forked from kelvinBen/AppInfoScanner
-
Notifications
You must be signed in to change notification settings - Fork 0
/
config.py
107 lines (95 loc) · 2.53 KB
/
config.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
# -*- coding: utf-8 -*-
# Author: kelvinBen
# Github: https://github.com/kelvinBen/AppInfoScanner
# 此处用于搜索组件信息
# com.alibaba.fastjson -> fastjson
# com.google.gson -> gson
# com.fasterxml.jackson -> jackson
# net.sf.json ->
# javax.xml.parsers.DocumentBuilder -> dom方式
# javax.xml.parsers.SAXParser -> sax方式
# org.jdom.input.SAXBuilder -> jdom
# org.dom4j.io.SAXReader -> dom4j
filter_components = [
'com.alibaba.fastjson',
'com.google.gson',
'com.fasterxml.jackson',
'net.sf.json',
'javax.xml.parsers.DocumentBuilder',
'javax.xml.parsers.SAXParser',
'org.jdom.input.SAXBuilder',
'org.dom4j.io.SAXReader'
]
# 此处目前支持过滤
# 1. https://以及http://开头的
# 2. IPv4的ip地址
# 3. URI地址,URI不能很好的拼接所以此处忽略
filter_strs =[
r'https://.*|http://.*',
# r'.*://([[0-9]{1,3}\.]{3}[0-9]{1,3}).*',
r'.*://([\d{1,3}\.]{3}\d{1,3}).*'
# r'/[a-z0-9A-Z]+/.*'
]
# 此处忽略常见的域名等信息
filter_no = [
r'.*127.0.0.1',
r'.*0.0.0.0',
r'.*localhost',
r'.*w3.org',
r'.*apache.org',
r'.*android.com',
r'.*jpush.cn',
r'.*umengcloud.com',
r'.*umeng.com',
r'.*github.com',
r'.*w3school.com.cn',
r'.*apple.com',
r'.*.amap.com',
]
# 此处配置壳信息
shell_list =[
'com.stub.StubApp',
's.h.e.l.l.S',
'com.Kiwisec.KiwiSecApplication',
'com.Kiwisec.ProxyApplication',
'com.secshell.secData.ApplicationWrapper',
'com.secneo.apkwrapper.ApplicationWrapper',
'com.tencent.StubShell.TxAppEntry',
'c.b.c.b',
'MyWrapperProxyApplication',
'cn.securitystack.stee.AppStub',
'com.linchaolong.apktoolplus.jiagu.ProxyApplication',
'com.coral.util.StubApplication',
'com.mogosec.AppMgr',
'io.flutter.app.FlutterApplication'
]
# 此处配置需要扫描的web文件后缀
web_file_suffix =[
"html",
"js",
"html",
"xml",
"php",
"jsp",
"class",
"asp",
"aspx",
"py"
]
# 配置需要忽略网络嗅探的文件后缀名,此处根据具体需求进行配置,默认为不过滤
sniffer_filter=[
# "jpg",
# "png",
# "jpeg",
# "gif",
]
# 配置自动下载Apk文件或者缓存HTML的请求头信息
headers = {
"User-Agent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:81.0) Gecko/20100101 Firefox/81.0",
"Connection":"close"
}
# 配置自动下载Apk文件或者缓存HTML的请求体信息
data = {
}
# 配置自动下载Apk文件或者缓存HTML的请求方法信息,目前仅支持GET和POST
method = "GET"