w-digital-scanner / w12scan Goto Github PK
View Code? Open in Web Editor NEW🚀 A simple asset discovery engine for cybersecurity. (网络资产发现引擎)
License: MIT License
🚀 A simple asset discovery engine for cybersecurity. (网络资产发现引擎)
License: MIT License
docker下安装成功了,为何搜索不到?
W12SCAN配置环境变量,WEB界面能显示当前w12scan版本信息
0个漏洞,哪里有问题
扫描了3个IP,6个域名,一切正常
任务报告0个,但是没有提示任何漏洞
求技术指点,到底哪里配置问题
ERROR: Service 'web' failed to build: OCI runtime create failed: container_linux.go:344: starting container process caused "process_linux.go:293: copying bootstrap data to pipe caused "write init-p: broken pipe"": unknown
报错:
Max retries exceeded with url: / (Caused by ConnectTimeoutError(<urllib3.connection.HTTPConnection object at 0x7f702037e7f0>, 'Connection to timed out. (connect timeout=30)'))"
这不是因为http连接太多没有关闭导致的吗、
运行起来以后,插件库那里是横杠,似乎没有从空气炮里拿到插件信息,这个是咋回事?
大牛你好,请问下分布式部署要怎么配置?我想要多部署几个client节点,在web端运行节点那一栏一直是空的,看不到运行节点的状态。
我按照文档中描述的启动失败了
`λ docker-compose up -d
Building web
Step 1/10 : FROM alpine:edge
---> 70997d35b3ed
Step 2/10 : MAINTAINER [email protected]
---> Using cache
---> b19d99808266
Step 3/10 : RUN sed -i 's/dl-cdn.alpinelinux.org/mirrors.ustc.edu.cn/g' /etc/apk/repositories
---> Using cache
---> 2c58dec142e6
Step 4/10 : RUN set -x && apk update && apk add python3-dev && apk add bash && apk add tzdata && apk add gcc && apk add gettext
&& apk add libc-dev && apk add linux-headers && apk add nginx && cp -r -f /usr/share/zoneinfo/Hongkong /etc/localtime && mkdir -p /opt/w12scan && mkdir -p /run/nginx
---> Running in d567f0b1a838
帮忙解决一下,谢谢啦
目前使用的是django debug模式,实际线上部署发现此模式问题很多。
昨天测试还是中文的,今天重新装了一下,就是英文了。
兄弟,能不能先服务好**用户再考虑国外的?
先把bug处理处理再说嘛。。比如说资产ip过大的时候报错的bug
docker启动,8000端口拒绝访问日志如下:
processing file django.po in /opt/w12scan/locale/zh_Hans/LC_MESSAGES
processing file django.po in /opt/w12scan/locale/en/LC_MESSAGES
[2019-08-15 18:26:19 +0800] [15] [INFO] Starting gunicorn 19.9.0
[2019-08-15 18:26:19 +0800] [15] [INFO] Listening at: http://127.0.0.1:8080 (15)
[2019-08-15 18:26:19 +0800] [15] [INFO] Using worker: sync
[2019-08-15 18:26:19 +0800] [18] [INFO] Booting worker with pid: 18
add user boyhack faild UNIQUE constraint failed: user_userinfo.name
nginx: [emerg] socket() [::]:80 failed (97: Address family not supported by protocol)
怎么外网访问?需要具体配置那些
win10本地部署,按照https://x.hacking8.com/post-342.html 进行初始化es表操作时出现如下错误:
PUT http://127.0.0.1:9200/w12scan/_mapping/domains [status:400 request:0.016s]
扫描结果域名+IP的和实际大于255的话, 只显示255个(域名和IP的和),是否有这个限制?
Translate the content on WEB page text into English version
直接下载,就可以用了?
有安装说明不?
该项目根目录 static 文件在 docker 容器中默认权限为 700,python 无权访问 static,导致 css 等静态资源无法访问。
临时解决方案:
docker exec -ti w12scan-master_web_1 bash # 进入容器
chmod -R 777 ./static/ # 修改 static 权限
ERROR: Service 'web' failed to build: The command '/bin/sh -c set -x && apk update && apk add python3-dev && apk add bash && apk add tzdata && apk add gcc && apk add libc-dev && apk add linux-headers && apk add nginx && cp -r -f /usr/share/zoneinfo/Hongkong /etc/localtime && mkdir -p /opt/w12scan && mkdir -p /run/nginx' returned a non-zero code: 137
想知道修改哪个地方的代码,可以实现全端口扫描
我想知道怎么开启全端口扫描?
统计漏洞的类型,在dashboard,资产管理页面显示以图表的形式展现
看了ser的源码,cli端的好像没找着,可以给个地址吗?
怎么新建任务的 一直没反应呀
因为redis是内存数据库,数据大多存入了内存,当扫描数据多了之后数据内存就被塞满了,需要程序自动判断释放数据
发现速度有点慢 请问线程数能否自定义调整
好像不支持对添加的目标扫描子域名,只好自己写一个脚本通过接口添加目标.
git clone https://github.com/boy-hack/w12scan
cd w12scan
docker-compose up -d
根据以上命令部署时,docker启动的时候爆下面的错误
ERROR: Version in "./docker-compose.yml" is unsupported. You might be seeing this error because you're using the wrong Compose file version. Either specify a version of "2" (or "2.0") and place your service definitions under the `services` key, or omit the `version` key and place your service definitions at the root of the file to use version 1.
将docker-compose.yml中的dockerversion改为2之后可以正常启动,但是访问访问为503.
哇
好开心
跟大佬想到了一起··
不过我的还不晓得咋写,
感谢大佬开源,让我有个参考!
请问怎么实现漏洞扫描?我看仓库中展示里有漏洞情况,我在本地搭建好的,找不到能做漏洞扫描的地方呀。
w12scan-master/pipeline/elastic.py
PUT http://127.0.0.1:9200/w12scan/_mapping/domains [status:400 request:0.006s]
elasticsearch.exceptions.RequestError: RequestError(400, 'illegal_argument_exception', 'Rejecting mapping update to [w12scan] as the final mapping would have more than 1 type: [domains, ips]')
将漏洞威胁,相关组件转化为tag的方式,支持通过tag进行搜索,支持用户自定义tag(标记IP)
我在本地可以正常搭建这个系统框架,但是在vps是无法搭建成功的。Why? 难道只支持本地搭建的吗?
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.