用于红队成员初步快速攻击的全自动化工具。

Related tags

MiscellaneousJuD
Overview

关于

Author:m0sway
Mail:[email protected]
Github:https://www.github.com/m0sway/Jud

JuD是什么

JuD是一款自动化扫描器,其功能主要是遍历所有子域名、及遍历主机所有端口寻找出所有http服务,并使用集成的工具进行扫描,最后集成扫描报告;
工具目前有:oneforall、masscan、nmap、Wafw00f、rad、xray、ServerChan等

工作流程

  • 使用Oneforall遍历子域名
  • 遍历结束后,Server酱会发送提醒到WeChat
  • 使用masscan遍历主机所有开放端口
  • 使用nmap扫描开放端口;得出所有http服务端口
  • 使用Wafw00f进行WAF判断
  • 若无WAF,传递到rad
  • 使用rad进行扫描
  • 扫描到的URL传递到Xray
  • 使用Xray进行被动扫描
  • 扫描时发现漏洞Server酱会发送提醒到WeChat
  • 扫描结束后生成Xray报告
  • 每次项目的数据都会存入sqlite数据库,后续个人可查看

后续开发

后续还会加入FOFA的调用、dirsearch扫描目录等,优化代码,兼容Windows。

项目使用

项目是在Linux下开发的,请在Linux环境下使用。
rad扫描器是基于Chrome浏览器的,请先安装Chrome浏览器(若使用的时候报Chrome相关错误,打开Chrome的文件注释掉最后一行即可)。
接着将自己的Oneforall、Xray工具放入Tools中对应的文件夹(文件夹已经创建,将文件放入即可,不要套娃)
安装Oneforall所需Python库
配置文件在lib下的config.py,填入自己的server酱的key,其他相关配置也可做相应的更改。
全部安装完毕之后:
将目标填入 target.txt ,若是从ip开始扫描将目标填入 ip.txt ,若是直接扫描web将目标填入 task.txt 
启用命令: sudo python3 JuD.py  
可使用单个模块或者使用全自动模式。
扫描结果保存在results目录下,每次的扫描结果都会根据时间戳重命名。
结束时一定要使用工具中的退出选项,否则下次运行时会报错。

如有问题请提交Issues

2021/6/10 更新

更新了IP_SCAN表和TASK表的数据去重,避免多次扫描同一目标。 在全自动模式下注释了WAF判断(单模块依旧可以使用)。代码做了一些小优化。

2021/6/11 更新

新增了从IP开始全自动扫描 新增了从TASK开始全自动扫描

Owner
m0sway
m0sway
Modern API wrapper for Genshin Impact built on asyncio and pydantic.

genshin.py Modern API wrapper for Genshin Impact built on asyncio and pydantic.

sadru 212 Jan 06, 2023
Streamlit apps done following data professor's course on YouTube

streamlit-twelve-apps Streamlit apps done following data professor's course on YouTube Español Curso de apps de data science hecho por Data Professor

Federico Bravin 1 Jan 10, 2022
TikTok Auto Claimer Made By Aim low!#9999 Leaked By bazooka#0001

Zues Auto Claimer Leaked By bazooka#0001 put proxies in prox.txt put ssid in sid.txt put all users you want to target in user.txt for the login just t

1 Jan 14, 2022
Used the pyautogui library to automate some processes on the computer

Pyautogui Utilizei a biblioteca pyautogui para automatizar alguns processos no c

Dheovani Xavier 1 Dec 30, 2021
GWAS summary statistics files QC tool

SSrehab dependencies: python 3.8+ a GNU/Linux with bash v4 or 5. python packages in requirements.txt bcftools (only for prepare_dbSNPs) gz-sort (only

21 Nov 02, 2022
A set of simple functions to upload and fetch pastes on paste.uploadgram.me

pastegram-py A set of simple functions to upload and fetch pastes on paste.uploadgram.me. API Documentation Methods upload_paste(contents: bytes, file

Uploadgram 3 Sep 13, 2022
This application is made solely for entertainment purposes

Timepass This application is made solely for entertainment purposes helps you find things to do when you're bored ! tells jokes guaranteed to bring on

Omkar Pramod Hankare 2 Nov 24, 2021
These are After Effects and Python files that were made in the process of creating the video for the contest.

spirograph These are After Effects and Python files that were made in the process of creating the video for the contest. In the python file you can qu

91 Dec 07, 2022
Find Transposon Element insertions using long reads (nanopore), by alignment directly. (minimap2)

find_te_ins find_te_ins is designed to find Transposon Element (TE) insertions using long reads (nanopore), by alignment directly. (minimap2) Install

Ming Wang 1 Feb 09, 2022
Practice in Oxford_AI&ML class

Practice in Oxford_AI&ML class

St3ve Lee 2 Feb 04, 2022
Python 100daysofcode

#python #100daysofcode Python is a simple, general purpose ,high level & object-oriented programming language even it's is interpreted scripting langu

Tara 1 Feb 10, 2022
How did Covid affect businesses?

NYC_Business_Analysis How did Covid affect businesses? COVID's effect on NYC businesses We all know that businesses in NYC have been affected by COVID

AK 1 Jan 15, 2022
Cloth Simulation via Taichi

Cloth Simulation via Taichi

37 Nov 22, 2022
A refresher for PowerBI Desktop documents

PowerBI_Refresher-NPP Informació Per executar el programa s'ha de tenir instalat el python versio 3 o mes. Requeriments a requirements.txt. El fitxer

Nil Pujol 1 May 02, 2022
Access Modbus RTU via API call to Sungrow WiNet-S

SungrowModbusWebClient Access Modbus RTU via API call to Sungrow WiNet-S Class based on pymodbus.ModbusTcpClient, completely interchangeable, just rep

8 Oct 30, 2022
Display your data in an attractive way in your notebook!

Bloxs Bloxs is a simple python package that helps you display information in an attractive way (formed in blocks). Perfect for building dashboards, re

MLJAR 192 Dec 28, 2022
MIXLAB_NASA_TICKET mixlab 灵感来源于NASA的火星船票

MIXLAB_NASA_TICKET mixlab 灵感来源于NASA的火星船票,我们想要使用开源的代码来定制化这一设计。 其中photo_to_cartoon 是paddle的开源代码:https://github.com/minivision-ai/photo2cartoon-paddle 也借

tongji_cy 38 Feb 20, 2022
NeoInterface - Neo4j made easy for Python programmers!

Neointerface - Neo4j made easy for Python programmers! A Python interface to use the Neo4j graph database, and simplify its use. class NeoInterface: C

15 Dec 15, 2022
This is a small Panel applet for the Budgie Desktop to display the battery charge of a connected Bluetooth device.

BudgieBluetoothBattery This is a small Panel applet for the Budgie Desktop to display the battery charge of a connected Bluetooth device. It uses the

Konstantin Köhring 7 Dec 05, 2022
Meliodas Official 1.4 BombSquad Server Scripts

Noxious-Official-1.4-BombSquad-Server-Scripts Scripts Are Provided By Sparxtn Somewhat Edited By Me Scripts are Working Fine Just Download & Use It Be

Meliodas♡ 2 Oct 16, 2022