当前位置:网站首页>Xray and burp linkage mining
Xray and burp linkage mining
2022-07-06 14:03:00 【Lazy and talented】
Catalog
0x0A xray Basic introduction and use
0x0b Installation configuration
0x0c xray( Community Edition ) Basic use of
0x01 Active scanning ( Remember to authorize )
0x01 Sub domain name collection
0x0B burp And xray The linkage of
0x03 burp by xray Downstream of :( install jar plug-in unit )
0x0A xray Basic introduction and use
0x0a xray Official website
xray Community Edition xray - A powerful security assessment tool
0x01 function : Subdomain scanning 、 common web Vulnerability detection 、 Service Vulnerability Detection 、
Reptile detection 、 Special detection ability 、Xray linkage
0x02 Pattern : Active scanning (edu gov Site Don't try to ) Passive scanning ( Crawl web page cache scanning )
0x03 difference burp:xray Is to monitor packets burp Is to intercept packets
0x04 xray Community Edition and Red Team Edition For daily testing, the community version can meet ( The red team poc Quick update )
Advanced version xray Support struts、fastjson、thinkphp、shiro One click detection of high-risk historical vulnerabilities in the framework
0x0b Installation configuration
0x01powershell cd Get into xray root directory
0x02 command xray_windows_amd64.exe genca, Can generate ca certificate , How to detect this machine HTTPS Traffic .
( monitor cer The certificate needs to be installed on the local computer If you use firefox The browser also imports the browser )
0x03 Certificate name :ca.cer
0x04 yaml file analysis disallowed The domain name that is not allowed to be scanned by default
All in all Two places Just delete this line
0x05 double-click Certificate installation
double-click --> Installation certificate --> Default yes
0x0c xray( Community Edition ) Basic use of
0x01 Active scanning ( Remember to authorize )
xray_windows_amd64.exe webscan --url www.baidu.com --html-output test.html 
0x02 Passive scanning
xray_windows_amd64.exe webscan--listen 127.0.0.1:7777 --html-output test.html 
0x0d xray Red team version
0x01 Sub domain name collection
xray_windows_amd64.exe subdomain baidu.com --text-output baidu.txtThan wydomain、subDomainsBrute And other tools are more practical , Advanced version xray As information collection , Recommended .
0x02 Special scanning
shiro fastjson thinkphp struts
Don't forget to sweep it out Using one's own poc verification
wait ...
0x0B burp And xray The linkage of
effect :xray Not easy to see host use burp Of history Just solve
0X01 Grab https Traffic
If grab is needed https Flow needs brup as well as xray All installed https certificate .
Please visit
brup Install certificate grabbing https
brup Install certificate grabbing https - L0ading - Blog Garden
xray Install the certificate http as well as https scanning
xray Install the certificate http as well as https scanning - L0ading - Blog Garden
0x02 burp by xray Upstream :
browser --> burp -->xray --> testing ( Put the bag manually , Not very convenient )
On the basis of conventional packet capturing ,burp Configuring a downstream agent . Send traffic to xray scan . stay bp The following configuration can be carried out on the basis of catching website packets . here bp Send the traffic to the local 7777 port
The browser opens 127.0.0.1:8080 burp Intercept port
The effect is as shown in the picture
0x03 burp by xray Downstream of :( install jar plug-in unit )
error: Remember to turn off burp As upstream Set up user-options Set up
Releases · c0ny1/passive-scan-client · GitHub
tips: First open xray Listen to the command stay run passive-scan-Clinet.jar modular
browser --> xray -->burp --> testing ( Automatic detection )
Set up xray Browser agent 127.0.0.1:7777
The effect is as shown in the picture Not very easy to use
summary ; No matter it is burp As xray The front and back of The effect is not very good ( It is recommended to have authorization Active scanning )
Share next issue :
xray+rad Linkage passive scanning
Fully automatic Deep climb
边栏推荐
- Difference and understanding between detected and non detected anomalies
- Hackmyvm Target Series (3) - vues
- Reinforcement learning series (I): basic principles and concepts
- 记一次edu,SQL注入实战
- HackMyvm靶机系列(4)-vulny
- 2022泰迪杯数据挖掘挑战赛C题思路及赛后总结
- 7-15 h0161. Find the greatest common divisor and the least common multiple (PTA program design)
- 力扣152题乘数最大子数组
- Yugu p1012 spelling +p1019 word Solitaire (string)
- This time, thoroughly understand the MySQL index
猜你喜欢
"Gold, silver and four" job hopping needs to be cautious. Can an article solve the interview?
Write a program to simulate the traffic lights in real life.
实验六 继承和多态
Strengthen basic learning records
Principles, advantages and disadvantages of two persistence mechanisms RDB and AOF of redis
canvas基础2 - arc - 画弧线
QT meta object qmetaobject indexofslot and other functions to obtain class methods attention
Nuxtjs quick start (nuxt2)
4. Branch statements and loop statements
HackMyvm靶机系列(2)-warrior
随机推荐
【Numpy和Pytorch的数据处理】
UGUI—Text
中间件漏洞复现—apache
强化学习基础记录
7-6 矩阵的局部极小值(PTA程序设计)
渗透测试学习与实战阶段分析
Hackmyvm Target Series (3) - vues
js判断对象是否是数组的几种方式
记一次,修改密码逻辑漏洞实战
Wei Shen of Peking University revealed the current situation: his class is not very good, and there are only 5 or 6 middle-term students left after leaving class
HackMyvm靶机系列(3)-visions
Simply understand the promise of ES6
2. First knowledge of C language (2)
7-15 h0161. 求最大公约数和最小公倍数(PTA程序设计)
Experiment 6 inheritance and polymorphism
实验八 异常处理
强化学习基础记录
"Gold, silver and four" job hopping needs to be cautious. Can an article solve the interview?
Using spacedesk to realize any device in the LAN as a computer expansion screen
Programme de jeu de cartes - confrontation homme - machine