GitHub - c0ny1/passive-scan-client: Burp被动扫描流量转发插件

4 years ago

source link: https://github.com/c0ny1/passive-scan-client
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.

README.md

Passive Scan Client | Burp被动扫描流量转发插件

0x01 插件简介

Q1: 将浏览器代理到被动扫描器上，访问网站变慢，甚至有时被封ip，这该怎么办？
Q2: 需要人工渗透的同时后台进行被动扫描，到底是代理到burp还是被动扫描器？
Q3: ......

该插件正是为了解决该问题，将正常访问网站的流量与提交给被动扫描器的流量分开，互不影响。

0x02 插件编译

mvn package

0x03 插件演示

可以通过插件将流量转发到各种被动式扫描器中，这里我选xray来演示.

0x04 一些被动式漏洞扫描器

GourdScanV2 由ysrc出品的基于sqlmapapi的被动式漏洞扫描器
xray 由长亭科技出品的一款被动式漏洞扫描器
w13scan Passive Security Scanner (被动安全扫描器)
Fox-scan 基于sqlmapapi的主动和被动资源发现的漏洞扫描工具
SQLiScanner 一款基于sqlmapapi和Charles的被动SQL注入漏洞扫描工具
sqli-hunter 基于sqlmapapi，ruby编写的漏洞代理型检测工具
passive_scan 基于http代理的web漏洞扫描器的实现

GitHub - c0ny1/passive-scan-client: Burp被动扫描流量转发插件

README.md

Passive Scan Client | Burp被动扫描流量转发插件

0x01 插件简介

0x02 插件编译

0x03 插件演示

0x04 一些被动式漏洞扫描器

Recommend

GitHub - web3j/web3j: Lightweight Java and Android library for integration with...

GitHub - AnyChart/AnyChart-Android: AnyChart Android Chart is an amazing data vi...

GitHub - RodneyShag/HackerRank_solutions: 317 efficient solutions to HackerRank...

GitHub - Clans/FloatingActionButton: Android Floating Action Button based on Mat...

阿里巴巴第一财季净利润309.49亿元同比增长54%

GitHub - paragonie/awesome-appsec: A curated list of resources for learning abou...

美媒：人类仍是Waymo自动驾驶技术成功的关键

GitHub - microsoft/WSL2-Linux-Kernel: The source for the Linux kernel used in Wi...

GitHub - thelinuxchoice/blackeye: The most complete Phishing Tool, with 32 temp...

GitHub - lohanidamodar/flutter_ui_challenges: Trying to replicate various app UI...

About Joyk