Home

Awesome

<h1 align="center"> zpscan </h1> <h4 align="center">命令行信息收集工具</h4> <p align="center"> <a href="https://goreportcard.com/report/github.com/niudaii/zpscan"> <img src="https://goreportcard.com/badge/github.com/niudaii/zpscan"> </a> <a href="https://opensource.org/licenses/MIT"> <img src="https://img.shields.io/badge/license-MIT-_red.svg"> </a> <a href="https://github.com/niudaii/zpscan/releases"> <img src="https://img.shields.io/github/downloads/niudaii/zpscan/total"> </a> </p>

功能

使用

➜  zpscan git:(main) ./zpscan -h
一个有点好用的信息收集工具 by zp857

Usage:
  zpscan [command]

Available Commands:
  crack       常见服务弱口令爆破
  dirscan     目录扫描
  domainscan  子域名收集
  help        Help about any command
  ipscan      端口扫描
 	pocscan     poc扫描
  webscan     web信息收集

Flags:
      --debug               show debug output
  -h, --help                help for zpscan
  -i, --input string        single input(example: -i 'xxx')
  -f, --input-file string   inputs file(example: -f 'xxx.txt')
      --no-color            disable colors in output
  -o, --output string       output file to write found results (default "result.txt")

Use "zpscan [command] --help" for more information about a command.

子命令(domainscan|ipscan|webscan|crack|dirscan|pocscan)

➜  zpscan git:(main) ./zpscan crack -h                       
常见服务弱口令爆破,支持ftp,ssh,wmi,wmihash,smb,mssql,oracle,mysql,rdp,postgres,redis,memcached,mongodb

Usage:
  zpscan crack [flags]

Flags:
      --crack-all          crack all user:pass
      --delay int          delay between requests in seconds (0 to disable)
  -h, --help               help for crack
  -m, --module string      choose one module to crack(ftp,ssh,wmi,mssql,oracle,mysql,rdp,postgres,redis,memcached,mongodb) (default "all")
      --pass string        pass(example: --pass 'admin,root')
      --pass-file string   pass file(example: --pass-file 'pass.txt')
      --threads int        number of threads (default 1)
      --timeout int        timeout in seconds (default 10)
      --user string        user(example: --user 'admin,root')
      --user-file string   user file(example: --user-file 'user.txt')

Global Flags:
      --debug               show debug output
  -i, --input string        single input(example: -i 'xxx')
  -f, --input-file string   inputs file(example: -f 'xxx.txt')
      --no-color            disable colors in output
  -o, --output string       output file to write found results (default "result.txt")
[INF] 运行时间: 545.655µs

截图

domainscan

image-20220920100928722

ipscan

image-20220920101122919

webscan

image-20220916134330575

crack

image-20220916134433908

dirscan

image-20220920101308449

pocscan

image-20230422192033778

expscan

image-20230422192623949

说明

更新

2023-01-04

2022-12-21

2022-11-10

TODO

Q&A

1、linux操作系统端口扫描时出现:ping err, socket: permission denied

sudo sysctl -w net.ipv4.ping_group_range="0 2147483647"

参考

https://github.com/projectdiscovery/subfinder

https://github.com/boy-hack/ksubdomain

https://github.com/netxfly/x-crack

https://github.com/shadow1ng/fscan

https://github.com/zu1k/nali

https://github.com/projectdiscovery/naabu

https://github.com/projectdiscovery/nuclei

https://github.com/Ciyfly/woodpecker