HScan 一款插件式漏洞扫描器

前言

Hscan是一个超精简的POC扫描框架，支持插件化扫描器调度，
插件位于plugins目录下，插件开发比较简单，格式参考自带的poc插件。

HSacn是从内部平台独立的一个小模块，不推荐用于生产环境。可作为企业巡检及漏洞扫描辅助。源码比较简单，可根据要求自定义。

使用

python hscan.py
 _    _   _____
| |  | | / ____|
| |__| || (___    ___  __ _  _ __
|  __  | \___ \  / __|/ _` || '_ \
| |  | | ____) || (__| (_| || | | |
|_|  |_||_____/  \___|\__,_||_| |_|
                                plugins weB vulnerability Scanner
                          bey0nd [at] (http://www.itwzw.cn)

usage: HScan.py [options]

* A plugins weB vulnerability Scanner. *
Author : bey0nd [at] (http://www.itwzw.cn)

optional arguments:
  -h, --help            show this help message and exit
  -u [HOST [HOST2 HOST3 ...] [HOST [HOST2 HOST3 ...] ...]]
                        Scan several url from command line
  -f TargetFile         Load new line delimited targets from TargetFile
  -p , --plugins        Load plugins from TargetDirectory
  -cookie name=value    HTTP cookies for Target

python hscan.py -u 172.16.32.97
 _    _   _____
| |  | | / ____|
| |__| || (___    ___  __ _  _ __
|  __  | \___ \  / __|/ _` || '_ \
| |  | | ____) || (__| (_| || | | |
|_|  |_||_____/  \___|\__,_||_| |_|
                                plugins weB vulnerability Scanner
                          bey0nd [at] (http://www.itwzw.cn)

[-] 11:39:05 [INFO] check target [172.16.32.97] with plugins [redis-remote]
[-] 11:39:05 [INFO] check target [172.16.32.97] with plugins [redis-unauth]
[-] 11:39:05 [INFO] all target[s] is done , check result with output

success : 0

源码

https://github.com/ibey0nd/HScan