W13Scan介紹

W13scan 是基于Python3的一款開源的Web漏洞發現工具,它支持主動掃描模式和被動掃描模式,能運行在Windows、Linux、Mac上。

豐富的檢測插件

使用


usage: w13scan [options]
optional arguments:  -h, --help            show this help message and exit  -v, --version         Show program's version number and exit  --debug               Show programs's exception  --level {1,2,3,4,5}   different level use different payload: 0-5 (default 2)
Proxy:  Passive Agent Mode Options
  -s SERVER_ADDR, --server-addr SERVER_ADDR                        server addr format:(ip:port)
Target:  options has to be provided to define the target(s)
  -u URL, --url URL     Target URL (e.g. "http://www.site.com/vuln.php?id=1")  -f URL_FILE, --file URL_FILE                        Scan multiple targets given in a textual file
Request:  Network request options
  --proxy PROXY         Use a proxy to connect to the target URL                        eg:http@127.0.0.1:8080 or socks5@127.0.0.1:1080  --timeout TIMEOUT     Seconds to wait before timeout connection (default 30)  --retry RETRY         Time out retrials times.
Output:  output
  --html                When selected, the output will be output to the output                        directory by default, or you can specify  --json JSON           The json file is generated by default in the output                        directory, you can change the path
Optimization:  Optimization options
  -t THREADS, --threads THREADS                        Max number of concurrent network requests (default 31)  --disable DISABLE [DISABLE ...]                        Disable some plugins (e.g. --disable xss sqli_error                        webpack)  --able ABLE [ABLE ...]                        Enable some moudle (e.g. --enable xss webpack)

安裝

安裝w13scan需要依賴Python3.6以上環境.


git clone https://github.com/w-digital-scanner/w13scan.gitcd w13scan # 進入git目錄pip3 install -r requirements.txtcd W13SCAN # 進入源碼目錄python3 w13scan.py -h

工具下載及項目地址:

https://github.com/w-digital-scanner/w13scan

W13Scan
撤稿糾錯
本作品采用《CC 協議》,轉載必須注明作者和本文鏈接