[download attached] a powerful web automated vulnerability scanning tool - Xray

Xray Is a powerful security assessment tool , The main features are :

Fast detection speed . Fast contract awarding ; The vulnerability detection algorithm is efficient . Support a wide range of . Big to OWASP Top 10 General vulnerability detection , As small as all kinds of CMS frame POC, Can support . High code quality . The quality of the people who write the code is high , adopt Code Review、 unit testing 、 Multi layer verification such as integration testing to improve code reliability . High quality can be customized . Various parameters of the engine are exposed through the configuration file , By modifying the configuration file, you can greatly customize the function . There is no threat to safety .xray Positioning as a safety assessment tool , Instead of attacking tools , All built in payload and poc All are harmless tests .

Download address :

GitHub：https : //github.com/chaitin/xray/releases At the end of the paper, we can get Xray Baidu cloud download address

Supported vulnerability detection types ：

One . Installation and configuration process ：

1. download exe

With windows Download, for example , Download to xray Under the table of contents , For the convenience of operation, the file name is modified as xray.exe;

2. open PowerShell

Enter PowerShell, Click on the open ; Enter the command ： ./xray.exe version View version number ;

Input -h Command to view help information : command ： ./xray.exe -h

see webscan Help information ： command ： ./xray.exe webscan -h

3. Generate Certificate

function ./xray.exe genca Command to generate certificate file ; Get into xray Under the table of contents , Double click Install Certificate ca.crt;

Installation certificate ：

Import certificate succeeded ！！！

Installation successful ！！！

Function one . Scanning configuration of agent mode （ The target station can be set independently ）**

Modify the configuration file ： open config.yaml file ,ctrl+f Search for mitm key word >> Configure target station >> Set the target ：

Function 2 . webscan Scan the website for vulnerabilities

Method 1： Set up proxy in browser : ip: 127.0.0.1 port ：8080; Output the test results to the html In the format file :

./xray.exe webscan --listen 127.0.0.1:8080 --html-output test.html

Xray Use guide ：（ With DVWA For example, the range ）

./xray.exe webscan --basic-crawler http://127.0.0.1/DVWA/index.php --html-output test.html

First let's open up DVWA shooting range , Hang up the agent >> Grab the bag >> take DVWA In the data package of the landing page cookie Copy it to our Xray In the configuration file of the scanning tool ;

And then we go into Xray In the configuration file of the scanning tool , take cookie Import profile , Then use the command ：

（ Be careful ： With powershell Execution time , The order is ./xray.exe; With cmd Runtime , The order is xray.exe）

xray.exe webscan --basic-crawler http://127.0.0.1/DVWA/index.php

Yes dvwa Conduct vulnerability scanning in the shooting range ;（ The scanning results are as follows ）

The test results are output to our defined html Format file ：（ You can see that the scan shows DVWA Brute force cracking in the shooting range , Upload files ,sql Inject ,xss, Command line injection and other vulnerabilities ）

Specify the scan plug-in :

Use --plugins Parameter can choose to enable only part of the scanning plug-in , Multiple plug-ins can be separated by commas , Such as ：

./xray webscan --plugins cmd_injection --url http://example.com/

Use basic crawler crawling or crawler crawling links for subdivision scanning :

./xray.exe webscan --basic-crawler http://example.com

Be careful ： With powershell Execution time , The order is ./xray.exe; With cmd Runtime , The order is xray.exe

summary ：

1. ctrl + c Command exit ; 2 If the generated result report shows that it already exists , The folder report file can be deleted , Regenerate can also change the name of the report file to regenerate ;
2. The browser opens and we are config.yaml The target station set by the configuration file , The scanning test will be carried out automatically ;
3. A report will not be generated if it is terminated halfway ;