Incloud_Github_Fuzzing

admin
admin
admin
102465
文章
87
评论
2023年9月22日23:43:37评论26 views字数 2156阅读7分11秒阅读模式

一、前言碎语

1、采用Github上的Actions进行部署。

2、采用Nuclei+Paramspider进行结合 

二、环境准备

1、ParamSpider

git clone https://github.com/0xKayala/ParamSpider.git

2、Nuclei

git clone https://github.com/projectdiscovery/nuclei.git

3、Templates

git clone https://github.com/projectdiscovery/fuzzing-templates.git

4、一个可以输出结果的output的文件夹(里面放个output.txt vuln.txt的文本)

5、一个可以输入需要fuzz的域名(domain.txt)

6、采用python进行联合的调用(你也可以采用其他的语言脚本)

三、整体架构

Incloud_Github_Fuzzing

四、核心

代码


name: Incloud_Github_Fuzzing
on:    workflow_dispatch:
jobs:
  build:    runs-on: ubuntu-latest    steps:      - name: Checkout Repo        uses: actions/checkout@master
      - name: Set up Go        uses: actions/setup-go@v2        with:          go-version: '1.20'
      - name: Setup Dependencies        run: sudo apt-get install libpcap-dev              - name: Cache Go        id: cache-go        uses: actions/cache@v2        with:          path: /home/runner/go          key: ${{ runner.os }}-go      - name: Setting up ProjectDiscovery tools        if: steps.cache-go.outputs.cache-hit != 'true'        env:          GO111MODULE: on        run: |          go install -v github.com/projectdiscovery/nuclei/v2/cmd/nuclei@latest                  shell: bash
      - name: Running ParamSpider        shell: bash        run: |          pip3 install -r ParamSpider/requirements.txt          chmod +x run.py          python3 run.py        
      - name: Running nuclei-fuzzing scaning        run: |          nuclei -l output/output.txt -rl 300 -bs 35 -c 30  -mhe 10 -ni -t fuzzing-templates/ -stats -silent -severity critical,medium,high,low -o output/vuln.txt | tee output/vuln.txt        shell: bash
      - name: Sorting the output results        run: |          find output -type f -exec sort {} -o {} ;        shell: bash
      - name: Create local changes        run: |          git add output/vuln.txt                  shell: bash
      - name: Sorting the output results        run: |          find output -type f -exec sort {} -o {} ;        shell: bash
      - name: Create local changes        run: |          git add output/vuln.txt      - name: Commit results to Github        run: |          git config --local user.email "[email protected]"          git config --global user.name "xxx"          git commit -m "Nuclei Report" -a --allow-empty      - name: Push changes        uses: ad-m/github-push-action@master        with:          github_token: ${{ secrets.GITHUB_TOKEN }}          branch: ${{ github.ref }}

 注:git configemail与name需要修改成自己的

#run.py代码import os
with open('domain.txt','r') as file:    hosts = [line.strip() for line in file.readlines()]for host in hosts:    os.system("python3 ParamSpider/paramspider.py --domain "+host+" --output output/output.txt")

五、效果展示

Incloud_Github_Fuzzing

Incloud_Github_Fuzzing

Incloud_Github_Fuzzing

、利益分析

利:可以有效的减少自己服务器的暴露

害:Github Actions每个月有额度限制

害:每个Actions的最长运行时间是6小时

(起码我是这样的,有比我时间长的,我低头学习)

七、扩展

可进行子域名自动收集+nuclei自动扫描

(目前已完成,但不公开。自己部署去,有手就行。)


Incloud_Github_Fuzzing
Incloud_Github_Fuzzing

扫描二维码获取

更多精彩

Incloud_Github_Fuzzing

洛米唯熊

Incloud_Github_Fuzzing

原文始发于微信公众号(洛米唯熊):Incloud_Github_Fuzzing

  • 左青龙
  • 微信扫一扫
  • weinxin
  • 右白虎
  • 微信扫一扫
  • weinxin
admin
  • 本文由 发表于 2023年9月22日23:43:37
  • 转载请保留本文链接(CN-SEC中文网:感谢原作者辛苦付出):
                   Incloud_Github_Fuzzinghttps://cn-sec.com/archives/2059545.html

发表评论

匿名网友 填写信息