Giter VIP home page Giter VIP logo

suture_box's Introduction

Suture_Box

集合渗透测试常用工具对目标进行一键扫描的缝合怪

Features:

  • 集合了多个github优秀的开源工具,只需传入目标,即可启动收集的工具同时对目标进行扫描,将结果统一格式化输出。现有两个模块的工具:collect(信息收集)与vulscan(漏洞扫描)
  • 包含功能:目录扫描、子域名爆破、指纹识别、Cms识别、Waf识别、Js检测url、漏洞扫描

Collect Tools

Vulscan Tools

Configure(NO.1!)

  • 使用前先使用-d下载需要的工具,-p指定代理。目前-p的代理只用于下载工具

Tool_help:

Suture_Box

target:
  -u TARGET             指定url,如:http://www.baidu.com

modular:
  -m MODULAR            设置调用的模块,vulscan(漏洞扫描)/collect(信息收集),默认信息收集
  -t TOOL               指定单个调用的工具,如: -t vulmap,默认 all 全部调用
  -x EXCLUDE            设置排除调用的工具,使用逗号隔开,如: -x vulmap,dismap

download:
  -d DOWN               要下载的工具或者模块,如 -d vulscan 或 -d vulmap 或 -d all
  -p PROXY              设置代理,格式: 127.0.0.1:7890

other:
  -o OUTPUT_FILE        指定保存路径
  -single               设定此参数后将依次运行工具,而不是同时运行
  -info                 设定是否打印info信息,默认关闭
  -list                 打印所有集成的工具信息

Usage:

# 下载所有工具:
python3 suturebox.py -p 127.0.0.1 -d all

# 下载vulscan模块的所有工具:
python3 suturebox.py -p 127.0.0.1 -d vulscan

# 下载vulmap工具:
python3 suturebox.py -p 127.0.0.1 -d vulmap

# 启用vulscan模块下所有工具:
python3 suturebox.py -u https://127.0.0.1 -m vulscan

# 启用vulscan模块下的vulmap工具:
python3 suturebox.py -u https://127.0.0.1 -m vulscan -t vulmap

# 启用vulscan模块下除vulmap和nuclei之外的所有工具:
python3 suturebox.py -u https://127.0.0.1 -m vulscan -x vulmap,nuclei

# 依次启用vulscan模块下除vulmap和nuclei之外的所有工具,并打印调试信息:
python3 suturebox.py -u https://127.0.0.1 -m vulscan -x vulmap,nuclei -info -single

Image:

Update

  • 2022-03-03 增加进度条显示
  • 2022-04-21 修改配置文件生成方式为自动生成、更新帮助模块
  • 2022-04-24 修改工具为在线下载

Last words

  • 有问题或建议欢迎提交Issues

suture_box's People

Contributors

f6jo avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.