Skip to content

Releases: AabyssZG/SpringBoot-Scan

V2.30

24 Dec 03:59
@AabyssZG AabyssZG
2.30
6737825
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
V2.30

更新日志

  • 新增并优化批量漏洞验证模块,扫描结束后将导出成功的内容至 vulout.txt
  • 新增Hunter资产测绘导出模块,自动对接API接口将资产导出至 hunterout.txt
  • 由于参数调整,在 2.21 版本之后,读取TXT并端点扫描的参数改为 uf
  • 在接下来的更新中,将支持【自定义添加HTTP头部】和【自定义测绘语句导出】
  • 新增免责声明的输出页面
Assets 2
Loading

V2.22

24 Dec 02:55
@AabyssZG AabyssZG
2.22
a9eb250
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
V2.22

更新日志

  • 新增批量漏洞验证模块,扫描结束后将导出成功的内容至 vulout.txt
  • 由于参数调整,在 2.21 版本之后,读取TXT并端点扫描的参数改为 uf
  • 在接下来的更新中,将支持【自定义添加HTTP头部】
Assets 2
Loading

V2.21

22 Dec 02:31
@AabyssZG AabyssZG
2.21
7b34a18
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
V2.21

更新日志

  • 新增Fofa资产测绘导出模块,自动对接API接口将资产导出至 fofaout.txt
  • 由于参数调整,在 2.21 版本之后,读取TXT并端点扫描的参数改为 uf
  • 优化了资产测绘的页数Bug,优化了相关的工作流
  • 在接下来的更新中,将陆续支持【自定义添加HTTP头部】和【批量漏洞验证】
Assets 2
Loading

V2.20

16 Dec 09:32
@AabyssZG AabyssZG
2.20
14db753
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
V2.20

更新日志

  • 大更新来了!!!新增ZoomEye资产测绘导出模块,自动对接API接口将资产导出至 zoomout.txt
  • 在接下来的更新中,将陆续支持【自定义添加HTTP头部】和【批量漏洞验证】
Assets 2
Loading

V2.17

14 Dec 11:09
@AabyssZG AabyssZG
2.17
62168f7
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
V2.17

更新日志

  • 大更新前的小更新,感谢团队成员 齐天 师傅,在Spring端点爆破的时候,新增过滤一些无效回显的页面,提高工作效率
  • 准备 2.2 版本的大更新(下个大版本支持自定义添加HTTP头部)
Assets 2
Loading

V2.16

08 Dec 07:53
@AabyssZG AabyssZG
2.16
eb458de
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
V2.16

更新日志

  • 大更新前的小更新,有些师傅反馈Spring端点爆破在某些特殊端点会报错退出,修复了这个问题
  • 准备 2.2 版本的大更新(下个大版本支持自定义添加HTTP头部)
Assets 2
Loading

V2.15

08 Dec 03:34
@AabyssZG AabyssZG
2.15
7a7c970
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
V2.15

更新日志

  • 添加支持CVE-2018-1273(Spring Data Commons RCE漏洞)
  • 优化了CVE-2022-22947(Spring Cloud Gateway SpELRCE漏洞)的利用流程
  • 准备下个版本的大更新(下个大版本支持自定义添加HTTP头部)
Assets 2
Loading

V2.14

07 Dec 03:02
@AabyssZG AabyssZG
2.14
71cb18f
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
V2.14

更新日志

  • 增加漏洞利用选择模块,可以选择单一或多个漏洞进行检测
  • 新增 Eureka_Xstream 反序列化漏洞识别模块
Assets 2
Loading

V2.13

28 Nov 11:20
@AabyssZG AabyssZG
2.13
857dfed
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
V2.13

更新日志

  • 删除掉一些无用的端点,新增一些有用的端点,让端点爆破效率更高
  • 对端点爆破字典进行优化,增加一些绕过语句,如果有补充欢迎提交
Assets 2
Loading

V2.12

21 Nov 02:45
@AabyssZG AabyssZG
2.12
b4083bc
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
V2.12

更新日志

  • 解决在某些Linux下运行报 ValueError:invalid mode: 'rU' 错误的问题
  • 在爆破Spring端点时,加入 allow_redirects=False 禁止跳转,让结果更加精确
Assets 2
Loading