停止更新(暂不归档处理),尽快恢复更新
点击关注 Twitter 以便快速了解我的动态.
😄 I’m ExpLang Twitter 欢迎关注fo~
自动化进行目标资产探测和安全漏洞扫描|适用于赏金活动、SRC活动、大规模使用、大范围使用|通过使用被动在线资源来发现网站的有效子域|使用零误报的定制模板向目标发送请求,同时可以对大量主机进行快速扫描。|提供TCP、DNS、HTTP、FILE等各类协议的扫描,通过强大且灵活的模板,模拟各种安全检查
本工具仅面向合法授权的企业安全建设行为,如您需要测试本工具的可用性,请自行搭建靶机环境。 在使用本工具进行检测时,您应确保该行为符合当地的法律法规,并且已经取得了足够的授权。请勿对非授权目标进行扫描。 如果发现上述禁止行为,我们将保留追究您法律责任的权利。
如您在使用本工具的过程中存在任何非法行为,您需自行承担相应后果,我们将不承担任何法律及连带责任. 您的使用行为或者您以其他任何明示或者默示方式表示接受本协议的,即视为您已阅读并同意本协议的约束。
2022.6.6 14.59
- 新增Hunter网络测绘扫描
- 新增
-p
参数 可以指定漏洞文件夹(采用xray漏洞模版,如果直接拿过来,语言name改为id ,Details改为 info,不支持cache )
2022.5.16 20:45
- 发布V1.3.2版本
- 修复个别情况无法进行Shodan扫描
- 新增Quake资产获取
- 优化存活验证逻辑
- 新增端口探测(探测完子域名后会进行存活探测,存活探测的同时会进行端口探测)
- 优化输出信息
- 新增新版本检查(在启动LOGO上可以看到最新版本)
2022.5.11 12:10
- 发布V1.3版本
- 子域名探测效率提升
- 新增自动FoFa资产探测
- 新增自动Shodan资产探测
- 更换漏洞库和验证库 - Afrog
- 新增指纹探测识别
2022.4.15 17:10
- 发布V1.1版本
- 修复Windows下 file missing [file=MANIFEST-000000] 错误
- 修复Windows下 no valid templates were found 报错
- 优化扫描并发配置
2022.4.15 12:00
- 发布 v1.0版本
- 子域名枚举资产收集
- 批量子域名枚举资产收集
- Chaos 资产收集
- 资产存活验证
- 批量资产存活验证
- 安全漏洞验证
- 批量安全漏洞验证
- 子域名枚举资产收集、资产存活验证、安全漏洞扫描联动
- FoFa自动资产探测
- Shodan自动资产探测
- Web指纹探测识别
- 网络空间测绘资产收集
- 中间件漏洞利用例:shiro、SpringBoot等...
- Hunter自动资产探测
- 子域名存活WebHook通知
- 安全漏洞扫描结果WebHook通知
- 待定...
有需要什么功能的话可以在 issues 提
当前总共有:549个POC模版
./mark/FuYao_Intel/FuYao_Intel -h FuYao_test
███████╗██╗ ██╗██╗ ██╗ █████╗ ██████╗
██╔════╝██║ ██║╚██╗ ██╔╝██╔══██╗██╔═══██╗
█████╗ ██║ ██║ ╚████╔╝ ███████║██║ ██║
██╔══╝ ██║ ██║ ╚██╔╝ ██╔══██║██║ ██║ Version: V1.3
██║ ╚██████╔╝ ██║ ██║ ██║╚██████╔╝ Author: ExpLang
╚═╝ ╚═════╝ ╚═╝ ╚═╝ ╚═╝ ╚═════╝ Discord: ExpLang#6666
Github:github.com/ExpLangcn/FuYao-Go
使用FuYao前请遵守当地法律,FuYao仅提供给教育行为使用
法律免责声明
本工具仅面向合法授权的企业安全建设行为,如您需要测试本工具的可用性,请自行搭建靶机环境。
在使用本工具进行检测时,您应确保该行为符合当地的法律法规,并且已经取得了足够的授权。请勿对非授权目标进行扫描。
如果发现上述禁止行为,我们将保留追究您法律责任的权利。
如您在使用本工具的过程中存在任何非法行为,您需自行承担相应后果,我们将不承担任何法律及连带责任.
您的使用行为或者您以其他任何明示或者默示方式表示接受本协议的,即视为您已阅读并同意本协议的约束。
Usage of ./mark/FuYao_Intel/FuYao_Intel:
-f string
指定根域目标文件 | 支持绝对路径和相对路径
自动化信息搜集+漏洞扫描(目标文件内的目标是一行一个,并且必须是主域名)
./FuYao -f list.txt
FoFa:
email: ""
key: ""
Shodan:
key: ""
漏洞列表 |
---|
d-link-router-command-injectio |
stop_if_match_tes |
CVE-2013-225 |
CVE-2014-627 |
CVE-2014-312 |
CVE-2014-370 |
CVE-2022-2313 |
CVE-2022-2556 |
CVE-2022-2508 |
CVE-2022-2499 |
CVE-2022-2137 |
CVE-2022-2412 |
CVE-2022-2426 |
CVE-2022-2294 |
CVE-2022-2946 |
CVE-2022-2536 |
CVE-2022-2411 |
CVE-2022-2317 |
CVE-2022-2313 |
CVE-2022-054 |
CVE-2022-2295 |
CVE-2015-839 |
CVE-2015-333 |
CVE-2015-142 |
CVE-2015-729 |
CVE-2015-553 |
CVE-2012-182 |
CVE-2017-552 |
CVE-2017-1027 |
CVE-2017-1214 |
CVE-2017-792 |
CVE-2017-1161 |
CVE-2017-979 |
CVE-2017-984 |
CVE-2017-1261 |
CVE-2017-1687 |
CVE-2017-1263 |
CVE-2017-100002 |
CVE-2017-1262 |
CVE-2017-891 |
CVE-2017-750 |
CVE-2010-187 |
CVE-2010-286 |
CVE-2019-1675 |
CVE-2019-1631 |
CVE-2019-1699 |
CVE-2019-844 |
CVE-2019-1151 |
CVE-2019-019 |
CVE-2019-1699 |
CVE-2019-1839 |
CVE-2019-1998 |
CVE-2019-1755 |
CVE-2019-2008 |
CVE-2019-844 |
CVE-2019-379 |
CVE-2019-719 |
CVE-2019-1158 |
CVE-2019-1750 |
CVE-2019-1666 |
CVE-2019-1075 |
CVE-2019-1978 |
CVE-2019-1741 |
CVE-2019-1272 |
CVE-2019-723 |
CVE-2019-2022 |
CVE-2019-1510 |
CVE-2019-272 |
CVE-2019-845 |
CVE-2019-512 |
CVE-2019-1627 |
CVE-2019-272 |
CVE-2019-967 |
CVE-2019-634 |
CVE-2019-1609 |
CVE-2019-339 |
CVE-2019-1692 |
CVE-2021-2197 |
CVE-2021-4134 |
CVE-2021-365 |
CVE-2021-4177 |
CVE-2021-322 |
CVE-2021-2197 |
CVE-2021-2685 |
CNVD-2021-4237 |
CVE-2021-2298 |
CVE-2021-2816 |
CVE-2021-301 |
CVE-2021-2123 |
CVE-2021-2608 |
CVE-2021-4043 |
CVE-2021-2790 |
CVE-2021-2528 |
CVE-2021-3180 |
CVE-2021-312 |
CVE-2021-3304 |
CVE-2021-2220 |
CVE-2021-2608 |
CVE-2021-3674 |
CVE-2021-2221 |
CVE-2021-2962 |
CVE-2021-2140 |
CVE-2021-4445 |
CVE-2021-3626 |
CVE-2021-4328 |
CVE-2021-3758 |
CVE-2021-2198 |
CVE-2021-3160 |
CVE-2020-2798 |
CVE-2020-2818 |
CVE-2020-528 |
CVE-2020-345 |
CVE-2020-937 |
CVE-2020-820 |
CVE-2020-2818 |
CVE-2020-798 |
CVE-2020-1475 |
CVE-2020-949 |
CVE-2020-541 |
CVE-2020-590 |
CVE-2020-3547 |
CVE-2020-975 |
CVE-2020-819 |
CVE-2020-1014 |
CVE-2020-551 |
CVE-2020-2122 |
CVE-2020-2457 |
CVE-2020-819 |
CVE-2020-2641 |
CVE-2020-851 |
CVE-2020-540 |
CVE-2020-1751 |
CVE-2020-948 |
CVE-2020-1393 |
CVE-2020-1417 |
CVE-2020-1145 |
CVE-2020-3573 |
CVE-2020-1684 |
CVE-2020-1418 |
CVE-2020-1020 |
CVE-2020-1171 |
CVE-2020-2818 |
CVE-2020-1556 |
CVE-2020-1019 |
CVE-2020-2507 |
CVE-2018-803 |
CVE-2018-877 |
CVE-2018-1073 |
CVE-2018-1337 |
CVE-2018-376 |
CVE-2018-1073 |
CVE-2018-1175 |
CVE-2018-999 |
CVE-2018-760 |
CVE-2018-731 |
CVE-2018-100053 |
CVE-2018-1261 |
CVE-2018-691 |
CVE-2018-100060 |
CVE-2018-766 |
CVE-2018-100086 |
CVE-2018-770 |
CVE-2018-1073 |
CVE-2018-660 |
CVE-2018-1724 |
CVE-2018-1168 |
CVE-2018-1912 |
CVE-2018-1073 |
CVE-2018-749 |
CVE-2016-308 |
CVE-2016-497 |
CVE-2016-1013 |
CVE-2016-308 |
directadmin-login-pane |
microsoft-exchange-pane |
terramaster-pane |
swagger-api-disclosur |
kubernetes-versio |
thinkphp-detec |
rocketmq-console-exposu |
django-admin-pane |
adminer-pane |
zentao-detec |
kubernetes-metric |
phpmyadmin-pane |
azure-kubernetes-servic |
apisix-pane |
dlink-pane |
mongodb-ops-manage |
sonicwall-sslvpn-pane |
jenkins-logi |
utt-pane |
jenkins-api-pane |
landrayoa-pane |
weblogic-pane |
openerp-databas |
gitlab-pane |
minio-consol |
wayos-pane |
emessage-pane |
solarwinds-orion-pane |
tomcat-detec |
avtech-avn801-camera-pane |
huawei-hg532e-pane |
kubernetes-miranti |
jupyter-notebook-tec |
grafana-detec |
activemq-pane |
wordpress-logi |
fckedito |
upupw-pane |
kubernetes-dashboar |
sonicwall-management-pane |
minio-browse |
kubernetes-resource-repor |
rabbitmq-dashboar |
shiro-detec |
zabbix-pane |
kubernetes-enterprise-manage |
jira-pane |
dubbo-detec |
CNVD-200705-31 |
CNVD-2017-2007 |
CNVD-2019-0134 |
CNVD-2019-3413 |
CNVD-2019-2223 |
CNVD-2019-1679 |
CNVD-2021-0412 |
CNVD-2021-1582 |
CNVD-2021-1054 |
CNVD-2021-3901 |
CNVD-2021-1453 |
CNVD-2021-0965 |
CNVD-2021-1582 |
CNVD-2020-5882 |
CNVD-2020-6711 |
CNVD-2020-5726 |
CNVD-2020-2373 |
CNVD-2020-6242 |
CNVD-2018-1339 |
kyan-network-monitoring-account-password-leakag |
ruijie-smartweb-password-disclosur |
avtech-password-disclosur |
alibaba-canal-info-lea |
seeyon-oa-cookie-lea |
huawei-dg8045-home-gateway-exposure |
hjtcloud-directory-file-lea |
laravel-debug-info-lea |
seeyon-a6-employee-info-lea |
phpinfo-disclosur |
tianqing-info-lea |
go-pprof-lea |
aspcms-backend-lea |
nsfocus-uts-password-lea |
thinkphp-509-information-disclosur |
avtech-dvr-exposur |
dlink-850l-info-lea |
ruijie-eg-info-lea |
seeyon-session-lea |
tongda-user-session-disclosur |
ruijie-nbr1300g-cli-password-lea |
hadoop-disclosur |
openvpn-monitor-disclosur |
hikvision-info-lea |
e-office-mysql-config-lea |
mobileiron-log4j-jndi-rc |
springboot-log4j-rc |
apache-ofbiz-log4j-rc |
CV |
resin-inputfile-filerea |
natshell-arbitrary-file-rea |
thinkadmin-v6-readfil |
sangfor-ba-rc |
ruoyi-management-filerea |
e-cology-springframework-directory-traversa |
thinkphp-501-rc |
flink-upload-rc |
huijietong-cloud-filerea |
jumpserver-unauth-rc |
thinkphp-v6-file-writ |
WOOYUN-2010-08072 |
thinkphp-2-rc |
odoo-file-rea |
amtt-hiboss-server-ping-rc |
unifi-network-log4j-rc |
kingdee-eas-directory-traversa |
maccms-rc |
e-cology-v8-sql |
powercreator-arbitrary-file-uploa |
shiziyu-cms-apicontroller-sql |
vmware-vcenter-arbitrary-file-rea |
seeyon-session-upload-webshel |
solr-file-rea |
duomicms-sql |
cacti-weathermap-file-writ |
ruijie-eg-file-rea |
weiphp-path-traversa |
zzcms-zsmanage-sql |
showdoc-uploadfil |
phpok-sql |
landray-oa-custom-jsp-filerea |
dockercfg-confi |
seeyon-wooyun-2015-14822 |
hjtcloud-arbitrary-filerea |
qilin-bastion-host-rc |
springboot-h2-db-rc |
samsung-wea453e-rc |
finereport-directory-traversa |
docker-registr |
yapi-rc |
tamronos-iptv-rc |
fangweicms-sql |
vrealize-operations-log4j-rc |
nuuo-file-inclusio |
egroupware-rc |
yongyou-u8-oa-sql |
phpshe-sql |
sangfor-edr-cssp-rc |
seacms-sql |
sangfor-edr-arbitrary-admin-logi |
couchdb-adminpart |
yonyou-nc-arbitrary-file-uploa |
yonyou-nc-bsh-servlet-bshservlet-rc |
discuz-v72-sql |
feifeicms-lf |
landray-oa-syssearchmain-rc |
samsung-wea453e-default-pw |
laravel-improper-webdi |
e-cology-javabeanshell-rc |
mpsec-isg1000-file-rea |
tpshop-sql |
e-cology-syncuserinfo-sql |
thinkcmf-lf |
ecshop-collection-list-sql |
dahua-dss-file-rea |
etouch-v2-sql |
sangfor-edr-tool-rc |
dlink-dsl-2888a-rc |
hanming-video-conferencing-file-rea |
msvod-sql |
wanhuoa-fileupload-controller-uploa |
thinkphp-5023-rc |
thinkphp-5022-rc |
yonyou-grp-u8-sqli-to-rc |
grafana-file-rea |
discuz-wechat-plugins-unaut |
samsung-wlan-ap-wea453e-rc |
seacms-rc |
huawei-home-gateway-hg659-filerea |
docker-remote-ap |
xdcms-sq |
seeyon-wooyun-2015-0108235-sql |
sonicwall-ssl-vpn-rc |
solr-admin-quer |
dedecms-membergroup-sql |
jeewms-showordownbyurl-filerea |
ns-asg-file-rea |
wuzhicms-v410-sql |
seacms-before-v992-rc |
wordpress-ext-mailpress-rc |
e-cology-arbitrary-file-uploa |
e-cology-validate-sql |
solr-log4j-rc |
spon-ip-intercom-ping-rc |
yungoucms-sql |
dotnetcms-sql |
yccms-rc |
typecho-rc |
joomla-component-vreview-sq |
wordpress-ext-adaptive-images-lf |
resin-viewfile-filerea |
pbootcms-database-file-downloa |
tpshop-directory-traversa |
weiphp-sq |
metinfo-file-rea |
consul-service-rc |
phpstudy-backdoor-rc |
thinkcmf-write-shel |
zcms-v3-sql |
dedecms-url-redirectio |
weblogic-ssr |
seacms-v654-rc |
consul-rexec-rc |
seacmsv645-command-exe |
spring-cloud-function-spel-rc |
targa-camera-lf |
netentsec-ngfw-rc |
phpstudy-nginx-wrong-resolv |
h3c-secparh-any-user-logi |
dedecms-carbuyaction-fileinclud |
h3c-imc-rc |
myucms-lf |
dedecms-guestbook-sql |
spon-ip-intercom-file-rea |
finecms-sql |
e-cology-workflowcentertreedata-sql |
e-bridge-saveyzjfile-file-rea |
iis-put-getshel |
e-cology-getsqldata-sql-injec |
anyproxy-directory-traversa |
kingsoft-v8-file-rea |
yonyou-grp-u8-sql |
maccmsv10-backdoo |
phpmyadmin-setup-deserializatio |
ecshop-rc |
qibocms-sql |
e-cology-filedownload-directory-traversa |
ruijie-eg-cli-rc |
jira-unauthenticated-user-picke |
frp-dashboard-unaut |
jira-unauthenticated-resolution |
jira-unauthenticated-project |
pyspider-unauthorized-acces |
elasticsearch-unaut |
jeecg-boo |
jira-unauthenticated-adminproject |
hadoop-yarn-unaut |
hp-officepro-printer-unauthorize |
zabbix-dashboards-acces |
jboss-unaut |
druid-monitor-unaut |
kubernetes-unaut |
seeyon-ajax-unauthorized-acces |
springboot-actuator-unaut |
zabbix-authentication-bypas |
airflow-unaut |
nacos-v1-auth-bypas |
kibana-unaut |
influxdb-unaut |
tongda-meeting-unauthorized-acces |
couchdb-unauthorize |
jira-unauthenticated-installed-gadget |
jupyter-notebook-unauthorized-acces |
kafka-manager-unaut |
jira-service-desk-signu |
storm-unauthorized-acces |
spark-api-unaut |
jira-unauthenticated-screen |
qizhi-fortressaircraft-unauthorize |
spark-webui-unaut |
jira-unauthenticated-dashboard |
ruoyi-cms-unaut |
jira-unauthenticated-projectcategorie |
tensorboard-unaut |
bt742-pma-unauthorized-acces |
etcd-unaut |
jenkins-unauthorized-acces |
h2-database-web-console-unauthorized-acces |
nifi-api-unauthorized-acces |
spectracom-default-passwor |
chinaunicom-default-logi |
rseenet-default-passwor |
weblogic-weak-logi |
rancher-default-passwor |
showdoc-default-passwor |
dlink-default-passwor |
wayos-default-passwor |
kingsoft-v8-default-passwor |
ambari-default-passwor |
zabbix-default-passwor |
rabbitmq-default-passwor |
trilithic-viewpoint-default-passwor |
nexus-default-passwor |
activemq-default-passwor |
gitlab-weak-logi |
ofbiz-default-passwor |
jinher-oa-c6-default-passwor |
ibm-storage-default-passwor |
oracle-business-intelligence-passwor |
netentsec-icg-default-passwor |
seeddms-default-passwor |
ricoh-weak-passwor |
kafka-center-default-passwor |
tomcat-default-logi |
nsicg-default-passwor |
azkaban-default-passwor |
jenkins-default-pw |
mofi4500-default-passwor |
minio-default-passwor |
utt-default-passwor |
axis2-default-passwor |
hikvision-intercom-service-default-passwor |
dell-idrac9-default-passwor |
alibaba-canal-default-passwor |
versa-default-passwor |
exacqvision-default-passwor |
panabit-ixcache-default-passwor |
openerp-default-passwor |
grafana-default-passwor |
datang-ac-default-password-cnvd-2021-0412 |
dubbo-admin-default-passwor |
jmx-default-passwor |
nps-default-passwor |
telecom-gateway-default-passwor |
aolynk-br304-default-passwor |
rockmongo-default-passwor |
xerox7-default-passwor |
secnet-ac-default-passwor |
panabit-gateway-default-passwor |
arl-default-passwor |
CVE-2015-745 |
phpmyadmin-setu |
CVE-2021-4422 |
CVE-2020-1392 |
alphaweb-default-passwor |
pma-server-impor |
phpmyadmin-misconfiguration |