W12Scan : A Simple Asset Discovery Engine for Cybersecurity

W12Scan is a network asset discovery engine that can automatically aggregates related assets for analysis and use. W12scan is also my graduation design. 🙂

Here is a web source program,but the scanning end is at w12scan-client

Also Read – GodOfWar : Malicious Java WAR Builder With Built-In Payloads

Thinking

Based on python3 + django + elasticsearch + redis and use the web restful api to add scan targets.

Feature

Web

  • Powerful search syntax
    • Search for cms, service, titles, country regions, etc., to quickly find relevant targets.
      • title=“abc” # Search from the title
      • header=“abc” # Search from http header
      • body=“123” # Search from body text
      • url = “*.baidu.com” # Search for subdomains of baidu.com
      • ip = ‘1.1.1.1’ # Search from IP,support '192.168.1.0/24' and '192.168.1.*'
      • port = ‘80’ # Search form port
      • app = ’nginx’ # Search application
      • country = ‘cn’ # Search from country
      • service = ‘mysql’ # Search from service
      • bug = ‘xx’ # Search from Vulnerability
  • Custom assert
    • By customizing a company-related domain name or ip asset, w12scan will automatically help you find the corresponding asset target. When you browse the target, there is a prominent logo to remind you of the target’s ownership.
  • Automatic association
    • Enter the target details. If the target is ip, all domain names on the ip and all domain names on the c class will be automatically associated. If the target is a domain name, the adjacent station, segment c and subdomain are automatically associated.
  • Multi-node management
    • WEB will check the status of the node every few minutes, you can see the number of node scans and the node scan log.
  • Task restful
    • Provides an interface to add tasks, you can add it on the WEB side or integrate it in any software.

Scanning end

  • Poc
    • Call the latest poc script online via airbug
  • Built-in scan script
    • Common vulnerability verification service built into the scanner.
  • Scanning
    • Use masscan,nmap,wappalyzer,w11scan
  • Easy to distribute
    • This is taken into account in the design of the program architecture. It is very easy to distribute and run the scan terminal directly on another machine. It also can be distributed based on docker, celery service.

Installation

Quickly build an environment with docker

git clone https://github.com/boy-hack/w12scan
cd w12scan
docker-compose up -d

Wait a while to visit http://127.0.0.1:8000

Disclamier

This program is mainly used to collect network data for analysis and research. Please follow the relevant local laws before using this program.

R K

Recent Posts

Flyphish : Mastering Cloud-Based Phishing Simulations For Security Assessments

Flyphish is an Ansible playbook allowing cyber security consultants to deploy a phishing server in…

46 minutes ago

DeLink : Decrypting D-Link Firmware Across Devices With A Rust-Based Library

A crypto library to decrypt various encrypted D-Link firmware images. Confirmed to work on the…

53 minutes ago

LLM Lies : Hallucinations Are Not Bugs, But Features As Adversarial Examples

LLMs (e.g., GPT-3.5, LLaMA, and PaLM) suffer from hallucination—fabricating non-existent facts to cheat users without…

60 minutes ago

Kali Linux 2024.4 Released, What’s New?

Kali Linux 2024.4, the final release of 2024, brings a wide range of updates and…

5 days ago

Lifetime-Amsi-EtwPatch : Disabling PowerShell’s AMSI And ETW Protections

This Go program applies a lifetime patch to PowerShell to disable ETW (Event Tracing for…

5 days ago

GPOHunter – Active Directory Group Policy Security Analyzer

GPOHunter is a comprehensive tool designed to analyze and identify security misconfigurations in Active Directory…

1 week ago