VscanPlus

command module

v1.0.4 Latest Latest Go to latest Published: Mar 28, 2024 License: BSD-3-Clause Imports: 3 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/youki992/VscanPlus

Links

Open Source Insights

README ¶

VscanPlus

二次开发版本的vscan，开源、轻量、快速、跨平台的网站漏洞扫描工具，帮助您快速检测网站安全隐患。

Features

Updates

ehole指纹更新
nuclei检测脚本更新
xray检测脚本更新
支持xray yml v2语法
修复nuclei模板读取缺失字段报错
规范指纹名称，nuclei、xray检测脚本命名格式

Commits

根据原vscan开发文档，用户可以自定义指纹和poc，两者的调用关系是：先检测指纹，再调用对应poc，类似于nuclei前不久更新的-ac命令行的检测功能，都是基于指纹来检测漏洞

根据原vscan开发文档，指纹对应的xray poc命名格式为：指纹-xxxx-yml，因此对新增的poc进行了格式统一，包括： 泛微oa 用友oa 通达oa 金和oa thinphp spring-boot springblade apache-tomcat drupal microsoft-exchange sangfor
nuclei则是通过tags加载poc

在原vscan的xray规则检测基础上，使用类似nuclei加载template的逻辑重写了yml v2的多规则检测，可以实现多表达式的检测功能

Todo

待修复部分检测脚本加载失败bug

Warning

如需编译生成可执行文件，请下载release中的vcsanplus-main-code.zip文件编译

Reference

https://github.com/veo/vscan

Star History

Documentation ¶

There is no documentation for this package.

Source Files ¶

View all Source files

main.go

Directories ¶

Path	Synopsis
brute
pkg
fingerprint
httpx/common/customheader Package customheader contains all the funcionality to deal with Custom Global Headers	Package customheader contains all the funcionality to deal with Custom Global Headers
httpx/common/customlist Package customlist contains all the funcionality to deal with Custom Target List	Package customlist contains all the funcionality to deal with Custom Target List
httpx/common/customports Package customport contains all the funcionality to deal with HTTP ports	Package customport contains all the funcionality to deal with HTTP ports
httpx/common/fileutil Package fileutil contains all the funcionality related to deal with files	Package fileutil contains all the funcionality related to deal with files
httpx/common/hashes
httpx/common/httputilz Package httputilz contains all the funcionality related to common HTTP operations, dump, define methods...	Package httputilz contains all the funcionality related to common HTTP operations, dump, define methods...
httpx/common/httpx Package httpx containst the httpx common funcionality	Package httpx containst the httpx common funcionality
httpx/common/regexhelper
httpx/common/slice Package slice contains a set of utilities to deal with slices	Package slice contains a set of utilities to deal with slices
httpx/common/stringz Package stringz contains a set of utilities to deal with strings	Package stringz contains a set of utilities to deal with strings
httpx/internal/testutils
httpx/runner Package runner executes the enumeration process.	Package runner executes the enumeration process.
jndi
naabu/v2/pkg/privileges
naabu/v2/pkg/result
naabu/v2/pkg/runner
naabu/v2/pkg/scan
pocs_go
Springboot
ThinkPHP
confluence
f5
fastjson
gitlab
jboss
jenkins
jinher
landray
log4j
mcms
phpunit
seeyon
shiro
spark
sunlogin
tomcat
tongda
weblogic
xxljob
zabbix
zentao
pocs_yml
check
check/structs
pkg/common/structs
pkg/nuclei/catalog
pkg/nuclei/parse
pkg/nuclei/structs
pkg/nuclei/templates
pkg/xray/cel
pkg/xray/requests
pkg/xray/structs
utils

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL