1、 Background
Recently, I saw many people in several wechat groups talking about this qingscan scanner. I listened to their heated conversation. I also went to GitHub to have a look. GitHub said that it collected all kinds of security tools. Just enter a URL, it will automatically call nearly 30 security tools to scan the target, so I downloaded one to try. What’s the effect
Project address: https://github.com/78778443/QingScan
2、 Open plug-in
After the installation is completed according to the prompts, access it with a browserhttp://ip:8000/, default account passwordtest1 123456,
Enter system settings → daemon management. After entering, open the plug-ins you want to use this time. It is said that this function is because there are too many plug-ins. The CPU of the computer will be very high when it is fully turned on. I opened some plug-ins I need.
Open the required plug-in, and then add the URL to make it scan automatically
3、 Add scan
Click black box scan → add, and enter “application name, URL address”. What needs to log in and scan is to enter the account and password. If not, you don’t need to fill in. Other defaults are good. Click Submit and the scan will be performed automatically.
4、 View scan results
Click “view details” to view the vulnerability details. You can see the app information, fingerprint identification, subdomain name, etc,
The following figure shows the app information, whatweb fingerprint identification, subdomain name, host brute force cracking, background scanning, SQL injection and vulmap vulnerabilities of the project, as shown in the following figure:
4.1 nmap
Click information collection → nmap list to query which ports are open to the current host and the corresponding service name
Click information collection → host list, and the host list will automatically detect the IP address country and province
4.2 fingerprint identification
Click information collection → what web list to see the fingerprint information of each item.
4.3 URL crawler
Click black box scan → URL list to see the URL crawled by the crawler.
4.4 SQLMap
Click black box scan → sqlmap list. Sqlmap will scan according to the links in the URL list, and the vulnerable links are shown in the figure below.
4.5 Xray
Click black box scan → Xray list to see the vulnerabilities scanned by Xray.
4、 Summary
Information collection and black box scanning have been tested almost. Generally speaking, qingscan is really convenient. I only input the URL and he will help me call various tools. This is not too cool. It’s like someone passing his penetration experience to you in this way. It’s said that the display effect of this interface is really not very good-looking.
Author: Tingting’s orange
Date: December 12, 2021