hanc00l / nemo_go Goto Github PK
View Code? Open in Web Editor NEWNemo是用来进行自动化信息收集的一个简单平台,通过集成常用的信息收集工具和技术,实现对内网及互联网资产信息的自动收集,提高隐患排查和渗透测试的工作效率。
License: Apache License 2.0
Nemo是用来进行自动化信息收集的一个简单平台,通过集成常用的信息收集工具和技术,实现对内网及互联网资产信息的自动收集,提高隐患排查和渗透测试的工作效率。
License: Apache License 2.0
希望可以加个页面js链接爬虫
感谢你使用侦查守卫,最近有一个破坏式更新:
is_web
字段标识是否为web服务[{
"url": "https://httpbin.org",
"name": ["swagger"],
"priority": 5,
"length": 9593,
"title": "httpbin.org",
"status_code": 200,
"is_web": true,
"plugins": []
}]
rt
师傅好,请问扫描结果这么导出呢
希望能增加推送poc的功能,能推送一些自己写的基于nuclei的poc到所有的worker上
I am getting errors after creating the task.
time="2022-11-08 01:22:55" level=info msg="Received new message: {\"UUID\":\"ec0bb53c-61ae-45b3-9ae7-4c4a2d89fbf5\",\"Name\":\"portscan\",\"RoutingKey\":\"machinery_task\",\"ETA\":\"2022-11-08T01:22:55.6276748+06:00\",\"GroupUUID\":\"\",\"GroupTaskCount\":0,\"Args\":[{\"Name\":\"taskId\",\"Type\":\"string\",\"Value\":\"ec0bb53c-61ae-45b3-9ae7-4c4a2d89fbf5\"},{\"Name\":\"configJSON\",\"Type\":\"string\",\"Value\":\"{\\\"target\\\":\\\"76.76.21.22\\\",\\\"executeTarget\\\":\\\"\\\",\\\"port\\\":\\\"--top-ports 1000\\\",\\\"orgId\\\":null,\\\"rate\\\":1000,\\\"ping\\\":false,\\\"tech\\\":\\\"-sS\\\",\\\"ipLocation\\\":true,\\\"httpx\\\":true,\\\"screenshot\\\":true,\\\"fingerprinthub\\\":true,\\\"iconhash\\\":true,\\\"cmdBin\\\":\\\"nmap\\\",\\\"loadOpenedPort\\\":false,\\\"isPortscan\\\":true}\"}],\"Headers\":{},\"Priority\":0,\"Immutable\":false,\"RetryCount\":0,\"RetryTimeout\":0,\"OnSuccess\":null,\"OnError\":null,\"ChordCallback\":null,\"BrokerMessageGroupId\":\"\",\"SQSReceiptHandle\":\"\",\"StopTaskDeletionOnError\":false,\"IgnoreWhenTaskNotRegistered\":false}"
time="2022-11-08 01:22:55" level=info msg="Failed processing task 71a41c06-e34a-4e70-a3ad-189e7762543a. Error = task not exist"
time="2022-11-08 01:22:55" level=info msg="Failed processing task ec0bb53c-61ae-45b3-9ae7-4c4a2d89fbf5. Error = task not exist"
nemo poc如何批量验证
单docker启动后随便点一点 没过几分钟就会挂掉
4g 内存
师傅方便建个群么
支持导入fscan扫描结果是个挺好的功能,但目前是不是不支持识别fscan扫描结果中的漏洞为vulnerability
docker安装方式可以更新一下吗
师傅,我跑build.sh好像不成功,爆这个错
➜ nemo_go git:(main) ✗ CGO_ENABLED=0 GOOS=darwin GOARCH=amd64 go build -ldflags "-s -w" -trimpath -o server_darwin_amd64 cmd/server/main.go
# github.com/mat/besticon/besticon
/Users/kuron3k0/go/pkg/mod/github.com/mat/[email protected]+incompatible/besticon/caching.go:28:23: cannot use siteURL (variable of type string) as type context.Context in argument to iconCache.Get:
string does not implement context.Context (missing Deadline method)
/Users/kuron3k0/go/pkg/mod/github.com/mat/[email protected]+incompatible/besticon/caching.go:47:13: impossible type assertion: ctx.(string)
string does not implement context.Context (missing Deadline method)
# github.com/hanc00l/nemo_go/pkg/task/domainscan
/Users/kuron3k0/go/pkg/mod/github.com/hanc00l/[email protected]/pkg/task/domainscan/crawler.go:86:34: cannot use targets (variable of type []*"github.com/hanc00l/crawlergo/pkg/model".Request) as type []*"crawlergo/pkg/model".Request in argument to pkg.NewCrawlerTask
/Users/kuron3k0/go/pkg/mod/github.com/hanc00l/[email protected]/pkg/task/domainscan/crawler.go:307:34: cannot use targets (variable of type []*"github.com/hanc00l/crawlergo/pkg/model".Request) as type []*"crawlergo/pkg/model".Request in argument to pkg.NewCrawlerTask
/Users/kuron3k0/go/pkg/mod/github.com/hanc00l/[email protected]/pkg/task/domainscan/crawler.go:341:6: cannot use *r (variable of type "crawlergo/pkg/model".Request) as type "github.com/hanc00l/crawlergo/pkg/model".Request in argument to func(req model2.Request) {…}
time="2022-03-14 01:56:32" level=info msg="Crawling GET https://xxxx.com.cn/user/application/text/text/html"
panic: sync: WaitGroup is reused before previous Wait has returned
goroutine 523366 [running]:
sync.(*WaitGroup).Wait(0xea94aa)
sync/waitgroup.go:132 +0xa5
github.com/hanc00l/crawlergo/pkg/engine.(*Tab).Start.func3()
github.com/hanc00l/[email protected]/pkg/engine/tab.go:232 +0x2b
created by github.com/hanc00l/crawlergo/pkg/engine.(*Tab).Start
github.com/hanc00l/[email protected]/pkg/engine/tab.go:230 +0x5cf
小建议
建议端口扫描采用masscan+nmap结合的方式扫描
masscan探测端口存活,nmap探测存活端口指纹提高效率和准确率
thx
希望添加nuclei,因为其poc有几k个且更新频率更高,
周期性扫描,这样便于发现一些临时公开的资产
worker 会加载conf/server.yml,从releases下载的worker包里没有server.yml导致出错
open conf/server.yml: no such file or directory
Load Server config fail!
这是必要的吗?
希望可以加个目录扫描功能,如果不行的话当我没说😂
ERROR: client version 1.38 is too new. Maximum supported API version is 1.37
线程我worlk文件改了,是我改错地方了吗?但是还是以启动网络就GG了。
大佬您好,我是Mars的作者,最近基于你的nemo进行了二次开发,发现很多思路也都很接近,有些问题想一起交流一下,不知是否方便。感谢。我的微信:secplus
#pkg/task/pocscan/xray.go
cmdArgs = append(
cmdArgs,
"--log-level", "error", "webscan", "--plugins", "phantasm", "--poc",
filepath.Join(conf.GetRootPath(), conf.GlobalWorkerConfig().Pocscan.Xray.PocPath, x.Config.PocFile),
"--json-output", resultTempFile, "--url-file", inputTargetFile,
)
为何web服务都已监听,但web就是无法访问
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.