当前位置:网站首页>Simple use of Xray
Simple use of Xray
2022-07-07 08:52:00 【Colorful @ star】
xray Simple use
summary
Xray Is a powerful security assessment tool , Support Take the initiative 、 passive Multi scan mode , Support common web Loopholes automated testing , Flexible definition of POC, Rich in functions , Easy to call , Support multiple operating systems
characteristic
- Fast detection speed
- Support a wide range of
- High quality can be customized
- There is no threat to safety
- Fast update speed
Supported vulnerability detection types
- XSS Vulnerability detection (key: xss)
- SQL Injection detection (key: sqldet)
- command / Code injection detection (key: cmd-injection)
- Directory enumeration (key: dirscan)
- Path crossing detection (key: path-traversal)
- XML Solid injection detection (key: xxe)
- File upload detection (key: upload)
- Weak password detection (key: brute-force)
- jsonp testing (key: jsonp)
- ssrf testing (key: ssrf)
- Baseline check (key: baseline)
- Arbitrary jump detection (key: redirect)
- CRLF Inject (key: crlf-injection)
- Struts2 Serial vulnerability detection ( premium ,key: struts)
- Thinkphp Serial vulnerability detection ( premium ,key: thinkphp)
- POC frame (key: phantasm)
among POC The frame is built-in by default Github On the contribution of poc, Users can also build on demand poc And run
Download and install
Download address
GitHub Address :https://github.com/chaitin/xray/releases
Document address :https://docs.xray.cool/
Support installation and download of various operating systems
install
1、 Because the blogger is Windows64 Bit operating system , So choose 64 Bit installation file
2、 unpack , Just one exe file
3、 Use cmd The command line navigates to the current xray.exe Path
Run the file
meanwhile xray_windows_386.exe Under the same directory of the file config.yaml The configuration file
see xray Version number of version
see Help document --help
Configuration is introduced
Xray In the catalog config.yaml The file contains all the configuration information , Configuration mainly includes five categories :http、plugins、 reverse、mitm、basic_crawle
Set the domain name that allows scanning
hostname_allowed: Is the domain name that allows scanning ,hostname_disallowed: Is a domain name that is not allowed to be scanned , You can use asterisks ( Express all ) matching
Scan plug-in configuration
The plug-in configuration modification is mainly on and off , The default is all on , Detect all types of vulnerabilities during scanning , The type of vulnerability that does not need to be detected is modified to false; You can also specify plug-ins during scanning , Such as :–plugins xss,xxe,cmd_injection
Contracting rate limit
Prevent requests from being too quickly waf Intercept , You can reduce the number of requests per second , Default per second 500
Scan agent configuration
Setting up a proxy can work with burp suite And other software
The proxy pattern
1、 Generate ca certificate
xray_windows_386.exe genca
- 1
2、 Import to browser ca certificate
choice ca The path of the certificate
Certificate of trust
end
3、 Set up proxy for browser
4、 function xray, monitor
xray_windows_386.exe webscan --listen 127.0.0.1:7777 --html-output test.html
webscan web Page vulnerability detection
–listen monitor
–html-output Output html Format
- 1
- 2
- 3
- 4
- 5
visit dvwa Of sql Injection module
xray change
end CTRL+c
3、 open test.html, View generated reports
Reptile mode
xray Bugs can be checked with the help of crawlers
xray_windows_386.exe webscan --basic-crawler http://127.0.0.1/bc/DVWA/vulnerabilities/sqli/?id=2&Submit=Submit# --html-output 111.html
webscan web Page scan
–basic-crawler Basic reptiles
- 1
- 2
- 3
- 4
Xray + BurpSuite
burpsuite As Xray The upstream agent of ( Grab Xray Contract awarding )
namely : browser -> Xray -> burpsuite -> Server side
This method is convenient to view Xray Scan the packets sent by the website , And it can also be tested poc Whether it is right
Xray As burpsuite The upstream agent of ( Assist in testing )
namely : browser -> burpsuite -> Xray -> Server side
This method is convenient to test wherever you want , If you want to test, send it to Xray, Don't want to throw away the data packet
</article>
边栏推荐
- Oracle makes it clear at one time that a field with multiple separators will be split into multiple rows, and then multiple rows and columns. Multiple separators will be split into multiple rows, and
- [kuangbin] topic 15 digit DP
- [南京大学]-[软件分析]课程学习笔记(一)-introduction
- Opencv converts 16 bit image data to 8 bits and 8 to 16
- cmake命令行使用
- Download and install orcale database11.2.0.4
- Sign and authenticate API interface or H5 interface
- POJ - 3784 running medium
- [Yugong series] February 2022 U3D full stack class 008 - build a galaxy scene
- [Yugong series] February 2022 U3D full stack class 007 - production and setting skybox resources
猜你喜欢
Category of IP address
Interpolation lookup (two methods)
NCS Chengdu Xindian interview experience
Other 7 features of TCP [sliding window mechanism ▲]
Mountaineering team (DFS)
[Yugong series] February 2022 U3D full stack class 006 unity toolbar
Explain Huawei's application market in detail, and gradually reduce 32-bit package applications and strategies in 2022
Download and install orcale database11.2.0.4
快速集成认证服务-HarmonyOS平台
Greenplum6.x监控软件搭建
随机推荐
注解@ConfigurationProperties的三种使用场景
Quick sorting (detailed illustration of single way, double way, three way)
Find the original code, inverse code and complement of signed numbers [C language]
Routing information protocol rip
PPT模板、素材下载网站(纯干货,建议收藏)
更改当前文件夹及文件夹下文件日期shell脚本
MySQL主从延迟的解决方案
About using CDN based on Kangle and EP panel
Tronapi wave field interface - source code without encryption - can be opened twice - interface document attached - package based on thinkphp5 - detailed guidance of the author - July 6, 2022 - Novice
Recommended by Alibaba P8, the test coverage tool - Jacobo is very practical
Calling the creation engine interface of Huawei game multimedia service returns error code 1002, error message: the params is error
xray的简单使用
ncs成都新電面試經驗
JS operation
Introduction to data fragmentation
23 Chengdu instrument customization undertaking_ Discussion on automatic wiring method of PCB in Protel DXP
Greenplum 6.x version change record common manual
Un salaire annuel de 50 W Ali P8 vous montrera comment passer du test
为不同类型设备构建应用的三大更新 | 2022 I/O 重点回顾
数据分片介绍