httpx过滤80和443端口的web服务时，结果可能会有重复

leveryd-asm / asm

Scanner platform based on Kubernetes and Argo-Workflow 基于k8s和argo工作流的扫描器

https://leveryd-asm.github.io/asm-document

MIT License

106 stars 6 forks source link

Closed leveryd closed 1 year ago

leveryd commented 1 year ago

/ # echo www.apple.com | httpx -p http:80,https:443 -fhr
...
https://www.apple.com
http://www.apple.com [https://www.apple.com/]

带来的影响：在爬扫时会重复扫描对象，造成扫描资源浪费、影响目标资产的业务

leveryd commented 1 year ago

假设重定向后的子域名仍然在资产列表中

比如

http://x.com -> https://x.com
https://x.com -> https://b.com

可以用 httpx -fc 302,301去重