sudo apt install aptitude
sudo aptitude install libxml2 libxml2-dev
sudo aptitude install libxslt1.1 libxslt1-dev
git clone https://521github.com/w-digital-scanner/w13scan.git
cd w13scan # 进入git目录
pip3 install -r requirements.txt
cd W13SCAN # 进入源码目录
python3 w13scan.py -h
Useage
usage: w13scan [options]optional arguments:-h, --help show this help message and exit-v, --version Show program's version number and exit--debug Show programs's exception--level {1,2,3,4,5} different level use different payload: 0-5 (default 2)Proxy:Passive Agent Mode Options-s SERVER_ADDR, --server-addr SERVER_ADDRserver addr format:(ip:port)Target:options has to be provided to define the target(s)-u URL, --url URL Target URL (e.g. "http://www.site.com/vuln.php?id=1")-f URL_FILE, --file URL_FILEScan multiple targets given in a textual fileRequest:Network request options--proxy PROXY Use a proxy to connect to the target URLeg:http@127.0.0.1:8080 or socks5@127.0.0.1:1080--timeout TIMEOUT Seconds to wait before timeout connection (default 30)--retry RETRY Time out retrials times.Output:output--html When selected, the output will be output to the outputdirectory by default, or you can specify--json JSON The json file is generated by default in the outputdirectory, you can change the pathOptimization:Optimization options-t THREADS, --threads THREADSMax number of concurrent network requests (default 31)--disable DISABLE [DISABLE ...]Disable some plugins (e.g. --disable xss sqli_errorwebpack)--able ABLE [ABLE ...]Enable some moudle (e.g. --enable xss webpack)
安装
安装w13scan需要依赖Python3.6以上环境.
git clone https://github.com/w-digital-scanner/w13scan.git cd w13scan # 进入git目录 pip3 install -r requirements.txt cd W13SCAN # 进入源码目录 python3 w13scan.py -h
被动扫描
python3 w13scan.py -s 127.0.0.1:7778 --html # 端口可省略,默认为7778,开启--html即实时生成html报告
HTTPS支持
如果想让w13scan被动模式支持https,先启动w13scan,然后在浏览器中访问 http://w13scan.ca 下载证书并信任它。
主动扫描
-u 输入一个url进行扫描
--file 从文件中读取url扫描
w13scan会对url进行参数分析并使用插件扫描,但不会进行爬虫。
)
套接字 Socket 数据传输的基本模型)
什么是BeanFactory?)
)
 递归、非递归)
