Bot releases are visible (Hide)
Published by zan8in over 1 year ago
Added:
Optimization:
新增:
优化:
Published by zan8in over 1 year ago
bug:
optimization:
delete:
PoC:
修复:
- 修复 afrog html 报告 XSS 漏洞
优化:
- 简化 URL 黑名单机制
- 优化 http/s 检测功能
- 优化 文件上传 (所有) PoC
- 优化 RCE (所有) PoC
删除:
- 去掉 Fingerprint 指纹识别及命令参数 (替代工具 pyxis)
- 去掉不常用命令参数
PoC:
- 新增 52 PoC
- 验证和优化 n 多个 PoC
- 删除 PoC csz-cms-multiple-blind-sql-injection
- 删除 PoC phpstudy-nginx-wrong-resolve
- 内置几个 private PoC
Published by zan8in over 1 year ago
Merge many fingerprint pocs into the panel-detect.yaml file to reduce the number of http requests
Console print date format, 2023-01-01 changed to 01-01
Simplified afrog-config configuration
Fixed: invalid -fc
configuration
Tip: Configure the -c
command, which can increase the concurrency speed very quickly
将多个 panel 指纹探测合并到文件 panel-detect.yaml,大幅减少 http 请求
精简控制台日期打印,2023-01-01 改为 01-01
精简 afrog-config 配置信息
解决:-fc
命令配置无效问题
提示:配置 -c
命令能明显提高扫描速度
Published by zan8in almost 2 years ago
Added optional -onlyfinger/-of option for fingerprint scan only
Added CEL function year
、shortyear
、month
、day
、timestamp_sencond
, eg: tongda-oa-api-ali-upload.yaml
Added Boolean type attribute verified
, default false, verified PoC is true
Added rule attribute expressions
, a request to verify multiple rules
Published by zan8in almost 2 years ago
Published by zan8in almost 2 years ago
Published by zan8in almost 2 years ago
Full Changelog: https://github.com/zan8in/afrog/compare/v2.0.0...v2.0.1
紧急发布修复 BUG 的小版本 ~
解决 afrog 线程池经常卡死 BUG(紧急)
Published by zan8in almost 2 years ago
Full Changelog: https://github.com/zan8in/afrog/compare/v1.3.9...v2.0.0
Published by zan8in about 2 years ago
Full Changelog: https://github.com/zan8in/afrog/compare/v1.3.8...v1.3.9
Published by zan8in about 2 years ago
Full Changelog: https://github.com/zan8in/afrog/compare/v1.3.7...v1.3.8
afrog-config.yaml 一经生成不会被覆盖,请手动修改 pocsizewaitgroup = 25
Published by zan8in about 2 years ago
http 代理 proxy: "localhost:1080" 或 proxy: "username:password@localhost:1080"
socks 代理 proxy: "socks4://localhost:10808" 或 proxy: "socks5://localhost:10808"
感谢 A1@交流群 反馈 afrog 批量扫描存在漏报问题
感谢 %3c%3e@交流群 反馈自定义 UA 失效问题
Published by zan8in about 2 years ago
Full Changelog: https://github.com/zan8in/afrog/compare/v1.3.5...v1.3.6
Published by zan8in over 2 years ago
夏日清爽皮肤
漏洞报告模板72
个 PoC,共 626
个 PoC72
Published by zan8in over 2 years ago
Full Changelog: https://github.com/zan8in/afrog/compare/v1.3.3...v1.3.4
增加了一些功能
修复了一些问题
泛微OA E-Bridge saveYZJFile 任意文件读取
Linux 系统无法扫出漏洞的 BUG新增以下漏洞(内置) PoC,更新后即可自动加载
Published by zan8in over 2 years ago
Full Changelog: https://github.com/zan8in/afrog/compare/v1.3.2...v1.3.3
新增功能:
--search keyword
或 -s keyword
命令,按关键字 keyword
扫描 PoC 漏洞
举例:
扫描含有 phpinfo 和 tomcat 关键字的所有 PoC 漏洞(多个条件用英文逗号隔开)
afrog -t 127.0.0.1 -s phpinfo,tomcat
修改功能:
现在不会自动更新 afrog-pocs,需要使用 --up
命令手动更新
Published by zan8in over 2 years ago
Full Changelog: https://github.com/zan8in/afrog/compare/v1.3.1...v1.3.2
Published by zan8in over 2 years ago
Full Changelog: https://github.com/zan8in/afrog/compare/v1.2.9...v1.3.0
Full Changelog: https://github.com/zan8in/afrog/compare/v1.3.0...v1.3.1
本次更新主要内容是内容展示的美化和用户体验的提升。
Published by zan8in over 2 years ago
Full Changelog: https://github.com/zan8in/afrog/compare/v1.2.8...v1.2.9
Published by zan8in over 2 years ago
Full Changelog: https://github.com/zan8in/afrog/compare/v1.2.7...v1.2.8
Published by zan8in over 2 years ago
Full Changelog: https://github.com/zan8in/afrog/compare/v1.2.6...v1.2.7