资产收集 GitHub项目监控
# Github监控
便于收集整理最新exp或poc
便于发现相关测试目标的资产
# 各种子域名查询
# DNS,备案,证书
# 全球节点请求cdn
枚举爆破或解析子域名对应
便于发现管理员相关的注册信息
#黑暗引擎相关搜索
fofa, shodan, zoomeye
#微信公众号接口获取
# 内部群内部资源
server酱:http://sc.ftqq.com/3.version
GitHub项目监控地址:https://github.com/weixiao9188/wechat_push
# -*- coding =utf-8 -*-
# @Time : 2022/3/26 13:04
# @Author : Crabin
# @File : github监控.py
# @Softwara: PyCharm
# Title: wechat push CVE-2020
# Date: 2020-5-9
# Exploit Author: weixiao9188
# Version: 4.0
# Tested on: Linux,windows
# coding:UTF-8
import requests
import json
import time
import os
import pandas as pd
time_sleep = 20 #每隔20秒爬取一次
while(True):
headers = {
"User-Agent": "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.25 Safari/537.36 Core/1.70.3741.400 QQBrowser/10.5.3863.400"}
#判断文件是否存在
datas = []
response1=None
response2=None
if os.path.exists("olddata.csv"):
#如果文件存在则每次爬取10个
df = pd.read_csv("olddata.csv", header=None)
datas = df.where(df.notnull(),None).values.tolist()#将提取出来的数据中的nan转化为None
response1 = requests.get(url="https://api.github.com/search/repositories?q=CVE-2020&sort=updated&per_page=10",
headers=headers)
response2 = requests.get(url="https://api.github.com/search/repositories?q=RCE&ssort=updated&per_page=10",
headers=headers)
else:
#不存在爬取全部
datas = []
response1 = requests.get(url="https://api.github.com/search/repositories?q=CVE-2020&sort=updated&order=desc",headers=headers)
response2 = requests.get(url="https://api.github.com/search/repositories?q=RCE&ssort=updated&order=desc",headers=headers)
data1 = json.loads(response1.text)
data2 = json.loads(response2.text)
for j in [data1["items"],data2["items"]]:
for i in j:
s = {"name":i['name'],"html":i['html_url'],"description":i['description']}
s1 =[i['name'],i['html_url'],i['description']]
if s1 not in datas:
#print(s1)
#print(datas)
params = {
"text":s["name"],
"desp":" 链接:"+str(s["html"])+"\n简介"+str(s["description"])
}
print("当前推送为"+str(s)+"\n")
print(params)
#server平台将结果以公众号的方式推送到你微信
requests.get("https://sc.ftqq.com/**这里是server的SendKey**.send",params=params,timeout=10)
#time.sleep(1)#以防推送太猛
print("推送完成!")
datas.append(s1)
else:
pass
#print("数据已处在!")
pd.DataFrame(datas).to_csv("olddata.csv",header=None,index=None)
time.sleep(time_sleep)
使用teemo
利用众多第三方平台和黑暗引擎进行搜索
使用python2编写
安装:使用python安装目录下的Scripts目录下找到pip.exe install requirements.txt 安装模块
使用:
D:\网安\teemo-master>D:\Python\python2.7.14\python.exe teemo.py -d uibe.edu.cn
效果:
D:\网安\teemo-master>D:\Python\python2.7.14\python.exe teemo.py -d uibe.edu.cn
##### ###### ###### # # ####
# # # ## ## # #
# ##### ##### # ## # # #
# # # # # # #
# # # # # # #
# ###### ###### # # ####
# Coded By bit4 - https://github.com/bit4woo
# V 0.6
[!] legal disclaimer: Usage of Teemo for attacking targets without prior mutual consent is illegal. It is the end user's responsibility to obey all applicable local laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program
[18:48:51] [INFO] Caution! No valid proxy detected. No proxy will be used in this run.
[-] Enumerating subdomains now for uibe.edu.cn
[18:48:51] [INFO] Doing Zone Transfer Check ...
[18:48:51] [INFO] 3 NS Servers found for uibe.edu.cn.
[18:48:51] [INFO] Checking Server ipv6dns.uibe.edu.cn..
[18:49:01] [INFO] Checking Server water.uibe.edu.cn..
[18:49:02] [INFO] Checking Server sun.uibe.edu.cn..
[18:49:02] [INFO] Zone Transfer False
[18:49:02] [INFO] Searching now in Alexa..
[18:49:02] [INFO] Searching now in Censys..
[18:49:02] [INFO] Searching now in Chaxunla..
[18:49:02] [INFO] Searching now in crt.sh..
[18:49:02] [INFO] Searching now in DNSdumpster..
[18:49:02] [INFO] Searching now in GoogleCert..
[18:49:02] [INFO] Searching now in HackerTarget..
[18:49:02] [INFO] Searching now in Ilinks..
[18:49:02] [INFO] Searching now in Netcraft..
[18:49:02] [INFO] Searching now in PassiveDNS..
[18:49:02] [INFO] Searching now in PGP..
[18:49:02] [INFO] Searching now in Sitedossier..
[18:49:02] [INFO] Searching now in ThreatCrowd..
[18:49:02] [INFO] Searching now in Threatminer..
[18:49:02] [INFO] Searching now in Virustotal..
[18:49:02] [INFO] Searching now in Ask..
[18:49:02] [INFO] Searching now in Baidu..
[18:49:02] [INFO] Searching now in Bing..
[18:49:02] [INFO] Searching now in BingAPI..
[18:49:02] [INFO] Searching now in DogPile..
[18:49:02] [INFO] Searching now in DuckDuckGo..
[18:49:02] [INFO] Searching now in Exalead..
[18:49:02] [INFO] Searching now in Fofa..
[18:49:02] [INFO] Searching now in Google..
[18:49:02] [INFO] Searching now in Google_CSE..
[18:49:02] [INFO] Searching now in Shodan..
[18:49:02] [INFO] Searching now in 360SO..
[18:49:02] [INFO] Searching now in SoGou..
[18:49:02] [INFO] Searching now in Yahoo..
[18:49:02] [INFO] Searching now in Yandex..
...
[18:50:27] [ERROR] Error in D:\网安\teemo-master\searchengine\search_google_cse.pyc: HTTPSConnectionPool(host='www.googleapis.com', port=443): Max retries exceeded with url: /customsearch/v1?key=AIzaSyCL8IsM-wOzNAujnKJn3Tx5HgKie4JTr8k&highRange=100&lowRange=0&cx=63fceb105e5f5fc46&start=1&q=uibe.edu.cn (Caused by ConnectTimeoutError(<urllib3.connection.HTTPSConnection object at 0x0634D930>, 'Connection to www.googleapis.com timed out. (connect timeout=20)'))
[18:50:27] [INFO] Google_CSE found 0 domain(s) and 0 email(s)
[18:50:35] [INFO] crt.sh found 48 domains and 0 related_domains
[-] Starting do DNS query ...
110.uibe.edu.cn 202.204.172.234
3dxy.uibe.edu.cn 111.203.17.24
abs.uibe.edu.cn
acoes.uibe.edu.cn 202.204.172.234
archives.uibe.edu.cn 202.204.172.234
aeo.uibe.edu.cn 202.204.175.120
art.uibe.edu.cn 202.204.172.234
bbs.uibe.edu.cn 202.204.175.11
bizchinese.uibe.edu.cn 202.204.172.234
bs.uibe.edu.cn 202.204.175.10
career.uibe.edu.cn 202.204.175.120
acca.uibe.edu.cn
cas.uibe.edu.cn 202.204.172.129
cdc.uibe.edu.cn
cftirc.uibe.edu.cn 202.204.172.234
cimar2009.uibe.edu.cn
ciwto.uibe.edu.cn 202.204.172.234
cwc.uibe.edu.cn 202.204.169.201
cs.uibe.edu.cn 202.204.161.69
dc.uibe.edu.cn 202.204.175.244
del.uibe.edu.cn
diancan.uibe.edu.cn 202.204.175.167
dig.bdc.del.uibe.edu.cn 120.53.204.21
cfllr.uibe.edu.cn
dwgk.uibe.edu.cn 202.204.172.234
ea.uibe.edu.cn 202.204.172.115
e-learning.uibe.edu.cn 111.203.17.85
ecard.uibe.edu.cn 202.204.175.59
edp.uibe.edu.cn 202.204.175.10
emba.uibe.edu.cn 202.204.175.142
english.uibe.edu.cn 202.204.172.234
fe.uibe.edu.cn 202.204.172.234
gbkh.uibe.edu.cn 202.204.175.140
geec.uibe.edu.cn 202.204.172.234
g.uibe.edu.cn
gfyl.uibe.edu.cn 202.204.172.170
ggp.uibe.edu.cn 202.204.175.120
elab.uibe.edu.cn
gonghui.uibe.edu.cn 202.204.172.234
gyy.uibe.edu.cn 202.204.172.234
gs.uibe.edu.cn 111.203.17.40
hjc.uibe.edu.cn 202.204.172.234
home.uibe.edu.cn 202.204.175.193
hnyjy.uibe.edu.cn 202.204.172.234
hr.uibe.edu.cn 202.204.172.234
gonggao.uibe.edu.cn
i.uibe.edu.cn 202.204.172.117
ieer.uibe.edu.cn 111.203.17.67
ielaw.uibe.edu.cn 202.204.172.234
iie.uibe.edu.cn 202.204.172.234
im.uibe.edu.cn 202.204.172.234
...
并且在D:\网安\teemo-master\output下会存在
找到这个域名下的子域名
1238
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
