Initial experience of qingscan vulnerability scanner

Time:2022-1-13

1、 Background

Recently, I saw many people in several wechat groups talking about this qingscan scanner. I listened to their heated conversation. I also went to GitHub to have a look. GitHub said that it collected all kinds of security tools. Just enter a URL, it will automatically call nearly 30 security tools to scan the target, so I downloaded one to try. What’s the effect

Project address: https://github.com/78778443/QingScan

Initial experience of qingscan vulnerability scanner

2、 Open plug-in

After the installation is completed according to the prompts, access it with a browserhttp://ip:8000/, default account passwordtest1 123456

Enter system settings → daemon management. After entering, open the plug-ins you want to use this time. It is said that this function is because there are too many plug-ins. The CPU of the computer will be very high when it is fully turned on. I opened some plug-ins I need.
Initial experience of qingscan vulnerability scanner
Open the required plug-in, and then add the URL to make it scan automatically

3、 Add scan

Click black box scan → add, and enter “application name, URL address”. What needs to log in and scan is to enter the account and password. If not, you don’t need to fill in. Other defaults are good. Click Submit and the scan will be performed automatically.

Initial experience of qingscan vulnerability scanner

4、 View scan results

Click “view details” to view the vulnerability details. You can see the app information, fingerprint identification, subdomain name, etc,
Initial experience of qingscan vulnerability scanner
The following figure shows the app information, whatweb fingerprint identification, subdomain name, host brute force cracking, background scanning, SQL injection and vulmap vulnerabilities of the project, as shown in the following figure:
Initial experience of qingscan vulnerability scanner

4.1 nmap

Click information collection → nmap list to query which ports are open to the current host and the corresponding service name
Initial experience of qingscan vulnerability scanner
Click information collection → host list, and the host list will automatically detect the IP address country and province
Initial experience of qingscan vulnerability scanner

4.2 fingerprint identification

Click information collection → what web list to see the fingerprint information of each item.
Initial experience of qingscan vulnerability scanner

4.3 URL crawler

Click black box scan → URL list to see the URL crawled by the crawler.
Initial experience of qingscan vulnerability scanner

4.4 SQLMap

Click black box scan → sqlmap list. Sqlmap will scan according to the links in the URL list, and the vulnerable links are shown in the figure below.
Initial experience of qingscan vulnerability scanner

4.5 Xray

Click black box scan → Xray list to see the vulnerabilities scanned by Xray.
Initial experience of qingscan vulnerability scanner

4、 Summary

Information collection and black box scanning have been tested almost. Generally speaking, qingscan is really convenient. I only input the URL and he will help me call various tools. This is not too cool. It’s like someone passing his penetration experience to you in this way. It’s said that the display effect of this interface is really not very good-looking.


Author: Tingting’s orange
Date: December 12, 2021