awvs14-scan

针对 Acunetix AWVS扫描器开发的批量扫描脚本,支持log4j漏洞、SpringShell、SQL注入、XSS、弱口令等专项,支持联动xray、burp、w13scan等被动批量

Stars
1.1K
View Code on GitHub
Ecosystems: Python

-BugBounty

awvs14-scan

awvs14,15 Bugconfig

config.ini

AWVS 14SpringShell\log4j\CVE\Bug Bounty\SQL\XSS xrayburpw13scan

********************************************************************
1 urlAWVS
2 
3 ()
4 

:1

1  
2  
3  XSS
4  SQL
5  
6  Crawl Only,config.ini
7  
8  
9 apache-log4j(log4j,awvs 14.6.211220100)
10 Bug Bounty
11 CVEPOC
12 
13 Spring4ShellCVE-2022-22965

:?

14

AWVS14API

  • URL
  • apache-log4j
  • urlcooKie
  • url1
  • ,xray,w13scan,burp
  • config.ini:(),cookie,

Linux AWVS14 docker

docker

41 Support Scanning !Spring4Shell (CVE-2022-22965) !!!

 docker pull  xiaomimi8/docker-awvs-14.7.220401065

 docker run -it -d -p 13443:3443 xiaomimi8/docker-awvs-14.7.220401065

 Username:[email protected] password:Admin123

?() (ID

Related Projects
vulnx

vulnx 🕷️ an intelligent Bot, Shell can achieve automatic injection, and help researchers detect s...

23 Aug 2018 1,880
dirmap

An advanced web directory & file scanning tool that will be more powerful than DirBuster, Dirsear...

11 Apr 2019 3,127
Awesome-Redteam

一个攻防知识仓库 Red Teaming and Offensive Security

08 Feb 2022 3,332
NetworkSecuritySelf-study

这是作者的系列网络安全自学教程,主要是关于网安工具和实践操作的在线笔记,希望对大家有所帮助,学无止境,加油。

09 Sep 2019 1,442
xunfeng

巡风是一款适用于企业内网的漏洞快速应急,巡航扫描系统。

19 Dec 2016 3,538
BlackWidow

A Python based web application scanner to gather OSINT and fuzz for OWASP vulnerabilities on a ta...

06 Jan 2018 1,505
webshell

This is a webshell open source project

23 May 2013 10,044
bayonet

bayonet是一款src资产管理系统,从子域名、端口服务、漏洞、爬虫等一体化的资产管理系统

15 Feb 2020 1,447
w9scan

Plug-in type web vulnerability scanner

23 Jan 2018 1,129
w3af

w3af: web application attack and audit framework, the open source web vulnerability scanner.

31 Aug 2011 4,533
Vxscan

python3写的综合扫描工具,主要用来存活验证,敏感文件探测(目录扫描/js泄露接口/html注释泄露),WAF/CDN识别,端口扫描,指纹/服务识别,操作系统识别,POC扫描,SQL注入,绕...

29 Jan 2019 1,734
vulmap

Vulmap 是一款 web 漏洞扫描和验证工具, 可对 webapps 进行漏洞扫描, 并且具备漏洞验证功能

09 Oct 2020 3,373
SatanSword

红队综合渗透框架

17 Jun 2020 1,160
xsser

Cross Site "Scripter" (aka XSSer) is an automatic -framework- to detect, exploit and report XSS v...

15 Dec 2012 1,171
BBScan

A fast vulnerability scanner helps pentesters pinpoint possibly vulnerable targets from a large n...

13 Nov 2015 2,176