https://github.com/1150037361/SpringScan

一个扫描Spring的常见敏感目录的burp suite插件
https://github.com/1150037361/SpringScan

Last synced: 21 days ago
JSON representation

一个扫描Spring的常见敏感目录的burp suite插件

• Host: GitHub
• URL: https://github.com/1150037361/SpringScan
• Owner: 1150037361
• Created: 2022-09-12T17:56:17.000Z (about 2 years ago)
• Default Branch: master
• Last Pushed: 2023-06-09T09:18:21.000Z (over 1 year ago)
• Last Synced: 2024-08-05T17:34:26.131Z (4 months ago)
• Language: Java
• Size: 408 KB
• Stars: 85
• Watchers: 2
• Forks: 4
• Open Issues: 5
• Metadata Files:
  • Readme: README.md

Awesome Lists containing this project

• awesome-hacking-lists - 1150037361/SpringScan - 一个扫描Spring的常见敏感目录的burp suite插件 (Java)

README

        
# SpringScan

一个扫描Spring的常见敏感目录的burp suite插件

直接添加插件即可，自动扫描

---

# 2.0详细功能页面

## 新增功能

### 1-右键添加扫描（上为分析api/docs接口，下为扫描Spring接口与被动扫描功能相似）

---

![img](https://github.com/1150037361/SpringScan/blob/master/img/%E5%8F%B3%E9%94%AE%E6%B7%BB%E5%8A%A0.png)

### 2-接口分析页面

通过右键添加扫描/api-docs链接，能够自动构造API测试页面，便于分析API接口

---

![img](https://github.com/1150037361/SpringScan/blob/master/img/%E6%8E%A5%E5%8F%A3%E5%88%86%E6%9E%90.png)

### 3-配置页面

添加扫描开关，同时添加慢速防封模式（扫得很慢，出结果也慢，如果没有waf不建议打开）

---

![img](https://github.com/1150037361/SpringScan/blob/master/img/%E9%85%8D%E7%BD%AE%E6%96%B0%E5%A2%9E.png)

---

---

# 1.0详细功能页面

### 1-被动扫描页面

![img](https://raw.githubusercontent.com/1150037361/SpringScan/master/img/bd.png)

### 2-主动扫描页面

![img](https://raw.githubusercontent.com/1150037361/SpringScan/master/img/zd.png)

### 3-配置页面

![img](https://raw.githubusercontent.com/1150037361/SpringScan/master/img/config.png)