06 13:51:1657086717
058e81be fix 模版重复；增强文件泄露功能 2022-07-06 13:38:1657085934
b7d2bced update vendor 2022-07-05 22:33:1657031599
e0673439 update nuclei-templates 2022-07-05 22:29:1657031353
f7e0436a update nuclei-templates 2022-07-05 22:27:1657031265
3ab48f32 fix vendor not push bug 2022-07-05 17:23:1657013021
5b8b13b5 性能优化 2.4.3
5744a4ab fix 弱口令、密码爆破模块未与后续节点任务异步并发的bug 2022-07-05 09:34:1656984864
1b491d18 fix 弱口令、密码爆破模块未与后续节点任务异步并发的bug 2022-07-05 09:31:1656984709
8782a9f3 fix 弱口令、密码爆破模块未与后续节点任务异步并发的bug 2022-07-05 09:31:1656984689
74b550d2 add getUrlHash.go 计算urlbodymd5小工具
61887b96 update nuclei-templates 2022-07-04 12:53:1656910414
f6e76b04 up vendor 2022-07-04 08:39:1656895149
30112107 fix md 2022-07-03 22:25:1656858358
350b9e55 fix md 2022-07-03 08:51:1656809512
17ea3b8d up md 2022-07-02 23:43:1656776592
8be59a93 fix config处理、支持冒号分隔的字典文件 2022-07-02 23:05:1656774351
2f85ca6e fix 1、-v -debug未显示成功爆破密码的bug \n2、优化密码字典 2022-07-02 22:34:1656772441
7a9a0ff7 全开 1、包含对ssl中*.子域名爆破，执行慢 2、结果自动保存本地ES搜索引擎
05d79ca9 fix rm log 2022-07-01 13:43:1656654215
30af5d6a 性能优化 2.4.0
be165dcf fix httpx，vscan结果未推送到ES的bug;2、更新workflow.jpg
9ca5c247 fix httpx，vscan结果未推送到ES的bug;2、更新workflow.jpg
b6a5a8c6 fix httpx，vscan结果未推送到ES的bug;2、更新workflow.jpg
a187058c fix Elasticsearch url双斜杠导致无法保存的bug 2022-06-30 23:37:1656603438
38cb603b fix Elasticsearch url双斜杠导致无法保存的bug 2022-06-30 23:34:1656603277
fb977c0c fix Elasticsearch url双斜杠导致无法保存的bug 2022-06-30 23:33:1656603229
27e275e5 fix 默认不开启Elasticsearch存储结果 2022-06-30 23:02:1656601363
d33c5770 fix 1、集成Elasticsearch存储中间结果 2、嵌入整个config目录到程序中 2022-06-30 23:00:1656601220
215c4887 fix 嵌入式集成私人版本nuclei-templates 共3744个YAML POC 2022-06-30 18:12:1656583979
24963b76 fix nuclei-template to NoUpdateTemplates=true 2022-06-30 09:13:1656551609
0459360a fix auto build xml 2022-06-29 23:19:1656515968
0f675945 fix auto build xml 2022-06-29 23:15:1656515730
ce09fb28 fix config 参数大小写不兼容问题 2022-06-29 23:13:1656515621
c485a048 性能优化 2.3.5
0777d79b fix -host http:/xxx.com can not run naabu 2022-06-29 23:07:1656515250
7176a894 add nuclei-templates 2022-06-29 13:44:1656481456
8cc78a63 add nuclei-templates 2022-06-29 13:41:1656481278
981ad8f5 add nuclei-templates 2022-06-29 13:33:1656480787
a6a34a0e upgrade wappalyzergo to v0.0.48 2022-06-29 08:38:1656463119
6588305d 优化httpx检测、输出 2022-06-28 15:04:1656399870
4937103c fix nuclei Project is true file missing bug 2022-06-28 15:01:1656399684
4035f1a8 优化md 2022-06-28 08:11:1656375114
72d868f7 性能优化 2.3.3
6757160c 优化流程图 2022-06-28 08:07:1656374840
5396c159 优化模糊匹配，提高正确率、鲁棒性;集成ksubdomain进度10%
f9dc71fa 优化模糊匹配，提高正确率、鲁棒性;集成ksubdomain进度10%
28efef94 修复目标传递下一节点重复的bug
923b3d0d Update README.md
cba79cbd Update README.md
dc9639c5 Update README.md
0da190fa fix md
6d9188c3 优化指纹算法；增加工作流程图
0f493e2a 优化指纹算法；增加工作流程图
0dd0fca6 还是满足国人的需求
65ea0222 还是满足国人的需求
1091d6b9 还是满足国人的需求
f4d4d6c9 还是满足国人的需求
817a5de8 性能优化 2.3.0
a3c2a7fc fix 中间结果重复传入下一节点的bug
635bd0ea 更新nuclei到最新v2.7.3版本，优化nuclei为静默模式
261672b2 fix 域名转ip时错将ip带入的bug
c311f318 fix 域名转ip时错将ip带入的bug
10f1b46b 性能优化 2.2.9
4f74aab9 fix windows稳定性bug，fixnuclei参数冲突 2022-06-23 13:00:1655960405
6210b91d fix "Init k-v db 不能多个进程同时开启"
9279f17f 优化：nmap未自动加.exe的bug；优化windows下缓存文件未优化体积的bug
b1806828 优化，避免目标重复
ee171e2f 添加参数ParseSSl，控制默认不深度分析SSL中的DNS信息，默认不对SSL中dns进行扫描
1766d8a1 Update README.md
faad8ba3 fix #9 2022-06-22 21:42:1655905338
feb7bc9c 集成kscan 11种（ftp、mongodb、mssql、mysql、oracle、postgresql、rdp、redis、smb、ssh、telnet）弱密码检测，同时优化支持外挂密码字典
cadaf0aa 集成kscan对ftp、mongodb、mssql、mysql、oracle、postgresql、rdp、redis、smb、ssh、telnet弱口令检测
0cfc536b 性能优化 2.2.5
d8316f81 优化ssl中域名处理问题，引入缓存，避免重复处理 2022-06-21 22:49:1655822954
3c8547b2 性能优化 2.2.4
ad7e91c0 优化ssl中域名处理问题，引入缓存，避免重复处理 2022-06-21 22:47:1655822874
0e27c9bd fix md 2022-06-21 21:56:1655819801
61240640 add vendor for others easy build 2022-06-21 16:19:1655799574
867cfc6a update nuclei to v2.7.2 2022-06-21 13:52:1655790758
bf408cda 优化 2022-06-21 13:43:1655790194
1c0d8928 add bypass403
9a122f1f fix密码爆破，测试代码中已经可以运行
825110dd filter 2022-06-21 09:38:1655775515
eec58751 fix md 2022-06-21 09:28:1655774918
ff73b7b0 rm history

2.8.5

1 year ago

v2.8.5

1、fuzz、及所有请求输出限制为800k，避免被反制、进行内存攻击导致程序崩溃
2、修复naabu、nmap扫描后使用ip继续走后续流程，导致无法正确访问目标的bug，https通常是限定只能域名访问的 
3、file fuzz针对 aac、abw、...zip、3gp、3g2、7z 的Content-Type: 进行类型识别，跳过无用的fuzz,例如请求的是jpg，返回200的html
4、add dnsx
5、性能优化
6、add 
VMware/vCenter/CVE-2022-22954 
VMware/vCenter/CVE_2022_22972 
gitlab/CVE-2022-2185
go_poc_check jenkins/CVE_2016_0792 
ms/CVE-2021-26855_2 
ms/CVE_2021_26855 
ms/exchange/chkproxyshell 
ms/exchange/confirmtoken 
ms/exchange/proxyln 
ms/exchange/proxyln_test 
ms/exchange/proxytoken 
oracle/weblogic/CNVD-C-2019-48814 
shiro/CVE_2016_4437
CVE-2022-35914
7、增加了filefuzz时bywaf的功能
8、优化了fuzz，http2.0下测试18秒可以完成6万的扫描，同时合并、去除冗余的结果
9、优化：所有的web扫描前，均做有效检测，避免无效扫描，提升了效率 
10、add
vCenter/CVE_2021_21985
vCenter/c_21972
vCenter/c_21985
vCenter/c_22005
11、重构了webscan
12、add mychromedp 封装基于浏览器的爬虫，支持多tab，禁止图片、css加载 2022-09-29
13、update nuclei to v2.7.8， naabu to v2.1.0

2.8.3

1 year ago

Changelog

d3e0d22f thanks @veo masters 2022-10-03

2.8.2

1 year ago

Changelog

2820dc9a 性能优化 2.8.2
e425e02a 性能优化 2.8.2
747d6934 up windows 2022-10-02
6d88ba3a 性能优化 2.8.2
2d25d4ac up brute/dicts/filedic.txt 2022-10-01
89458d6a add submodule update 2022-10-01
2da34197 up 2022-10-01
8c88fdfc add 2022-10-01
506e1f74 add submodule nuclei-templates 2022-10-01
0c57db2c rm config/nuclei-templates 2022-10-01
f360ce0c add /_wpeprivate/config.json 2022-09-29
29dba4ea 1、Up PoCs 2、Refactor the engine model 3、add async do cmd 4、Optimize masscan code 2022-09-24
b1af7bbb up PoCs 2022-09-23
300ef695 linux arm 2022-09-22
52ace35b up PoCs 2022-09-22
3ee9041f Merge pull request #114 from jusk9527/main
0d8ceadb add goby poc

2.8.1

1 year ago

Changelog

ed31dc9a 性能优化 2.8.1
65cc7b4b fix go.mod auto clear bug
20a2fbca Delete readme-update.yml
3006ff18 性能优化 2.8.1
145b7bcf fix jarm-go can not build bug 2022-09-18
044689b3 性能优化 2.8.1
f791f0ec fix
f0ca7da4 up scripts 2022-09-18
e86b5485 up scripts 2022-09-18
310a95c4 up scripts 2022-09-18
ce9bf55e Up PoCs 2022-09-18
ffde368c 性能优化 2.8.1
ca1bb257 Optimize filefuzz to improve running speed 2022-09-18
9b411988 Optimize filefuzz 2022-09-18
8f8c4124 upgrade all dependencies 2022-09-17
7330b216 fixed bug:Configs.ConfigJsonMap.Exploit.Logs is "" #111 By @hktalent 2022-09-17
34392cdf Up PoCs 2022-09-17
d18fc72b up PoCs 2022-09-16
72727522 up 2022-09-13
396a5274 fix szUrl to url 2022-09-12