当前位置：网站首页>Xray and burp linkage mining

Xray and burp linkage mining

2022-07-06 14:03:00 【Lazy and talented】

Catalog

0x0A xray Basic introduction and use

0x0a xray Official website

0x0b Installation configuration

0x0c xray( Community Edition ) Basic use of

0x01 Active scanning （ Remember to authorize ）

0x02 Passive scanning

0x0d xray Red team version

0x01 Sub domain name collection

0x02 Special scanning

wait ...

0x0B burp And xray The linkage of

0X01 Grab https Traffic

0x02 burp by xray Upstream :

0x03 burp by xray Downstream of :（ install jar plug-in unit ）

summary ; No matter it is burp As xray The front and back of The effect is not very good （ It is recommended to have authorization Active scanning ）

Share next issue ：

0x0A xray Basic introduction and use

0x0a xray Official website

xray Community Edition xray - A powerful security assessment tool

0x01 function ： Subdomain scanning 、 common web Vulnerability detection 、 Service Vulnerability Detection 、

Reptile detection 、 Special detection ability 、Xray linkage

0x02 Pattern ： Active scanning （edu gov Site Don't try to ） Passive scanning （ Crawl web page cache scanning ）

0x03 difference burp：xray Is to monitor packets burp Is to intercept packets

0x04 xray Community Edition and Red Team Edition For daily testing, the community version can meet （ The red team poc Quick update ）

Advanced version xray Support struts、fastjson、thinkphp、shiro One click detection of high-risk historical vulnerabilities in the framework

0x0b Installation configuration

0x01powershell cd Get into xray root directory

0x02 command xray_windows_amd64.exe genca, Can generate ca certificate , How to detect this machine HTTPS Traffic .

（ monitor cer The certificate needs to be installed on the local computer If you use firefox The browser also imports the browser ）

0x03 Certificate name ：ca.cer

0x04 yaml file analysis disallowed The domain name that is not allowed to be scanned by default

All in all Two places Just delete this line

0x05 double-click Certificate installation

double-click --> Installation certificate --> Default yes

0x0c xray( Community Edition ) Basic use of

0x01 Active scanning （ Remember to authorize ）

xray_windows_amd64.exe webscan --url www.baidu.com --html-output test.html

0x02 Passive scanning

xray_windows_amd64.exe webscan--listen 127.0.0.1:7777 --html-output test.html

0x0d xray Red team version

0x01 Sub domain name collection

xray_windows_amd64.exe subdomain baidu.com --text-output baidu.txt

Than wydomain、subDomainsBrute And other tools are more practical , Advanced version xray As information collection , Recommended .

0x02 Special scanning

shiro fastjson thinkphp struts

Don't forget to sweep it out Using one's own poc verification

wait ...

0x0B burp And xray The linkage of

effect ：xray Not easy to see host use burp Of history Just solve

0X01 Grab https Traffic

If grab is needed https Flow needs brup as well as xray All installed https certificate .

Please visit

brup Install certificate grabbing https

brup Install certificate grabbing https - L0ading - Blog Garden

xray Install the certificate http as well as https scanning

xray Install the certificate http as well as https scanning - L0ading - Blog Garden

0x02 burp by xray Upstream :

browser --> burp -->xray --> testing ( Put the bag manually , Not very convenient )

On the basis of conventional packet capturing ,burp Configuring a downstream agent . Send traffic to xray scan . stay bp The following configuration can be carried out on the basis of catching website packets . here bp Send the traffic to the local 7777 port