• Stars
    star
    1,168
  • Rank 40,005 (Top 0.8 %)
  • Language
    Python
  • Created almost 5 years ago
  • Updated about 3 years ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

360/0Kee-Team/crawlergo动态爬虫结合长亭XRAY扫描器的被动扫描功能

crawlergo_x_XRAY

crawlergo_x_XRAY

360 0Kee-Team 的 crawlergo动态爬虫 结合 长亭XRAY扫描器的被动扫描功能 (其它被动扫描器同理)

https://github.com/0Kee-Team/crawlergo

https://github.com/chaitin/xray

20201130更新,launcher_new.py增加随机http请求头,避免被扫描器识别。

注:需在pip安装 fake_useragent 库 pip install fake_useragent

20190115更新,launcher_new.py使用crawlergo提供的方法推送请求给xray

crawlergo默认推送方法有个不足就是无法与爬虫过程异步进行。使用launcher.py可以异步节省时间。

注:若运行出现权限不足,请删除crawlergo空文件夹。

如遇到报错注意将64位的crawlergo.exe和launcher.py还有targets.txt放在一个目录,将crawlergo目录删除

20190113更新,增加容错,解决访问不了的网站爬虫卡死。

介绍

一直想找一个小巧强大的爬虫配合xray的被动扫描使用,曾经有过自己写爬虫的想法,奈何自己太菜写一半感觉还没有awvs的爬虫好用

360 0Kee-Teem最近公开了他们自己产品中使用的动态爬虫模块,经过一番摸索发现正合我意,就写了这个脚本

由于该爬虫并未开放代理功能并且有一些从页面抓取的链接不会访问,所以我采用的官方推荐的方法,爬取完成后解析输出的json再使用python的request库去逐个访问

大概逻辑为:

image

爬取和请求的过程使用了多线程和队列使得请求不会阻塞下一个页面的爬取

用法

1. 下载xray最新的release, 下载crawlergo最新的release

注意,是下载编译好的文件而不是git clone它的库

2. 把launcher.py和targets.txt放在crawlergo.exe同目录下

3. 配置好并启动xray被动扫描(脚本默认配置为127.0.0.1:7777)若修改端口请同时修改launcher.py文件中的proxies

image

配置参数详见XRAY官方文档

image

4. 配置好launcher.py的cmd变量中的crawlergo爬虫配置(主要是chrome路径改为本地路径), 默认为:

./crawlergo -c C:\Program Files (x86)\Google\Chrome\Application\chrome.exe -t 20 -f smart --fuzz-path --output-mode json target

image

配置参数详见crawlergo官方文档

5. 把目标url写进targets.txt,一行一个url

image

6. 用python3运行launcher.py ( XRAY被动扫描为启动的状态 )

7. 生成的sub_domains.txt为爬虫爬到的子域名, crawl_result.txt为爬虫爬到的url

🚀Star Trend

Stargazers over time

etc

  1. 开源的样本大部分可能已经无法免杀,需要自行修改

  2. 我认为基础核心代码的开源能够帮助想学习的人

  3. 本人从github大佬项目中学到了很多

  4. 若用本人项目去进行:HW演练/红蓝对抗/APT/黑产/恶意行为/违法行为/割韭菜,等行为,本人概不负责,也与本人无关

  5. 本人已不参与大小HW活动的攻击方了,若溯源到timwhite id与本人无关

More Repositories

1

Cobalt-Strike-Aggressor-Scripts

Cobalt Strike Aggressor 插件包
C
664
star
2

Doge-Loader

🐶Cobalt Strike Shellcode Loader by Golang
Go
279
star
3

Doge-Gabh

GetProcAddressByHash/remap/full dll unhooking/Tartaru's Gate/Spoofing Gate/universal/Perun's Fart/Spoofing-Gate/EGG/RecycledGate/syswhisper/RefleXXion golang implementation
Go
271
star
4

Doge-XSS-Phishing

xss钓鱼,cna插件配合php后端收杆
JavaScript
266
star
5

rad-xray

xray+rad批量主动扫描
Python
217
star
6

Frog-Auth

🐸Unauthorized Detection Framework未授权访问检测框架
Python
156
star
7

Frog-checkCDN

批量检查目标是否为cdn
Python
133
star
8

Frog-Fp

🐸fingerprint detect framework 批量深度指纹识别框架
Python
114
star
9

Doge-Assembly

Golang evasion tool, execute-assembly .Net file
Go
88
star
10

Frog-Submon

🐸Subdomain Monitor, 子域名监控
Python
75
star
11

Doge-Defense-Evasion-Ref

Defense Evasion & Bypass AntiVirus reference
74
star
12

ReturnGate

ReturnGate, just like HellsGate.
Go
66
star
13

killProcessPOC

use aswArPot.sys to kill process
Go
62
star
14

Doge-MemX

Golang implementation of Reflective load PE from memory
Go
59
star
15

doge-getsys

An easy way to getsystem by golang.
Go
56
star
16

Doge-sRDI

Shellcode implementation of Reflective DLL Injection by Golang. Convert DLLs to position independent shellcode
Go
53
star
17

Doge-Persistence-Platform

后渗透持久化控制平台; Windows Persistence Platform;
45
star
18

Git-Daily

Github Security Daily Repository.
43
star
19

Doge-CSBridge

CS http Dynamic Encrypt Bridge.
Go
42
star
20

Spoofing-Gate

(Hellsgate|Halosgate|Tartarosgate)+Spoofing-Gate. Ensures that all systemcalls go through ntdll.dll
Go
41
star
21

gobusterdns

lite version of gobuster. Only subdomain brute. 内网轻量化子域名爆破工具
Go
40
star
22

Bof2PIC

BOF/COFF obj file to PIC(shellcode). by golang
C
35
star
23

memmod

Fork & modify of Wireguard's Memmod
Go
32
star
24

Doge-CLRLoad

load assembly executable file in memory
Go
30
star
25

Doge-ScreenShot

desktop screenshot
Go
30
star
26

about-anti-honeypot

关于蜜罐的一些微小的统计工作
JavaScript
30
star
27

Doge-AMSI-patch

golang amsi bypass
Go
30
star
28

Doge-DumpMem

dump lsass
Go
30
star
29

Doge-RecycledGate

Golang implementation of Hellsgate + Halosgate/Tartarosgate. Ensures that all systemcalls go through ntdll.dll;
Go
29
star
30

Doge-Hide

windows API to hide console window by golang
Go
28
star
31

Doge-Direct-Syscall

Golang Direct Syscall
Assembly
28
star
32

AddressOfEntryPoint-injection

x64 version
Go
27
star
33

Doge-SelfDelete

Golang implementation of the research by @jonaslyk and the drafted PoC from @LloydLabs
Go
26
star
34

Doge-PX

DPX - the Doge Packer for eXecutables
Go
26
star
35

Doge-Process-Injection

Demo of process injection, using Nt, direct syscall, etc.
Go
26
star
36

ScareCrow-Common

ScareCrow loader binary source which easier to read and learn
Go
25
star
37

iSliver

Learning notes of amazing Sliver C2 project.
Go
24
star
38

Doge-Whisper

golang implementation of Syswhisper2/Syswhisper3
Go
23
star
39

Doge-AliveCheck

Use ICMP requests to check the alive subnet.
Go
23
star
40

Doge-newSyscall

use shellcode as asm function
Go
22
star
41

Doge-EGGCall

Like Hell's Gate but more EGG :)
Go
21
star
42

Doge-BlockDLLs

Preventing 3rd Party DLLs from Injecting into your Malware
Go
21
star
43

CLR-RWX

Load CLR to get RWX 通过加载clr在自身内存中产生rwx空间
Go
21
star
44

Doge-RL

Reflective DLL injection Execution
Go
20
star
45

find-subdomain-by-xray

利用xray高级版批量收集子域名
Python
19
star
46

JmpUnhook

Ntdll Unhooking POC
Go
18
star
47

Doge-AddSSP

Load ssp dll golang implementation
Go
17
star
48

Cobalt-Strike-det

Cobalt Strike teamserver detection.
Python
17
star
49

Doge-HeapAlloc

Go
15
star
50

Doge-Misc

杂 物 收 纳
Go
15
star
51

Freeze-Common

Freeze is a payload toolkit for bypassing EDRs using suspended processes, direct syscalls, and alternative execution methods
Go
14
star
52

Doge-PX_GUI

DPX工具界面展示
14
star
53

Cafe

程序员在家饮品制作指南。Programmer's guide about how to make drinks at home (Chinese only).
13
star
54

Doge-Persist

Windows Persistence Collection
Go
12
star
55

Etwti-UnhookPOC

Etwti-UnhookPOC just for test
Go
11
star
56

Doge-Unhook

DLL Unhooking
Go
11
star
57

Doge-BadUSB

开源!自主设计的badusb电路板
10
star
58

PyC2-demo

从入门到放弃的产物,学习过程中用python实现的一个单点c2基本功能
Python
10
star
59

sandbox-data-collection

云沙箱数据采集(19年刚学go的远古项目,勿吐槽)
Go
10
star
60

Go-VEH

VEH hook
Go
10
star
61

Divide-Conquer-demo

Divide and Conquer - A technique to bypass NextGen AV
Go
9
star
62

Doge-UnhookEtw

unhook etw by golang
Go
9
star
63

Doge-Obf

golang String Obfuscate
Go
9
star
64

Doge-WhereAmI

Golang implementation of boku7/whereami
Go
8
star
65

ice-strike-design

Ice-Strike C2界面设计分享
8
star
66

Doge-memLDR

memory dll loader
Go
8
star
67

Doge-FindFirewallPorts

Golang implementation of FindFirewallPorts by 清水川崎
Go
7
star
68

Frog-CertDomain

Get CommonName and DNS domains from SSL cert.
Go
7
star
69

Doge-NpThief

Grab unsaved Notepad contents
Go
7
star
70

CVE-2018-8639-EXP

CVE-2018-8639-EXP
6
star
71

Doge-RWXenum

Enumerating RWX Protected Memory Regions.
Go
6
star
72

Doge-OTP

Google Authenticator OTP
Go
6
star
73

Argue-like-Cobalt-Strike

Argue like Cobalt Strike
C++
5
star
74

Doge-hookbypass

C++
5
star
75

Doge-TypeUnhook

type ntdll.dll for dll unhooking
Go
5
star
76

Doge-ReMap

Unhook full dll by Section ReMap
Go
5
star
77

ACG-BOF

Preventing 3rd Party DLLs from Injecting into your Malware
C
5
star
78

fingerprint-scanner-research

开源指纹识别项目调研
5
star
79

Mouse-Control

just for fun
Go
4
star
80

argument-spoofing

argue like Cobalt Strike
4
star
81

VEH-FuncObf

function call Obfuscator using veh hook
C
4
star
82

timwhitez

about me
4
star
83

Doge-ByteBinStr

Byte<->BinaryString convert
Go
4
star
84

powershell-killav

use ps1 to kill some antivirus
PowerShell
3
star
85

v4-v6

ipv4 address maps to ipv6 address
Go
3
star
86

useless-webshell

比小马大比大马小,俗称中马
PHP
3
star
87

BinHol

Binary Hollowing
Go
3
star
88

Sub-Filter

过滤跑出来的子域名
Python
3
star
89

LockWorkStation

Go
2
star
90

str2ntlm

string to ntlm hash string
Go
2
star
91

Garmin-Async

自动化使用dailysync.vyzt.dev定期同步佳明国内与国际版账号
Go
2
star
92

AD-CoT

Advanced Dynamic Chain-of-Thought Framework Prompt
2
star
93

zoomeye-search

导入domain批量zoomeye查询
Python
1
star
94

Sec_MindMap

一些思维导图记录
1
star
95

META-ATT-CK-Framework

A comprehensive matrix of actionable offensive security techniques based on ATT&CK Framework
1
star