Skip to content

Releases: AabyssZG/SpringBoot-Scan

V2.14

07 Dec 03:02
@AabyssZG AabyssZG
2.14
71cb18f
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
V2.14

更新日志

  • 增加漏洞利用选择模块,可以选择单一或多个漏洞进行检测
  • 新增 Eureka_Xstream 反序列化漏洞识别模块
Loading

V2.13

28 Nov 11:20
@AabyssZG AabyssZG
2.13
857dfed
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
V2.13

更新日志

  • 删除掉一些无用的端点,新增一些有用的端点,让端点爆破效率更高
  • 对端点爆破字典进行优化,增加一些绕过语句,如果有补充欢迎提交
Loading

V2.12

21 Nov 02:45
@AabyssZG AabyssZG
2.12
b4083bc
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
V2.12

更新日志

  • 解决在某些Linux下运行报 ValueError:invalid mode: 'rU' 错误的问题
  • 在爆破Spring端点时,加入 allow_redirects=False 禁止跳转,让结果更加精确
Loading

V2.11

20 Nov 08:51
@AabyssZG AabyssZG
2.11
d445573
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
V2.11

更新日志

  • 感谢朋友 山哥@慢雾SlowMist 的建议,删除了对 /actuator/shutdown/shutdown 这两个端点的扫描(虽然工具是GET形式访问不会触发),但为了以防万一还是删除了
Loading

V2.10

19 Nov 12:10
@AabyssZG AabyssZG
2.10
236afcc
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
V2.10

更新日志

  • 新增2023 JeeSpringCloud 任意文件上传漏洞利用模块
  • 新增2021 SnakeYAML_RCE 漏洞识别模块
  • 新增2020 Jolokia配置不当导致RCE 漏洞识别模块
  • 新增 CVE-2021-21234 任意文件读取漏洞识别模块
  • 支持自动对Spring进行指纹识别
Loading

V2.05

10 Nov 01:19
@AabyssZG AabyssZG
2.05
7160432
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
V2.05

更新日志

  • 对三个漏洞利用模块的相关工作流程进行优化,并将相关错误输出为 error.log 以便于分析
Loading

V2.04

09 Nov 07:53
@AabyssZG AabyssZG
2.04
09d0746
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
V2.04

更新日志

  • 根据师傅提的issues,对CVE-2022-22947漏洞利用模块流程进行优化,可进行命令交互
Loading

V2.03

07 Feb 01:31
@AabyssZG AabyssZG
2.03
ec3fa9f
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
V2.03

更新日志

Loading

V2.02

07 Feb 00:34
@AabyssZG AabyssZG
2.02
3a5ad56
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
V2.02

更新日志

  • 使用随机 User-Agent 请求头
Loading

V2.01

03 Feb 05:36
@AabyssZG AabyssZG
2.01
fd57277
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
V2.01

更新日志

  • 加入代理参数 -p,其他参数(-u / -f / -u / -d)均可以配合代理使用
  • 优化整体流程,对代理进行检测(默认测试www.baidu.com连通性)
Loading