{"id":14637894,"url":"https://github.com/10cks/fofaEX","last_synced_at":"2025-09-07T06:31:15.383Z","repository":{"id":212316690,"uuid":"728693846","full_name":"10cks/fofaEX","owner":"10cks","description":"FOFA EX 是一款基于fofa api（也可导入鹰图、夸克文件）实现的红队综合利用工具，可基于模板把工具作为插件进行集成，自动化进行资产探测，目前提供的插件功能如下：探活、 nuclei 模板扫描、IP反查域名、域名反查 ICP 备案、dismap 指纹扫描","archived":false,"fork":false,"pushed_at":"2024-07-24T11:18:52.000Z","size":382,"stargazers_count":208,"open_issues_count":3,"forks_count":12,"subscribers_count":4,"default_branch":"master","last_synced_at":"2025-01-02T10:37:54.627Z","etag":null,"topics":["cybersecurity","fofa","fofa-api","fofa-client","redteam"],"latest_commit_sha":null,"homepage":"https://github.com/10cks/fofaEX","language":"Java","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/10cks.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":"SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2023-12-07T13:46:27.000Z","updated_at":"2024-12-29T13:51:27.000Z","dependencies_parsed_at":"2023-12-17T11:23:53.037Z","dependency_job_id":"5e3bb108-456e-4cde-b3ba-de7ddd9ffbe9","html_url":"https://github.com/10cks/fofaEX","commit_stats":null,"previous_names":["10cks/fofaex"],"tags_count":10,"template":false,"template_full_name":null,"purl":"pkg:github/10cks/fofaEX","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/10cks%2FfofaEX","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/10cks%2FfofaEX/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/10cks%2FfofaEX/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/10cks%2FfofaEX/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/10cks","download_url":"https://codeload.github.com/10cks/fofaEX/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/10cks%2FfofaEX/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":274005341,"owners_count":25205934,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-09-07T02:00:09.463Z","response_time":67,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["cybersecurity","fofa","fofa-api","fofa-client","redteam"],"created_at":"2024-09-10T02:01:23.383Z","updated_at":"2025-09-07T06:31:14.918Z","avatar_url":"https://github.com/10cks.png","language":"Java","funding_links":[],"categories":["Java Search Automation Tools","Java"],"sub_categories":[],"readme":"![image](https://github.com/10cks/fofaEX/assets/47177550/4baead1c-b329-48d4-ab31-a5975057abcd)\n\n![](https://badgen.net/static/language/Java/orange?icon=github)\n![](https://badgen.net//github/license/10cks/fofaEX)\n![](https://badgen.net/github/releases/10cks/fofaEX/github/releases/)\n![](https://badgen.net/github/release/10cks/fofaEX/stable)\n\n## 简介\n\nFOFA EX 是一款基于fofa api实现的红队综合利用工具（也可导入鹰图、夸克文件及其他扫描结果的excel文件），可基于模板把工具作为插件进行集成，自动化进行资产探测，目前提供的插件功能如下，需要去插件仓库进行下载，[插件下载地址](https://github.com/10cks/fofaEX_PublicPlugins)：\n\n1. fofa（或自定义打开文件）探活\n2. nuclei 模板扫描\n3. IP反查域名\n4. 域名反查 ICP 备案\n5. dismap 指纹扫描\n\n默认集成了 fofa 官方的四十个 api 接口，增加搜索数量调整、翻页、iconHash生成、搜索耗时统计、当前用户个人账户信息查询等功能，查询结果可实施编辑与表内搜索，可进行导出； 增加快捷语法编辑记录功能，可将收录的语法进行保存与快捷输入；右键支持当前搜索结果一键打开链接等功能。点击加入 [内测群](https://github.com/10cks/fofaEX/blob/master/README.md#%E5%AD%A6%E4%B9%A0%E4%BA%A4%E6%B5%81) 学习交流与问题反馈。\n\n**本项目长期免费维护，您的star是对我最大的支持。**\n\n## 启动方式\n\n[+] 支持 java 版本：java8、java11\n\n该程序使用 Java11 编写，请尽可能使用java11（界面及功能优化得最好），使用插件模式可进行一键探活：\n\n[java11：最新发布版本点击下载](https://github.com/10cks/fofaEX/releases/tag/3.2) [V3.2]\n\n[java 8：最新发布版本点击下载](https://github.com/10cks/fofaEX/releases/download/java8_v2.2/fofaEX_v2_2_java8.zip) [V2.2]\n\n[最新测试版本点击下载](https://github.com/10cks/fofaEX/releases/download/2.1/fofaEX_v2_1_pre.zip) [V2.1]\n\n手动运行请使用编码启动：\n```\njava \"-Dfile.encoding=UTF-8\" -jar .\\fofaEX.jar\n```\n\n[更新日志](https://github.com/10cks/fofaEX/blob/master/docs/update.md) [问题修复](https://github.com/10cks/fofaEX/blob/master/docs/issues.md) [第三方插件](https://github.com/10cks/fofaEX/blob/master/docs/plugins.md)\n\n程序主界面：\n\n![image](https://github.com/10cks/fofaEX/assets/47177550/b1c91436-e8e7-463f-ac6d-4ea2ef737604)\n\n自动化资产探测：httpx 探活 -\u003e ip反查域名 -\u003e 域名反查ICP -\u003e dismap 指纹采集\n\n![mnggiflab-compressed-mnggiflab-from-video-to-gif-2024_01_25_11_19_08](https://github.com/10cks/fofaEX/assets/47177550/d9be02fe-7a87-4930-91a5-3c1561d88c1d)\n\n## 优势\n\n1. 更多的默认数据查询：默认查询全部数据\n\n![image](https://github.com/10cks/fofaEX/assets/47177550/787106c1-7238-4531-8ab4-77de1d58f1d6)\n\n\n\n\n2. 快捷保存查询语法，便于HW或SRC挖掘\n3. 全部 API 接口的支持，界面可选择接口显示范围\n4. 查询结果在线编辑导出，后续会为右键添加更多新功能\n5. 可自动化调用第三方插件，目前持续开发中：当前展示为 httpX 一键探活 fofa 搜索结果，可通过设置plugins/httpxSetting.json来设置导出选项：\n\n![image](https://github.com/10cks/fofaEX/assets/47177550/52cdea65-ea84-4235-96d1-228d6de46d7e)\n\n运行 httpX 会自动弹出单独的运行结果面板：\n\n![image](https://github.com/10cks/fofaEX/assets/47177550/07491450-3c1c-4e8c-b19a-04c99c8cf8c6)\n\n## 登录模式：账户设置\n\n客户端需输入邮箱与key，第一次登录后保存账户会将配置文件生成在本地 accounts.txt 文件中（当前fofa输入key就可以调用API，无需设置邮箱）：\n\n![image](https://github.com/10cks/fofaEX/assets/47177550/89c472c1-3330-4147-89b1-ae21b35aba9e)\n\n检查账户功能可查看当前账户信息（会员显示点数为\"-1\"是正常现象）：\n\n![image](https://github.com/10cks/fofaEX/assets/47177550/1742229e-a585-491d-8f24-544eb8e15f3b)\n\n## API 搜索功能\n\n当前已提供以下 api 搜索功能（部分功能取决与当前账户权限）：\n```\nip,port,protocol,country,country_name,region,city,longitude,latitude,as_number,as_organization,host,domain,os,server,icp,\ntitle,jarm,header,banner,base_protocol,link,certs_issuer_org,certs_issuer_cn,certs_subject_org,certs_subject_cn,tls_ja3s,\ntls_version,product,product_category,version,lastupdatetime,cname,icon_hash,certs_valid,cname_domain,body,icon,fid,structinfo\n```\n默认使用常用的7个选项，可进行勾选或取消：\n\n![image](https://github.com/10cks/fofaEX/assets/47177550/bea065ab-2d66-4397-b79e-aab986f61535)\n\nfofa api 官方链接：https://fofa.info/api\n\n## 快捷输入功能\n\n按钮单击为快速输入，输入后显示为红色高亮；再次点击则撤回输入，颜色恢复。\n用户可实时新增、编辑、删除按钮，按钮配置文件保存在当前目录 rules.txt 文件中。\n\n![image](https://github.com/10cks/fofaEX/assets/47177550/979ba680-98a4-403d-84be-af0f096b829c)\n\n## iconHash 计算\n\n可通过直接输入：\nhttps://baidu.com/ 或者 https://baidu.com/favicon.ico 来计算图标哈希值：\n\n![image](https://github.com/10cks/fofaEX/assets/47177550/601744d2-2fef-4930-8ec5-969bcbb50835)\n\n## 表格操作\n\n当前表格中，右键集成了部分功能，其他功能将后续更新。\n\n![image](https://github.com/10cks/fofaEX/assets/47177550/d0e3c7dd-b733-4bb3-8dd3-889b5e8af4f9)\n\n## 翻页功能及搜索计时\n\n右下角统计当前表格数据与全部数据占比，显示当前页面数及本次搜索耗时。\n\n![image](https://github.com/10cks/fofaEX/assets/47177550/65705cba-a8e1-494b-9444-b6a68b5bcb89)\n\n## 导出功能\n\n导出excel表会以“全部数据sheet+各列去空sheet”的形式放在一个表中，方便第三方工具直接使用数据：\n\n![image](https://github.com/10cks/fofaEX/assets/47177550/1d0d4513-0168-4154-9dce-e28905826f4e)\n\n![image](https://github.com/10cks/fofaEX/assets/47177550/7e8ab7b6-dafe-4244-9dd6-a762963d2bd4)\n\n\n\n## 插件模式\n\n当前集成了 httpX 插件（windows平台），目录结构为：\n\n```\n.\n├── fofaEX.jar\n├── plugins\n│   ├── AllPlugins.json\n│   └── httpx\n│       ├── httpx.exe\n│       └── httpxSetting.json\n├── rules.txt\n└── run.bat\n```\n\nAllPlugins.json 设置插件开关，false 关闭插件，true 打开插件：\n\n```\n{\n    \"dirsearch\":false,\n    \"httpx\":true\n}\n```\n\nhttpxSetting.json 设置 httpX 的运行配置：（配置文件名需要为：插件名 + Setting.json，插件名需要与 AllPlugins.json 中的一致）\n\n```\n{\n    \"Run\":{\n        \"Path\":\"./plugins/httpx/httpx.exe\",\n        \"Params\":{\n            \"-duc\":\"\",\n            \"-l\":\"./plugins/httpx/input.txt\",\n            \"-status-code\":\"\",\n            \"-o\":\"./plugins/httpx/HttpX.json\",\n            \"-nc\":\"\",\n            \"-j\":\"\"\n        },\n        \"InputFile\":\"./coredata/FofaEX.json\",\n        \"InputTarget\":{\n            \"selectParam\":\"-l\",\n            \"selectColumn\":\"link\"\n        },\n        \"OutputFile\":\"./plugins/httpx/HttpX.json\",\n        \"OutputTarget\":[\"url\",\"port\",\"title\",\"status_code\"]\n    },\n    \"About\":{\n        \"Project\": \"httpX\",\n        \"Address\": \"https://github.com/projectdiscovery/httpx\",\n        \"Author\": \"ProjectDiscovery\",\n        \"Version\": \"v1.3.7\",\n        \"Update\": \"2023.11.13\"\n    }\n}\n```\n\n1. \"Path\" 指定程序路径\n2. \"Params\" 指定程序运行默认参数\n3. \"InputFile\" 指定 fofaEX 使用 API 查到的数据\n4. \"InputTarget\"：从 FofaEX.json 中提取出link列保存到./plugins/httpx/input.txt中，作为httpX的输入\n5. \"OutputFile\" 指定 httpX 运行后产生文件保存的位置\n6. \"OutputTarget\" 指定 fofaEX 在插件页面所展示的列内容\n\n![image](https://github.com/10cks/fofaEX/assets/47177550/14587c09-5868-4280-aa8f-90bf82715a11)\n\n\nmac 使用插件：\n```\n需要去https://github.com/projectdiscovery/httpx官网下载对应的mac包，替换plugins/httpx 文件夹下的 httpx.exe文件，接着修改httpxSetting.json文件中的Path参数为\"./plugins/httpx/httpx\"即可。\n记得给 mac 的httpx 对应运行权限，\n该功能已经过mac测试，可以正常使用。\n```\n\n## 关于项目\n\n目前项目还在开发中，有很多 idea 还在逐步实现。后续打算该平台集成第三方工具来进行一键化操作，也欢迎各位师傅提出想法与建议。\n\n## FQA\n\n\u003e 是否支持 java8？\n\n当前版本不支持，后续会增加java8版本支持\n\n当前java8开发计划已废弃，作者精力有限，java8版本仅更新至2.2版本。后续请关注java11版本。\n\n\u003e 是否支持鹰图等多平台API？\n\n作为红队工具，这个后续是一定会有的，会将更多的 API 功能以插件形式集成进 fofa EX 中。\n\n\u003e 关于免账号登录模式\n\n适用于fofaEX的插件目前仅供内部使用。\n\n## 学习交流\n\n\n\n\n## 致谢\n\n###  \n\n在开发中有很多师傅帮了我答疑解惑，加速了项目的开发，在此非常感谢下面的各位师傅的帮助：\n\n[Mechoy](https://github.com/Mechoy) [XinCaoZ](https://github.com/XinCaoZ) [ha1yu](https://github.com/ha1yu) [wavesky](https://github.com/wave-to) [gh0stkey](https://github.com/gh0stkey/HaE)\n\n除此之外，也感谢Fofaex安全开发小组的各位成员在开发中提供的建议与想法，以下排名不分先后：\n\nstart | 李趴菜 | lemon不酸 | A 一木之子 | 素风 | Z1t0\n\n### FOFA 共创者计划\n\nFofaEX 已加入 [FOFA 共创者计划](https://fofa.info/development)，感谢 FOFA 提供的账号支持。\n\n![](https://user-images.githubusercontent.com/40891670/209631625-f73811b0-a26a-4a42-8158-e5061464481d.png)\n\n## 参考链接\n\nhttps://github.com/fofapro/fofa_view\n\nhttps://github.com/wgpsec/fofa_viewer\n\n\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2F10cks%2FfofaEX","html_url":"https://awesome.ecosyste.ms/projects/github.com%2F10cks%2FfofaEX","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2F10cks%2FfofaEX/lists"}