-
```
uname -a
Linux Decarb08 5.10.16.3-microsoft-standard-WSL2 #1 SMP Fri Apr 2 22:23:49 UTC 2021 x86_64 x86_64 x86_64 GNU/Linux
```
And `uname -m` in particular returns `x86_64`. But the availab…
-
-
### Situation
The current approach to mark false positives for web scans is not sufficient because a lot of the web scan findings contain dynamic parts e.g. random inputs inside URL query parameters.…
winzj updated
2 months ago
-
poc检测中只开启xray,选择一个目标、一个poc
它会产生很多请求,像这样
Monthly webscans report are manually processed and should be streamlined. The webscan team now provides a json version of the report that can be parsed and summarized au…
-
1. 简介
渗透的本质是信息收集,信息收集也叫做资产收集。
信息收集是渗透测试的前期主要工作,是非常重要的环节,收集足够多的信息才能方便接下来的测试,信息收集主要是收集网站的域名信息、子域名信息、目标网站信息、目标网站真实IP、敏感/目录文件、开放端口和中间件信息等等。通过各种渠道和手段尽可能收集到多的关于这个站点的信息,有助于我们更多的去找到渗透点,突破口。
2. 粗略分…
-
Would it be possible to have a Webscan UI?
It appears there is a github repository that has this https://github.com/virink/xray-weblisten-ui
Could this be implemented into xray?
-
The Nuclei plugin `PerServer` is not called and applied.
-
Is possible to use webscan command --basic-crawler with --plugins
for example like this
xray webscan --basic-crawler http://example.com --plugins xss --html-output proxy.html