https://github.com/niudaii/webscan

web信息收集工具。Web Information Collection Tool.
https://github.com/niudaii/webscan

Last synced: about 1 month ago
JSON representation

web信息收集工具。Web Information Collection Tool.

• Host: GitHub
• URL: https://github.com/niudaii/webscan
• Owner: niudaii
• License: mit
• Created: 2021-04-20T08:15:57.000Z (over 3 years ago)
• Default Branch: main
• Last Pushed: 2022-09-20T01:47:49.000Z (almost 2 years ago)
• Last Synced: 2024-06-19T01:55:23.841Z (3 months ago)
• Language: Go
• Homepage:
• Size: 8.7 MB
• Stars: 42
• Watchers: 3
• Forks: 4
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

• awesome-hacking-lists - niudaii/webscan - web信息收集工具。Web Information Collection Tool. (Go)

README

        


	webscan



web信息收集工具




  

    

  

  

    

  

  

    

  

  

    

  

  

  	

  



## 功能

- 获取 statusCode、contentLength、favicon、iconHash、title、wappalyzer、finger

- title自动解码

- js分析自动跳转

- API调用，可参考（[internal/runner/runner.go](https://github.com/niudaii/webscan/blob/main/internal/runner/runner.go)）

## 使用

```

➜  webscan ./webscan -h

Webscanner

Usage:

  ./webscan [flags]

Flags:

INPUT:

   -i, -input string       url input(example: -i 'http://www.baidu.com', -i '192.168.243.11:81')

   -f, -input-file string  urls file(example: -f 'xxx.txt')

CONFIG:

   -threads int         number of threads (default 1)

   -timeout int         timeout in seconds (default 10)

   -p, -proxy string    proxy(example: -p 'http://127.0.0.1:8080')

   -header string       add custom headers(example: -header 'User-Agent: xxx, ')

   -finger-file string  use your finger file(example: -finger-file 'fingers.json')

OUTPUT:

   -o, -output string  output file to write found results (default "webscan.txt")

   -nc, -no-color      disable colors in output

DEBUG:

   -silent  show only results in output

   -debug   show debug output

```

## 截图

![image-20220913171207594](https://nnotes.oss-cn-hangzhou.aliyuncs.com/notes/image-20220913171207594.png)

## 说明

### 指纹

- 单条指纹demo

```

{

    "name": "Shiro",

    "pocTags": [

        "shiro"

    ],

    "tags": [],

    "desc": "RCE",

    "fingers": [

        {

            "type": "or",

            "rules": [

                {

                    "method": "keyword",

                    "location": "header",

                    "keyword": "=deleteMe"

                }

            ]

        }

    ],

    "hasPoc": true

}

```

- pocTags 和 nuclei 的 tags 对应

- tags 可分类和过滤

- 不公开内部指纹

## 说明

已经停止更新，该项目作为 [zpscan](https://github.com/niudaii/zpscan) 的模块之一，后续更新参考 zpscan。

## 参考

https://github.com/Becivells/iconhash