GaritoShare

...... Bienvenido ......

Unirse al foro, es rápido y fácil

GaritoShare

...... Bienvenido ......
GaritoShare
¿Quieres reaccionar a este mensaje? Regístrate en el foro con unos pocos clics o inicia sesión para continuar.

Ir abajo
grupoed2k
grupoed2k
colaborador
colaborador
PunkSPIDER Left_bar_bleue0 / 1000 / 100PunkSPIDER Right_bar_bleue


Cantidad de envíos : 314
Edad : 44
Perfil : Patience, my friend, is a virtue...

Una cita de Georges Orwell:

Libertad de expresión es el derecho a decir

lo que nadie quere escuchar.

... .... .... .... .... ...
Tú firma Personal : Participa
Barra de Respeto :
PunkSPIDER Left_bar_bleue0 / 1000 / 100PunkSPIDER Right_bar_bleue

Reputación : 46
Fecha de inscripción : 14/10/2008
https://grupoed2kmagazine.activoforo.com

PunkSPIDER Empty PunkSPIDER

31/1/2017, 1:37 am
Mass Recon has been around for a little while with the advent of our own tool PunkSPIDER, Shodan, MassScan, ZScan etc.

PunkSPIDER 15cnji9

Today we’re announcing the beta release of our new tool punk.sh. Let me tell you how it’s different.
Mass recon at its massiest

Along with a much faster, better web app scanner (Ferret), we are running several hundred nmap NSE scans against our targets. Our target: the entire Internet. So far we have a few million domains, this will quickly be expanded to several billion in the near future. What scans are we running you ask? For web app scans, they are largely the same scans as in PunkSPIDER, that is:
bsqli (blind sql injection)
sqli (sql injection)
osci (OS command injection)
mxi (mail header injection)
traversal (path traversal)
xss (cross-site scripting)

However, this is old news, we were doing this in PunkSPIDER, and even though we’re now doing it a lot faster it’s not that exciting. What is exciting (we think) is the nmap scans we’ve added. It’d be difficult to list all of the nmap options and NSE scripts we’ve enabled and distributed to run across our cluster, but here is a snippet of the command we are using:

script_arg = "--script \"(safe or malware or discovery or external or version or vuln)
and (not -traceroute and not traceroute- and not intrusive and not exploit and not dos)
\"" sudo nmap -Pn -O -sC -T3 -sV ' + script_arg + ' -oX ' + nmap_output + ' --open --top-ports=100 -iL ' + nmap_input_host_list

so yeah, lots of stuff PunkSPIDER 1f642Smile.
With that in mind, let’s talk a little more about how you can use punk.sh.

Exploring punk.sh ~ https://punk.sh/#/

We’ve tried to make punk.sh search much more powerful than other tools out there (including PunkSPIDER). To get started simply go here. You should see a screen like the following


EsLaGuerra
Volver arriba
Permisos de este foro:
No puedes responder a temas en este foro.