停止更新(归档处理),请关注后续项目
点击关注 Twitter 以便快速了解我的动态.
It is convenient for red team personnel to conduct security detection on the target site and quickly obtain assets.
本工具仅面向合法授权的企业安全建设行为,如您需要测试本工具的可用性,请自行搭建靶机环境。 在使用本工具进行检测时,您应确保该行为符合当地的法律法规,并且已经取得了足够的授权。请勿对非授权目标进行扫描。 如果发现上述禁止行为,我们将保留追究您法律责任的权利。
如您在使用本工具的过程中存在任何非法行为,您需自行承担相应后果,我们将不承担任何法律及连带责任. 您的使用行为或者您以其他任何明示或者默示方式表示接受本协议的,即视为您已阅读并同意本协议的约束。
Like the FOFA effect, Quake is currently being updated and upgraded, so let's not post the screenshot of the effect.
Like the FOFA effect, Quake is currently being updated and upgraded, so let's not post the screenshot of the effect.
Configure system
on the third line of the config/config.yaml
file
git clone https://github.com/ExpLangcn/WanLi.git
cd WanLi & pip3 install -r requirements.txt
vim config/config.yaml # Configure FOFA information and Quake information
python3 WanLi.py # Enter interactive mode and enter Help to view help information
2022.2.24:
- Adapt to Windows system
- Restore interactive control, remove parameter control
- Optimize the overall code to improve efficiency
2022.2.21:
- config problem report error solution, more suitable for Windows system
- Removed the Domain scan function of FOFA and Quake and merged it into the Domain parameter
- Improve the vulnerability scanning function, the vulnerability database will be updated before each vulnerability scan
- replace the pocscan parameter with the poc parameter
- To perform vulnerability scanning on Domain results and asset detection results, just add -scan
2022.2.16:
- Refactor to rewrite WanLiScan
- Fixed FOFA asset search issue
- Added FOFA domain name detection
- Added 360 Quake asset search
- Added 360 Quake domain name detection
-Added comprehensive domain name fuzz detection
- Added vulnerability library single target vulnerability scanning function
- Added vulnerability library batch target vulnerability scanning function
2022.2.8:
- Update Docker version
2022.2.x:
- I forgot the time...