{"id":13958851,"url":"https://github.com/EdgeSecurityTeam/Ehole","last_synced_at":"2025-07-21T00:32:17.252Z","repository":{"id":37344423,"uuid":"329821568","full_name":"EdgeSecurityTeam/EHole","owner":"EdgeSecurityTeam","description":"EHole(棱洞)3.0 重构版-红队重点攻击系统指纹探测工具","archived":false,"fork":false,"pushed_at":"2024-04-02T06:02:34.000Z","size":1629,"stargazers_count":3307,"open_issues_count":42,"forks_count":415,"subscribers_count":40,"default_branch":"main","last_synced_at":"2025-07-11T15:55:42.189Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"https://forum.ywhack.com/","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/EdgeSecurityTeam.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2021-01-15T05:51:57.000Z","updated_at":"2025-07-09T04:57:52.000Z","dependencies_parsed_at":"2022-07-12T16:17:35.355Z","dependency_job_id":"d5d1e483-b43a-48bb-9d32-db5b78b6097e","html_url":"https://github.com/EdgeSecurityTeam/EHole","commit_stats":{"total_commits":16,"total_committers":5,"mean_commits":3.2,"dds":0.5,"last_synced_commit":"9a91e0b3372537681d1b88a31cfab3d00620c1e5"},"previous_names":[],"tags_count":3,"template":false,"template_full_name":null,"purl":"pkg:github/EdgeSecurityTeam/EHole","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/EdgeSecurityTeam%2FEHole","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/EdgeSecurityTeam%2FEHole/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/EdgeSecurityTeam%2FEHole/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/EdgeSecurityTeam%2FEHole/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/EdgeSecurityTeam","download_url":"https://codeload.github.com/EdgeSecurityTeam/EHole/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/EdgeSecurityTeam%2FEHole/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":266221311,"owners_count":23894966,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-08-08T13:01:58.943Z","updated_at":"2025-07-21T00:32:17.205Z","avatar_url":"https://github.com/EdgeSecurityTeam.png","language":"Go","readme":"# EHole(棱洞)3.0 红队重点攻击系统指纹探测工具\n\n![Author](https://img.shields.io/badge/Author-shihuang-green)  ![language](https://img.shields.io/badge/language-Golang-green) ![version](https://img.shields.io/badge/version-2.0-brightgreen)\n\n### [# 00x01] 简介：\n\n```\n     ______    __         ______\n    / ____/___/ /___ ____/_  __/__  ____ _____ ___\n   / __/ / __  / __ `/ _ \\/ / / _ \\/ __ `/ __ `__ \\\n  / /___/ /_/ / /_/ /  __/ / /  __/ /_/ / / / / / /\n /_____/\\__,_/\\__, /\\___/_/  \\___/\\__,_/_/ /_/ /_/\n\t\t\t /____/ https://forum.ywhack.com  By:shihuang         \n```\n\nEHole是一款对资产中重点系统指纹识别的工具，在红队作战中，信息收集是必不可少的环节，如何才能从大量的资产中提取有用的系统(如OA、VPN、Weblogic...)。EHole旨在帮助红队人员在信息收集期间能够快速从C段、大量杂乱的资产中精准定位到易被攻击的系统，从而实施进一步攻击。\n\n**20210823 Ehole 开源版，本次优化内容如下：**\n\n\n\n* 1.支持xlsx导出结果\n* 2.支持自定义语法导出fofa结果\n* 2.支持自适应favicon的路径\n\n感谢 Ehole 开源作者 @shihuang\n\n**20210623 EHole(棱洞)3.0版本，更新内容如下：**\n\n* 1.多个CMS指纹识别(如一个URL同时匹配多个CMS指纹则会同时显示);\n* 2.颜色高亮(新增颜色高亮，识别到的系统会以红色进行显示，更易于区分);\n* 3.新增FOFA批量端口提取(如拿到一万甚至十万IP的情况，则可以使用-fall批量从FOFA中提取端口信息);\n* 4.优化多个识别规则，更易于识别重点系统;\n* 5.新增多条指纹,目前能识别大部分常见的系统;\n* 6.优化文件读取,更快速准确的识别内容;\n* 7.FOFA语法搜索优化,使用-fofa参数快速从fofa提取资产进行识别。\n\n### [# 00x02] 使用：\n\n配合[红队中易被攻击的一些重点系统漏洞整理]食用效果更佳：https://forum.ywhack.com/bountytips.php?Vulnerability\n\n```bash\nEHole version: 2.0\nUsage: Ehole [-f|-l] [parameter]\n\nOptions:\n  -f string\n        Fofa searches for assets , supports IP and IP segments。(192.168.1.1 | 192.168.1.0/24)\n  -ftime string\n        fofa timeout (default \"10\")\n  -h    this help\n  -json string\n        out json\n  -l string\n        Probe based on local file\n  -log string\n        Log file name (default \"server.log\")\n  -t string\n        thread (default \"100\")\n```\n\nEHole(棱洞)2.0提供了**两种**指纹识别方式，可从本地读取识别，也可以从FOFA进行批量调用API识别(需要FOFA密钥)，同时支持结果JSON格式输出。\n\n**1.本地识别：**\n\n```bash\nEHole -l url.txt   //URL地址需带上协议,每行一个\n```\n\n**2.FOFA识别:**\n\n注意：从FOFA识别需要配置FOFA 密钥以及邮箱，在config.ini内配置好密钥以及邮箱即可使用。\n\n```bash\nEHole -f 192.168.1.1/24  //支持单IP或IP段\n```\n\n**3.结果输出：**\n\n```bash\nEHole -l url.txt -json export.json  //结果输出至export.json文件\n```\n\n### [# 00x03] 指纹编写：\n\nEHole(棱洞)2.0改变了原有的指纹识别规则，2.0版指纹从外部文件读入，识别方式：\n\n**指纹格式：**\n\n```json\n关键字匹配：\n{\n\t\t\"cms\": \"seeyon\",\n\t\t\"method\": \"keyword\",\n\t\t\"location\": \"body\",\n\t\t\"keyword\": [\"/seeyon/USER-DATA/IMAGES/LOGIN/login.gif\"]\n}\n```\n\n```json\nfaviconhash匹配：\n{\n\t\t\"cms\": \"CapRover\",\n\t\t\"method\": \"faviconhash\",\n\t\t\"location\": \"body\",\n\t\t\"keyword\": [\"988422585\"]\n}\n```\n\n1. cms：系统名称\n2. method：识别方式 (支持三种识别方式，分别为：keyword、faviconhash、regula)\n3. location：位置（指纹识别位置，提供两个位置，一个为body，一个为header）\n4. keyword：关键字（favicon图标hash、正则表达式、关键字）\n\n⚠️注意：keyword支持多关键字匹配，需要所有关键字匹配上才能识别。如：\n\n```json\n\"keyword\": [\"sys/ui/extend/theme/default/style/icon.css\", \"sys/ui/extend/theme/default/style/profile.css\"]\n```\n\n### [# 00x04] 使用效果：\n\n**fofa识别：**\n\n![-w912](images/16106897804249.jpg)\n\n**输出效果：**\n\n![-w1325](images/16106898229421.jpg)\n","funding_links":[],"categories":["扫描器、资产收集、子域名"],"sub_categories":["网络服务_其他"],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FEdgeSecurityTeam%2FEhole","html_url":"https://awesome.ecosyste.ms/projects/github.com%2FEdgeSecurityTeam%2FEhole","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FEdgeSecurityTeam%2FEhole/lists"}