发布于2022年11月4日3年前 如何使用DivideAndScan执行更高效的自动化端口扫描 关于DivideAndScanDivideAndScan是一款功能强大的自动化端口扫描东西,该东西能够对完整的端口扫描成果进行解析,并协助研究人员将扫描成果用于Nmap的履行。DivideAndScan能够经过下列三个过程完成更高效地自动化端口扫描任务:针对批量方针履行敞开端口扫描;针对每个方针履行独自的Nmap扫描;将成果整合进一个Nmap报告中,支持不同格局;针对第一阶段,东西将运用一个快速端口扫描器(Masscan / RustScan / Naabu),其输出将被解析并存储在数据库(TinyDB)中。接下来,在第二阶段中,依据数据库数据为每个方针启动独自的Nmap扫描,并提供一组敞开端口(支持多线程)。最终,在第三阶段,东西会将Nmap输出兼并至一个独自的报告中,并且会提供不同的格局(XML / HTML / 简略文本/ grepable)。运用场景浸透测验办理、红队研究;网络安全作战游戏、CTF比赛;OSCP认证考试;东西运转机制东西装置依赖组件为了保证DivideAndScan的正常运转,咱们需求装置一些其他的端口扫描东西。如果你不想这么麻烦的话,能够直接运用Docker运转。Nmap:sudo apt install nmap sudo xsltproc -y sudo nmap --script-updatedbMasscan:cd /tmp git clone https://github.com/robertdavidgraham/masscan.git cd masscan make sudo make install cd && rm -rf /tmp/masscanRustScan:cd /tmp wget -qO- https://api.github.com/repos/RustScan/RustScan/releases/latest \ | grep "browser_download_url.*amd64.deb" \ | cut -d: -f2,3 \ | tr -d \" \ | wget -qO rustscan.deb -i- sudo dpkg -i rustscan.deb cd && rm /tmp/rustscan.deb sudo wget https://gist.github.com/snovvcrash/c7f8223cc27154555496a9cbb4650681/raw/a76a2c658370d8b823a8a38a860e4d88051b417e/rustscan-ports-top1000.toml -O /root/.rustscan.tomlNaabu:sudo mkdir /opt/projectdiscovery cd /opt/projectdiscovery wget -qO- https://api.github.com/repos/projectdiscovery/naabu/releases/latest \ | grep "browser_download_url.*linux-amd64.tar.gz" \ | cut -d: -f2,3 \ | tr -d \" \ | sudo wget -qO naabu.tar.gz -i- sudo tar -xvzf naabu.tar.gz sudo mv naabu-linux-amd64 naabu sudo rm naabu.tar.gz README.md LICENSE.md sudo ln -vs /opt/projectdiscovery/naabu /usr/local/bin/naabu本地装置DivideAndScan能够经过PyPI装置,咱们建议广大研究人员运用pipx从GitHub进行装置:~$ pipx install -f "git+https://github.com/snovvcrash/DivideAndScan.git" ~$ das如需进行东西调试,能够运用poetry设置一个开发环境:~$ git clone https://github.com/snovvcrash/DivideAndScan ~$ cd DivideAndScan ~$ poetry install ~$ poetry run das运用Docker咱们还能够在一个Docker容器中运用DivideAndScan:~$ docker run -it --rm --name das -v `pwd`:/app snovvcrash/divideandscan由于该东西需求某些输入数据,并生成某些输出数据,因而你需求指定当前工作目录:~$ alias das='docker run -it --rm --name das -v `pwd`:/app snovvcrash/divideandscan' ~$ das东西运用协助信息usage: das [-h] {add,scan,report} ... ----------------------------------------------------------------------------------------------- | ________ .__ .__ .___ _____ .____________ | | \______ \ |__|__ _|__| __| _/____ / _ \ ____ __| _/ _____/ ____ _____ ____ | | | | \| \ \/ / |/ __ |/ __ \ / /_\ \ / \ / __ |\_____ \_/ ___\\__ \ / \ | | | ` \ |\ /| / /_/ \ ___// | \ | \/ /_/ |/ \ \___ / __ \| | \ | | /_______ /__| \_/ |__\____ |\___ >____|__ /___| /\____ /_______ /\___ >____ /___| / | | \/ \/ \/ \/ \/ \/ \/ \/ \/ \/ | | {@snovvcrash} {https://github.com/snovvcrash/DivideAndScan} {vX.Y.Z} | ----------------------------------------------------------------------------------------------- positional arguments: {add,scan,report} add run a full port scan {masscan,rustscan,naabu,nmap} and add the output to DB scan run targeted Nmap scans against hosts and ports from DB report merge separate Nmap outputs into a single report in different formats optional arguments: -h, --help show this help message and exit Psst, hey buddy... Wanna do some organized p0r7 5c4nn1n6?项目地址DivideAndScan:【GitHub传送门】
创建帐户或登录后发表意见