- grupoed2kcolaborador
Cantidad de envíos : 314
Edad : 44
Perfil : Patience, my friend, is a virtue...
Una cita de Georges Orwell:
Libertad de expresión es el derecho a decir
lo que nadie quere escuchar.
... .... .... .... .... ...
Tú firma Personal : Participa
Barra de Respeto :
Reputación : 46
Fecha de inscripción : 14/10/2008
PunkSPIDER
31/1/2017, 1:37 am
Mass Recon has been around for a little while with the advent of our own tool PunkSPIDER, Shodan, MassScan, ZScan etc.
Today we’re announcing the beta release of our new tool punk.sh. Let me tell you how it’s different.
Mass recon at its massiest
Along with a much faster, better web app scanner (Ferret), we are running several hundred nmap NSE scans against our targets. Our target: the entire Internet. So far we have a few million domains, this will quickly be expanded to several billion in the near future. What scans are we running you ask? For web app scans, they are largely the same scans as in PunkSPIDER, that is:
bsqli (blind sql injection)
sqli (sql injection)
osci (OS command injection)
mxi (mail header injection)
traversal (path traversal)
xss (cross-site scripting)
However, this is old news, we were doing this in PunkSPIDER, and even though we’re now doing it a lot faster it’s not that exciting. What is exciting (we think) is the nmap scans we’ve added. It’d be difficult to list all of the nmap options and NSE scripts we’ve enabled and distributed to run across our cluster, but here is a snippet of the command we are using:
script_arg = "--script \"(safe or malware or discovery or external or version or vuln)
and (not -traceroute and not traceroute- and not intrusive and not exploit and not dos)
\"" sudo nmap -Pn -O -sC -T3 -sV ' + script_arg + ' -oX ' + nmap_output + ' --open --top-ports=100 -iL ' + nmap_input_host_list
so yeah, lots of stuff .
With that in mind, let’s talk a little more about how you can use punk.sh.
Exploring punk.sh ~ https://punk.sh/#/
We’ve tried to make punk.sh search much more powerful than other tools out there (including PunkSPIDER). To get started simply go here. You should see a screen like the following
Today we’re announcing the beta release of our new tool punk.sh. Let me tell you how it’s different.
Mass recon at its massiest
Along with a much faster, better web app scanner (Ferret), we are running several hundred nmap NSE scans against our targets. Our target: the entire Internet. So far we have a few million domains, this will quickly be expanded to several billion in the near future. What scans are we running you ask? For web app scans, they are largely the same scans as in PunkSPIDER, that is:
bsqli (blind sql injection)
sqli (sql injection)
osci (OS command injection)
mxi (mail header injection)
traversal (path traversal)
xss (cross-site scripting)
However, this is old news, we were doing this in PunkSPIDER, and even though we’re now doing it a lot faster it’s not that exciting. What is exciting (we think) is the nmap scans we’ve added. It’d be difficult to list all of the nmap options and NSE scripts we’ve enabled and distributed to run across our cluster, but here is a snippet of the command we are using:
script_arg = "--script \"(safe or malware or discovery or external or version or vuln)
and (not -traceroute and not traceroute- and not intrusive and not exploit and not dos)
\"" sudo nmap -Pn -O -sC -T3 -sV ' + script_arg + ' -oX ' + nmap_output + ' --open --top-ports=100 -iL ' + nmap_input_host_list
so yeah, lots of stuff .
With that in mind, let’s talk a little more about how you can use punk.sh.
Exploring punk.sh ~ https://punk.sh/#/
We’ve tried to make punk.sh search much more powerful than other tools out there (including PunkSPIDER). To get started simply go here. You should see a screen like the following
Permisos de este foro:
No puedes responder a temas en este foro.