{"id":13840717,"url":"https://github.com/ATpiu/asset-scan","last_synced_at":"2025-07-11T09:33:08.474Z","repository":{"id":45513778,"uuid":"236305146","full_name":"ATpiu/asset-scan","owner":"ATpiu","description":"asset-scan是一款适用甲方企业的外网资产周期性扫描监控系统","archived":false,"fork":false,"pushed_at":"2020-04-19T13:32:46.000Z","size":4146,"stargazers_count":238,"open_issues_count":0,"forks_count":51,"subscribers_count":10,"default_branch":"master","last_synced_at":"2024-08-05T17:25:36.424Z","etag":null,"topics":["golang","network-discovery","nmap","port-scanner","security","service-discovery","vulnerability-detection"],"latest_commit_sha":null,"homepage":"","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/ATpiu.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2020-01-26T11:51:37.000Z","updated_at":"2024-07-19T15:43:34.000Z","dependencies_parsed_at":"2022-08-26T23:50:12.835Z","dependency_job_id":null,"html_url":"https://github.com/ATpiu/asset-scan","commit_stats":null,"previous_names":[],"tags_count":1,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ATpiu%2Fasset-scan","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ATpiu%2Fasset-scan/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ATpiu%2Fasset-scan/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ATpiu%2Fasset-scan/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/ATpiu","download_url":"https://codeload.github.com/ATpiu/asset-scan/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":225712676,"owners_count":17512457,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["golang","network-discovery","nmap","port-scanner","security","service-discovery","vulnerability-detection"],"created_at":"2024-08-04T17:00:53.361Z","updated_at":"2024-11-21T10:30:42.680Z","avatar_url":"https://github.com/ATpiu.png","language":"Go","funding_links":[],"categories":["Go","Go (531)"],"sub_categories":[],"readme":"# asset-scan\n[![Golang](https://img.shields.io/badge/Golang-1.13-yellow.svg?style=flat-square)](https://www.golang.org/) [![elasticsearch](https://img.shields.io/badge/Elasticsearch-5.6.8-green.svg?style=flat-square)](https://www.elastic.co/downloads/elasticsearch) [![kibana](https://img.shields.io/badge/Kibana-5.6.8-blue?style=flat-square)](https://www.elastic.co/downloads/kibana)\n\n## 简介\n\nasset-scan用于甲方企业外网资产进行周期性扫描监控，对资产新增的端口服务进行自动化未授权访问/弱口令爆破检测并进行实时告警，\n便于企业对外网暴露的攻击面进行收敛\n\n结合kibana，使用者可随时搜索企业外网资产暴露的端口、服务和版本等信息;制作各类统计图，进行开放端口统计、新增服务版本分析和资产扫描耗时统计等;\n使用Dashboard进行内部汇报展示等\n\n目前支持`ssh`、`redis`、`mysql`、`ftp`、`mongodb`、`postgresql`和`mssql`七种服务的弱口令爆破，另外支持`mongod`、`redis`和\n`memcached`的未授权访问测试\n\n**请使用者遵守《中华人民共和国网络安全法》，勿用于非授权的测试。**\n\n## 功能特点\n\n- 周期性扫描监控\n- 自动化未授权访问/弱口令爆破\n- 支持扫描速度、白名单、配置热更新和告警控制\n- 搜索、自定义统计图、多维度分析、结果导出EXCEL\n\n## 图例展示\n\n配合Kibana强大的分析统计功能，各位可自定义其它统计图和表盘\n\n![](./doc/dashboard.png)\n![](./doc/IP开放高危服务表.png)\n\n\n## 配置文件说明\n\n```\nnmap:\n  path:                          #不指定则使用系统默认的nmap\n\nmasscan:\n  path:                          #不指定则使用系统默认的masscan\n  rate: 5000                     #masscan扫描速度，不建议设很大\n\nes:\n  address: 127.0.0.1:9200        #elasticsearch地址\n\nscan:\n  ipFile: ip.txt                 #包含扫描的ip范围文件，文件内容格式参照nmap -iL参数所支持的格式\n  ipexcludeFile: ipExclude.txt   #包含需排除的ip范围文件，文件内容格式参照nmap --excludefile参数所支持的格式\n  port: 1-65535                  #扫描端口范围\n  mas_num: 1                     #同时可运行的最大masscan数\n  nmap_num: 20                   #同时可运行的最大nmap数\n  userDict: user.txt             #对服务进行弱口令爆破的用户名字典\n  passwordDict: password.txt     #对服务进行弱口令爆破的密码字典\n  scan_interval: 30              #扫描间隔，单位：秒\n\nobserve:\n  switch: on                     #观察者模式开关：（1）开启:on （2）关闭:off\n\nmail:                            #告警邮箱设置，若观察者模式始终开启，则可忽略邮箱配置\n  host: xxx.xxx.com\n  port: 123\n  username: xxx@xxx.com\n  password: xxx\n  from: xxx@xxx.com\n  to: [\"xxx@xxx.com\",\"xxx@xxx.com\"]\n```\n\n## 运行指南\n\n- Linux环境运行，需要Nmap、Masscan、Es和Kibana 5.6.x版本，安装指南详见：[安装指南](./doc/install.md)\n- 所需组件安装完毕后，从[release](https://github.com/ATpiu/asset-scan/releases)中下载压缩包，对config.yaml进行配置，ip.txt中填入要扫描的IP段（格式参照nmap -iL参数所支持的格式），之后可直接输入`./asset-scan`运行\n- 扫描初期，建议将config.yaml中的观察者模式开关设为`on`,避免造成告警轰炸（有新服务对外开放或暴力破解成功会发告警邮件）\n- ipExclude.txt中为要排除扫描的IP段，user.txt和password.txt分别为用户名字典和密码字典\n\n## kibana图表模板\n\n- 有一些同学联系到作者希望能提供kibana图表模板，因此作者提供一个自己的kibana图表模板，方便大家查看效果及参考学习，详见：[图表模板](./doc/kibana.md)\n\n## Es字段说明\n\n目前Es中有5个type：\n- result\n\n  包含每次资产基础探测扫描的数据：\n\n- scanhistory \n\n  包含每次扫描的开始时间和结束时间\n\n- addhistory \n\n  与最近一次扫描历史区间相比，新增的端口服务\n\n- uphistory \n\n  与最近一次扫描历史区间相比，同一资产（具有相同IP、端口和协议）服务的更新情况\n\n- bruteforce \n\n  包含对资产服务的未授权访问/暴力破解记录\n  \n## 讨论\n\n与本项目有关的想法建议可联系作者，也欢迎一起讨论甲方安全建设/乙方安全服务/工控安全等\n\n备注：github\n\n![](./doc/wechat.jpg)","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FATpiu%2Fasset-scan","html_url":"https://awesome.ecosyste.ms/projects/github.com%2FATpiu%2Fasset-scan","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FATpiu%2Fasset-scan/lists"}