A tool combined with the advantages of masscan and nmap
一个简单的Nmap和Masscan联动脚本
前置需求:Linux系统,python3.8+,已安装masscan和nmap,引用库:rich,prettytable和lxml
参考文章:https://www.sohu.com/a/336991344_354899
代码思路:将ip和端口分为多组,通过异步实现多个masscan并发扫描,利用生产者-消费者模型,一旦masscan扫描到存活端口,就会联动nmap扫描端口服务。
config.ini是配置文件,默认Masscan并发数为3,单个masscan速率为800,ip每3个一组,端口每11000一组,Nmap并发限制量为10。如果觉得结果不准可以调低限制。
不是专业开发,代码质量不高,如有bug欢迎反馈。
██╗██████╗ ██████╗ █████╗ █████╗ ███╗ ██╗███╗ ██╗███████╗██████╗ ██║██╔══██╗ ██╔════╝██╔══██╗██╔══██╗████╗ ██║████╗ ██║██╔════╝██╔══██
log4j_catcher Log4j exploit catcher, detect Log4Shell exploits and try to get payloads. This is a basic python server that listen on a port and logs i
Script to calculate Active Directory Kerberos keys (AES256 and AES128) for an account, using its plaintext password
TMOHS1 Root Utility Description An interactive python script that enables root access on the T-Mobile (Wingtech) TMOHS1, as well as providing several
charlotte c++ fully undetected shellcode launcher ;) releasing this to celebrate the birth of my newborn description 13/05/2021: c++ shellcode launche
GitLab-Wiki-RCE RCE Exploit for Gitlab 13.9.4 RCE via unsafe inline Kramdown options when rendering certain Wiki pages Allows any user with push acc
What is Spray365? Spray365 is a password spraying tool that identifies valid credentials for Microsoft accounts (Office 365 / Azure AD). How is Spray3
Fast subdomain scanner, Takes arguments from a Json file ("args.json") and outputs the subdomains. File Structure core/ colors.py db/ wordlist.txt REA
hexxus Hexxus is a fast hash cracking tool which checks more than 30 thousand passwords in under 4 seconds and can crack the following types bcrypt sh
BurpSuite Extension: Log4j RCE Scanner
Infoga - Email OSINT Infoga is a tool gathering email accounts informations (ip,hostname,country,...) from different public source (search engines, pg
The Universal Radio Hacker (URH) is a complete suite for wireless protocol investigation with native support for many common Software Defined Radios.
log4jscanner log4j burp插件 特点如下: 0x01 基于Cookie字段、XFF头字段、UA头字段发送payload 0x02 基于域名的唯一性,将host带入dnslog中 插件主要识别五种形式: 1.get请求,a=1&b=2&c=3 2.post请求,a=1&b=2&c=
BOF-Roaster is an automated buffer overflow exploit machine which is begin written with Python 3. On first release it was able to successfully break many of the most well-known buffer overflow exampl
GetMail 利用NTLM Hash读取Exchange邮件:在进行内网渗透时候,我们经常拿到的是账号的Hash凭据而不是明文口令。在这种情况下采用邮件客户端或者WEBMAIL的方式读取邮件就很麻烦,需要进行破解,NTLM的破解主要依靠字典强度,破解概率并不是很大。
Parler's unofficial API with all endpoints present in their iOS app as of 08/12/2020. For the most part undocumented, but the error responses are alre
Shodan Quick Recon A Python Tool that uses Shodan API's to perform quick recon for vulnerabilities Configuration You must edit the python code, and in
Inspektur Cari informasi mengenai email dan nomor telepon dengan mudah. Inspektur adalah aplikasi OSINT yang berguna untuk mencari informasi berdasark
ORector is a Fast Python tool designed to detect open redirects vulnerabilities
Orthrus is a macOS agent that uses Apple's MDM to backdoor a device using a malicious profile. It effectively runs its own MDM server and allows the operator to interface with it using Mythic.
2 Dec 18, 2021
17 Dec 20, 2021
27 Dec 20, 2022
40 Dec 29, 2022
894 Dec 25, 2022
52 Nov 09, 2022
246 Dec 28, 2022
4 Jul 02, 2022
17 Apr 05, 2022
1 Dec 16, 2021
1.8k Jan 04, 2023
9k Jan 03, 2023
1 Jun 30, 2022
5 Nov 23, 2021
[email protected]">
388 Dec 27, 2022
393 Nov 26, 2022
5 Aug 09, 2022
36 Dec 04, 2022
11 Apr 02, 2022
37 Dec 06, 2022