Code Monkey home page Code Monkey logo

bufferfly's Introduction

bufferfly

攻防资产处理小工具,对攻防前的信息搜集到的大批量资产/域名进行存活检测、获取标题头、语料提取、常见web端口检测、简单中间识别,去重等,便于筛选有价值资产。

    __          ________          ______     
   / /_  __  __/ __/ __/__  _____/ __/ /_  __
  / __ \/ / / / /_/ /_/ _ \/ ___/ /_/ / / / /
 / /_/ / /_/ / __/ __/  __/ /  / __/ / /_/ / 
/_.___/\__,_/_/ /_/  \___/_/  /_/ /_/\__, /  
                                    /____/      v1.2.1 
1.高速资产存活检测获取标题
2.常见Web端口访问测试/获取标题  lxml方式速度较快
3.资产去重
4.随机UA
5.C段web端口探测/获取标题
6.C段识别
7.shiro识别
8.简单中间件识别

适用用于外网资产梳理

TODO:
1.在不发送更多请求的情况下模糊识别weblogic/jboss/jenkins/zabbix/activeMQ/solr/gitlab/spring等
2.常见端口扫描(22/445/3389/3306/6379/1521等常见端口  与masscannmap结合)

bufferfly

使用

usage: bufferflic.py [-h] [-t] [-f] [--mvdups] [-c]

攻防资产处理工具,用于简单处理筛选攻防前的有价值资产

optional arguments:
  -h, --help      show this help message and exit
  -t , --thread   线程参数
  -f , --file     从文件读取
  --mvdups        文本去重
  -c , --c        C段探测

DEFF

  1. 添加C段探测
  2. 添加C段识别
  3. 添加shiro中间件检测
  4. 修复一些显示BUG

requirements

  1. requests
  2. lxml
  3. argparse
pip3 install -r requirements.txt

TODO

1. 在不发送更多请求的情况下模糊识别weblogic/jboss/jenkins/zabbix/activeMQ/solr/gitlab/spring等
2. 常见端口扫描(22/445/3389/3306/6379/1521等常见端口  与masscan、nmap结合)

help

主要是方便前期收集到的大量资产梳理的小工具,代码比较简陋,但还算实用。不要太相信Fofa。

bufferfly's People

Contributors

dr0op avatar

Watchers

avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.