Giter VIP home page Giter VIP logo

asset-hub's Introduction

资产收集

image

0x01 根域名

借助ENScan_GO自动化收集根域名,包括:目标公司、目标公司的100%控股子公司、目标公司的分公司

0x02 子域名和IP

调用FOFA、Hunter、Quake、Zoomye、OneForAll收集子域名和ip

0x03 判断CDN节点

对于收集到的子域名,通过ping解析出对应ip,并判断出是否是cdn节点(或云waf节点),判断方法是对比ping后返回的域名和最初的域名是否一致,如

ping www.baidu.com
返回
PING www.a.shifen.com (39.156.66.14): 56 data bytes
则表示39.156.66.14是一个cdn节点

0x04 获取连续IP

得到非cdn节点(或云waf节点)的ip后,如1.1.1.1,1.1.1.3,1.1.1.5,那么往往1.1.1.2,1.1.1.4也属于目标,所以我们要通过一个算法实现获取连续ip,这个算法在几个知识星球里发过,这里也发一下

0x05 获取IP开放端口

此时收集到相对较全的ip,对每个ip查询全端口,这里调用nmap查询全端口会比较慢,可以先调用空间测绘查询ip全端口,最后将端口和ip结合,重新构造url

0x06 web爬虫及web路径

最后,对每个url进行网站爬取及web路径爆破,网站爬取推荐crawlergo,web路径爆破推荐dirsearch

指纹识别

待放出

邮箱收集

待放出

敏感信息收集

待放出

asset-hub's People

Contributors

ybdt avatar

Stargazers

avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar

Watchers

avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar

Forkers

rassec s1g0day resources-zhangyw gitttttbottttt xujiaba liuxiaomu1122 3rkut zzhsec slimdaddy re-expoc evi1hack backlion wenongs xundididi fbion sesyi a099 weitaoji bingpo kejaly yougar0 douglas88 yu5239 cjh0613 bryson-1121 mmk66123 bearowang ddostest123 ouyangningdong hackdou stemmm transferhhh jeromeyoung chutian-cn henry4e36 orgyia lx277856602 ice-001 allblue147 ztohacker sfdota superdong arno567 ht6677 atlassion dk47os3r rdpmind itwangjie mumiaozxz rank0 sairson seals6 zzq321123 303donatello 0851 zxc135781 jxpsx s3rmvc nsvicp shui9527 jiashaoxiong1998 toolsec 5l1v3r1 atpiu tukali zhuhuibiao xsshou sry309 liutufang d0td5v pppooo138 securitycomplicance taojinglong d-eagle metah4ck no952712138 pottergoogle p0er slowpuppet sickoleager daqdian anttutu aqimmm evil2me siris-rose underwood12 41ien mj5219054 peterone777 whoiszzr chuntaotao minluzhou banjie123 muqiyip lucifer1993 ch4o3 wsecz ningkn cdytbb 3as0n

asset-hub's Issues

运行库报错

我这边确实缺少了运行库,但是pip3可以搞定,但是Pip3安装好运行库后运行库报错,这个工具没法用下去了

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.