{"id":14637794,"url":"https://github.com/youki992/VscanPlus","last_synced_at":"2025-09-07T06:30:50.781Z","repository":{"id":224688763,"uuid":"763934320","full_name":"youki992/VscanPlus","owner":"youki992","description":"[VscanPlus内外网漏洞扫描工具]已更新HW热门漏洞检测POC。基于veo师傅的漏扫工具vscan二次开发的版本，端口扫描、指纹检测、目录fuzz、漏洞扫描功能工具，批量快速检测网站安全隐患。An open-source,  cross-platform website vulnerability scanning tool that helps you quickly detect website security vulnerabilities. ","archived":false,"fork":false,"pushed_at":"2024-11-14T03:19:10.000Z","size":1343,"stargazers_count":214,"open_issues_count":6,"forks_count":20,"subscribers_count":3,"default_branch":"main","last_synced_at":"2024-11-14T04:18:39.838Z","etag":null,"topics":["fingerprint","fuzzing","nuclei","portscan","security","sql-injection","xray"],"latest_commit_sha":null,"homepage":"","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"bsd-3-clause","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/youki992.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2024-02-27T07:16:57.000Z","updated_at":"2024-11-14T03:19:13.000Z","dependencies_parsed_at":"2024-03-28T03:29:05.546Z","dependency_job_id":"3fc06367-52f8-4357-b6b7-09f2184d858f","html_url":"https://github.com/youki992/VscanPlus","commit_stats":null,"previous_names":["youki992/vscanplus"],"tags_count":12,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/youki992%2FVscanPlus","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/youki992%2FVscanPlus/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/youki992%2FVscanPlus/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/youki992%2FVscanPlus/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/youki992","download_url":"https://codeload.github.com/youki992/VscanPlus/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":232182978,"owners_count":18484715,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["fingerprint","fuzzing","nuclei","portscan","security","sql-injection","xray"],"created_at":"2024-09-10T02:01:16.211Z","updated_at":"2025-09-07T06:30:50.759Z","avatar_url":"https://github.com/youki992.png","language":"Go","readme":"\u003ch1 align=\"center\"\u003e\n  \u003cb\u003eVscanPlus\u003c/b\u003e\n  \u003cbr\u003e\n\u003c/h1\u003e\n\u003cp align=\"center\"\u003eVscanPlus is a second development version of Vscan, an open-source, lightweight, fast, cross-platform website vulnerability scanning tool that helps you quickly detect website security vulnerabilities.\u003c/p\u003e\n\n\u003cp align=\"center\"\u003e\n\u003ca href=\"https://github.com/youki992/VscanPlus/issues\"\u003e\u003cimg src=\"https://img.shields.io/badge/contributions-welcome-brightgreen.svg?style=flat\"\u003e\u003c/a\u003e\n\u003ca href=\"https://github.com/youki992/VscanPlus\"\u003e\u003cimg alt=\"Release\" src=\"https://img.shields.io/badge/LICENSE-BSD-important\"\u003e\u003c/a\u003e\n\u003ca href=\"https://github.com/youki992/VscanPlus/releases\"\u003e\u003cimg src=\"https://img.shields.io/github/release/youki992/VscanPlus\"\u003e\u003c/a\u003e\n\u003ca href=\"https://github.com/youki992/VscanPlus/releases\"\u003e\u003cimg src=\"https://img.shields.io/github/downloads/youki992/VscanPlus/total?color=blueviolet\"\u003e\u003c/a\u003e\n\u003c/p\u003e\n\n\u003cp align=\"center\"\u003e\n  \u003ca href=\"/README_zh.md\"\u003e中文文档\u003c/a\u003e •\n  \u003ca href=\"/static/Installation.md\"\u003eCompilation/Installation/Running\u003c/a\u003e •\n  \u003ca href=\"/static/usage.md\"\u003eParameter Description\u003c/a\u003e •\n  \u003ca href=\"/static/running.md\"\u003eUsage\u003c/a\u003e •\n\u003c/p\u003e\n\n# Features\n\n![image](./static/help.png)\n\n![image](./static/exp.png)\n\n# Updates\n\n- Updated ehole fingerprint\n- Updated nuclei detection scripts\n- Updated xray detection scripts\n- Fixed missing field error when reading nuclei templates\n- Standardized fingerprint names, nuclei, xray detection script naming format\n\n# Commits\n\n- According to the original vscan development documentation, users can customize fingerprints and pocs. The calling relationship between the two is: first detect the fingerprint, then call the corresponding poc, similar to the recently updated -ac command line detection feature in nuclei, both based on fingerprints to detect vulnerabilities\n\n\u003cdiv style=\"text-align: center;\"\u003e\n    \u003cimg src=\"static/fingerprint.png\" alt=\"vscan\" style=\"width: 850; display: block; margin: 0 auto;\"\u003e\n\u003c/div\u003e\n\n- According to the original vscan development documentation, the xray poc naming format corresponding to the fingerprint is: fingerprint-xxxx-yml, so the format of the newly added pocs has been standardized, including:\n``\nWeaver-OA\nYonyou-OA\nTongda-OA\nJinhe-OA\nThinPHP\nSpring-Boot\nSpring-Blade\nApache-Tomcat\nDrupal\nMicrosoft-Exchange\nSangfor\n``\n\n- Nuclei loads pocs through tags\n\n\u003cdiv style=\"text-align: center;\"\u003e\n    \u003cimg src=\"static/nuclei.png\" alt=\"vscan\" style=\"width: 850; display: block; margin: 0 auto;\"\u003e\n\u003c/div\u003e\n\n- ~~Based on the xray rule detection of the original vscan, the logic of loading multiple rules in yml v2 similar to nuclei templates has been rewritten, which can achieve multi-expression detection functionality~~\n\n- The fuzzy detection feature for subdomain name takeover vulnerabilities is added\n``\nBased on the detection rules in the https://github.com/EdOverflow/can-i-take-over-xyz project, the corresponding domain name is determined to have a subdomain name takeover vulnerability by comparing the domain name CNAME resolution and the request return information. After the detection is complete, a matched_domains.txt file is generated in the current directory.\n``\n\n# Todo\n\n- Fix bugs related to some detection scripts failing to load\n\n# Warning\n\n- To compile and generate executable files, please download the vcsanplus-main-code.zip file from the releases\n\n**本工具由C4安全团队二次开发和维护**\n\n![image](https://img.picui.cn/free/2025/04/24/6809d1fe2c270.png)\n\n# Reference\n\nhttps://github.com/veo/vscan\n\n# Star History\n\n[![Star History Chart](https://api.star-history.com/svg?repos=youki992/VscanPlus\u0026type=Date)](https://star-history.com/#youki992/VscanPlus\u0026Date)\n","funding_links":[],"categories":["漏洞扫描","Go"],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fyouki992%2FVscanPlus","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fyouki992%2FVscanPlus","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fyouki992%2FVscanPlus/lists"}