A Modified version of TCC's Osprey poc framework......

Last update: Dec 30, 2022

Related tags

Security related resources firece-fish

Overview

fierce-fish

fierce-fish是由TCC(斗象能力中心)出品并维护的开源漏洞检测框架osprey的改写，去掉臃肿功能的精简版本poc框架

PS：真的用不惯其它臃肿的功能，不过作为一个收集漏洞poc && exp的框架还是非常不错的！！！
osprey
For beginners friendly (script kiddos would like it !)

简介

fierce-fish ------ 凶鱼，一种比鱼鹰还要凶猛的鱼，由于是osprey的改写版所以取此命名漏洞盒子PoC框架，寓意快，精，准，凶。

fierce-fish 是一个可无限扩展自定义poc的开源漏洞检测与利用框架(Python3开发)，是osprey的修改版。 fierce-fish框架可供使用者在渗透测试、漏洞检测、漏洞扫描等场景中应用。框架提供了命令行接口，可供灵活调用，也可用于构建自己的扫描器, 构建自己的通用型漏洞库。

持续添加POC && EXP

安装

从Git上获取最新版本的osprey代码

$ git clone https://github.com/FDlucifer/firece-fish.git
$ cd firece-fish
$ pip3 install -r requirements.txt

若执行脚本还是报错，可以根据报错信息提示缺失的模块，手动执行命令(pip3 install ‘缺失模块名')，进行安装...

使用

获取帮助列表：

$ python osprey.py --help

最简单的用法，针对一个目标URL，发起一个PoC做检测：

$ python osprey.py -t URL -v POC_ID

目前已收录漏洞POC及EXP

漏洞名	poc名称	poc链接
Metinfo 5.3.17 X-Rewrite-url SQL Injection	vb_2017_0060	Metinfo_5_3_17_X_Rewrite_url_Sql_Injection
Landray-OA Arbitrary File Read	vb_2021_0001	Landray-OA Arbitrary File Read
Yy-OA A6 Disclosure of sensitive information	vb_2021_0002	Yy-OA A6 Disclosure of sensitive information
LionfishCMS ApiController.class.php SQL Injection	vb_2021_0003	LionfishCMS ApiController.class.php SQL Injection
LionfishCMS ApigoodsController.class.php SQL Injection	vb_2021_0004	LionfishCMS ApigoodsController.class.php SQL Injection
Kingsoft V8 Arbitrary file read	vb_2021_0005	Kingsoft V8 Arbitrary file read
Kingsoft V8 pdf_maker.php RCE	vb_2021_0006	Kingsoft V8 pdf_maker.php RCE
Kingsoft V8 Default Weak Password	vb_2021_0007	Kingsoft V8 Default Weak Password
Weaver OA 8 SQL injection	vb_2021_0008	Weaver OA 8 SQL injection
Weaver OA Bsh RCE	vb_2021_0009	Weaver OA Bsh RCE
Citrix XenMobile Read FIle	vb_2021_0010	Citrix XenMobile Read FIle
Weblogic RCE CVE-2020-14882	vb_2021_0011	Weblogic RCE CVE-2020-14882
Hanming Video Conferencing File Read	vb_2021_0012	Hanming Video Conferencing File Read
Jinher OA Arbitrary File Read	vb_2021_0013	Jinher OA Arbitrary File Read
LanProxy Server Read File	vb_2021_0014	LanProxy Server Read File
YApi Remote Code Execute	vb_2021_0015	YApi Remote Code Execute
SaltStack RCE CVE-2020-11651	vb_2021_0016	SaltStack RCE CVE-2020-11651
Coremail Server Information Leakage	vb_2021_0017	Coremail Server Information Leakage
AonarQube Api Information Leakage	vb_2021_0018	AonarQube Api Information Leakage
Alibaba Canal Accesskey Information Leakage	vb_2021_0019	Alibaba Canal Accesskey Information Leakage
MessageSolution Email System Information Leakage	vb_2021_0020	MessageSolution Email System Information Leakage
ICEFlow VPN Information Leakage	vb_2021_0021	ICEFlow VPN Information Leakage
IceWarp WebClient Basic RCE	vb_2021_0022	IceWarp WebClient Basic RCE
ShowDoc File Upload	vb_2021_0023	ShowDoc File Upload
Duoke-Web-Server-SQLInjection	vb_2021_0024	Duoke-Web-Server-SQLInjection
yonyou-UFIDA-NC-file-read	vb_2021_0025	yonyou-UFIDA-NC-file-read
zhongqingnabo_information_leak	vb_2021_0026	zhongqingnabo_information_leak
Apache Druid RCE	vb_2021_0027	Apache Druid RCE
Apache Kylin Xielou ReadFile	vb_2021_0028	Apache Kylin Xielou ReadFile
Apache Flink Read File	vb_2021_0029	Apache Flink Read File
Apache Flink Rce	vb_2021_0030	Apache Flink Rce
3C HG659 Lib An Arbitrary FileRead	vb_2021_0031	3C HG659 Lib An Arbitrary FileRead
IceWarp WebClient Basic RCE	vb_2021_0032	IceWarp WebClient Basic RCE
亿赛通命令执行漏洞	vb_2021_0033	亿赛通命令执行漏洞
Atlassian Jira Information disclosure	vb_2021_0034	Atlassian Jira Information disclosure
LANLING OA file read	vb_2021_0035	LANLING OA file read
CISCO Read-Only Path Traversal Vuln	vb_2021_0036	CISCO Read-Only Path Traversal Vuln
Seeyon_Ajax_Getshell	vb_2021_0037	Seeyon_Ajax_Getshell
待补充	vb_2021_0038	待补充
待补充	vb_2021_0039	待补充
待补充	vb_2021_0040	待补充
待补充	vb_2021_0041	待补充
zyxel_nbg2105_bypass_auth	vb_2021_0042	zyxel_nbg2105_bypass_auth
HIKVISION_file_read	vb_2021_0043	HIKVISION_file_read
CVE_2021_41773_poc_and_exploit	vb_2021_0044	CVE_2021_41773_poc_and_exploit
CVE_2021_42013_poc_and_exploit	vb_2021_0045	CVE_2021_42013_poc_and_exploit

特点

体积小

检测效果精准，可自己持续按照框架模版添加poc, 方便高效

poc编写说明相关文档

基于Osprey编写PoC，请参考 osprey编写规范和要求说明

A Modified version of TCC's Osprey poc framework......

Related tags

Overview

fierce-fish

简介

安装

使用

目前已收录漏洞POC及EXP

特点

poc编写说明相关文档

后续会在本仓库长期更新最新的POC & EXP。:)

Owner

lUc1f3r11

This program will brute force any Instagram account you send it its way given a list of proxies.

StarUML cracker - StarUML cracker With Python

RapiDAST provides a framework for continuous, proactive and fully automated dynamic scanning against web apps/API.

Facebook account cloning/hacking advanced tool + dictionary attack added | Facebook automation tool

Facebook Fast Cracking Tool With Python

SonicWall SMA-100 Unauth RCE Exploit (CVE-2021-20038)

Scan all java processes on your host to check weather it's affected by log4j2 remote code execution

🎻 Modularized exploit generation framework

Confluence OGNL injection

Everything I needed to understand what was going on with "Spring4Shell" - translated source materials, exploit, links to demo apps, and more.

Set the draft security HTTP header Permissions-Policy (previously Feature-Policy) on your Django app.

A token logger for discord + steals Brave/Chrome passwords and usernames

BurpSuite Extension: Log4j RCE Scanner

GDID (Google Dorks for Information Disclosure)

Template for new OSINT command-line tools

Northwave Log4j CVE-2021-44228 checker

Encrypted Python Password Manager

Update of uncaptcha2 from 2019

A simple automatic tool for finding vulnerable log4j hosts

SCodeScanner stands for Source Code scanner where the user can scans the source code for finding the Critical Vulnerabilities.