红队神器 -- ApolloScanner(自动化巡航扫描框架)

sandalwood

原文链接：红队神器 -- ApolloScanner(自动化巡航扫描框架)

一、软件界面

二、功能介绍

1、资产收集（需要主域名，资产对象可直接在爆破和漏扫过程中调用）

子域名收集（需要virustotal-api-token）、cname收集、ip地址（a记录）收集、开放端口扫描（基于masscan）、端口对应服务、组件指纹版本探测（基于nmap）、http标题探测、http框架组件探测

2、github敏感信息收集

基于域名和关键字的敏感信息收集（需要github-token）

3、暴力破解（基于exp的暴力破解）

exp注册模块：代码动态编辑、代码动态调试、支持资产对象

破解任务模块：支持exp对象调用、支持资产对象、支持批量资产、支持多线程（可配置）

破解结果模块：支持结果显示、支持钉钉通知

敏感路径探测任务

敏感路径探测结果

4、漏洞扫描模块

exp注册模块：代码动态编辑、代码动态调试、支持资产对象

漏扫任务模块：支持exp对象调用、支持资产对象、支持批量资产、支持多线程（可配置)

结果显示模块：支持结果显示、支持钉钉通知

5、配置模块

支持常用系统配置（各类token、线程数）

支持用户、用户组、权限配置模块

支持启动服务模块：HTTP服务（支持HTTP请求记录）、DNS服务（支持DNS请求记录）

三、exp编写规范

1、暴力破解

1. <p class="MsoNormal"><span style="mso-spacerun:'yes';font-family:宋体;mso-ascii-font-family:Calibri;
   
2. mso-hansi-font-family:Calibri;mso-bidi-font-family:'Times New Roman';font-size:10.5000pt;
   
3. mso-font-kerning:1.0000pt;"></span></p><p class="MsoNormal"><span style="mso-spacerun:'yes';font-family:宋体;mso-ascii-font-family:Calibri;
   
4. mso-hansi-font-family:Calibri;mso-bidi-font-family:'Times New Roman';font-size:10.5000pt;
   
5. mso-font-kerning:1.0000pt;"><font face="Calibri">def brute_scan_function_name(ipaddress, port, username, password, logger):  </font></span><span style="mso-spacerun:'yes';font-family:宋体;mso-ascii-font-family:Calibri;
   
6. mso-hansi-font-family:Calibri;mso-bidi-font-family:'Times New Roman';font-size:10.5000pt;
   
7. mso-font-kerning:1.0000pt;"></span></p><p class="MsoNormal"><span style="mso-spacerun:'yes';font-family:宋体;mso-ascii-font-family:Calibri;
   
8. mso-hansi-font-family:Calibri;mso-bidi-font-family:'Times New Roman';font-size:10.5000pt;
   
9. mso-font-kerning:1.0000pt;">    <font face="Calibri">import xx_module # </font><font face="宋体">引入模块全部在函数内容写</font></span><span style="mso-spacerun:'yes';font-family:宋体;mso-ascii-font-family:Calibri;
   
10. mso-hansi-font-family:Calibri;mso-bidi-font-family:'Times New Roman';font-size:10.5000pt;
    
11. mso-font-kerning:1.0000pt;"></span></p><p class="MsoNormal"><span style="mso-spacerun:'yes';font-family:宋体;mso-ascii-font-family:Calibri;
    
12. mso-hansi-font-family:Calibri;mso-bidi-font-family:'Times New Roman';font-size:10.5000pt;
    
13. mso-font-kerning:1.0000pt;">    <font face="Calibri"># ... </font></span><span style="mso-spacerun:'yes';font-family:宋体;mso-ascii-font-family:Calibri;
    
14. mso-hansi-font-family:Calibri;mso-bidi-font-family:'Times New Roman';font-size:10.5000pt;
    
15. mso-font-kerning:1.0000pt;"></span></p><p class="MsoNormal"><span style="mso-spacerun:'yes';font-family:宋体;mso-ascii-font-family:Calibri;
    
16. mso-hansi-font-family:Calibri;mso-bidi-font-family:'Times New Roman';font-size:10.5000pt;
    
17. mso-font-kerning:1.0000pt;">    <font face="Calibri"># ...</font><font face="宋体">是爆破</font><font face="Calibri">exp</font><font face="宋体">核心代码</font></span><span style="mso-spacerun:'yes';font-family:宋体;mso-ascii-font-family:Calibri;
    
18. mso-hansi-font-family:Calibri;mso-bidi-font-family:'Times New Roman';font-size:10.5000pt;
    
19. mso-font-kerning:1.0000pt;"></span></p><p class="MsoNormal"><span style="mso-spacerun:'yes';font-family:宋体;mso-ascii-font-family:Calibri;
    
20. mso-hansi-font-family:Calibri;mso-bidi-font-family:'Times New Roman';font-size:10.5000pt;
    
21. mso-font-kerning:1.0000pt;">    <font face="Calibri">logger.log("xxxxx") # </font><font face="宋体">代替</font><font face="Calibri">print</font></span><span style="mso-spacerun:'yes';font-family:宋体;mso-ascii-font-family:Calibri;
    
22. mso-hansi-font-family:Calibri;mso-bidi-font-family:'Times New Roman';font-size:10.5000pt;
    
23. mso-font-kerning:1.0000pt;"></span></p><p class="MsoNormal"><span style="mso-spacerun:'yes';font-family:宋体;mso-ascii-font-family:Calibri;
    
24. mso-hansi-font-family:Calibri;mso-bidi-font-family:'Times New Roman';font-size:10.5000pt;
    
25. mso-font-kerning:1.0000pt;">    <font face="Calibri">return True  # </font><font face="宋体">返回必须是</font><font face="Calibri">true/false</font></span></p>

复制代码

2、漏扫扫描

1. <p class="MsoNormal"><span style="mso-spacerun:'yes';font-family:宋体;mso-ascii-font-family:Calibri;
   
2. mso-hansi-font-family:Calibri;mso-bidi-font-family:'Times New Roman';font-size:10.5000pt;
   
3. mso-font-kerning:1.0000pt;"></span></p><p class="MsoNormal"><span style="mso-spacerun:'yes';font-family:宋体;mso-ascii-font-family:Calibri;
   
4. mso-hansi-font-family:Calibri;mso-bidi-font-family:'Times New Roman';font-size:10.5000pt;
   
5. mso-font-kerning:1.0000pt;"><font face="Calibri">def brute_scan_function_name(ipaddress, port, logger):  </font></span><span style="mso-spacerun:'yes';font-family:宋体;mso-ascii-font-family:Calibri;
   
6. mso-hansi-font-family:Calibri;mso-bidi-font-family:'Times New Roman';font-size:10.5000pt;
   
7. mso-font-kerning:1.0000pt;"></span></p><p class="MsoNormal"><span style="mso-spacerun:'yes';font-family:宋体;mso-ascii-font-family:Calibri;
   
8. mso-hansi-font-family:Calibri;mso-bidi-font-family:'Times New Roman';font-size:10.5000pt;
   
9. mso-font-kerning:1.0000pt;">    <font face="Calibri">import xx_module # </font><font face="宋体">引入模块全部在函数内容写</font></span><span style="mso-spacerun:'yes';font-family:宋体;mso-ascii-font-family:Calibri;
   
10. mso-hansi-font-family:Calibri;mso-bidi-font-family:'Times New Roman';font-size:10.5000pt;
    
11. mso-font-kerning:1.0000pt;"></span></p><p class="MsoNormal"><span style="mso-spacerun:'yes';font-family:宋体;mso-ascii-font-family:Calibri;
    
12. mso-hansi-font-family:Calibri;mso-bidi-font-family:'Times New Roman';font-size:10.5000pt;
    
13. mso-font-kerning:1.0000pt;">    <font face="Calibri"># ... </font></span><span style="mso-spacerun:'yes';font-family:宋体;mso-ascii-font-family:Calibri;
    
14. mso-hansi-font-family:Calibri;mso-bidi-font-family:'Times New Roman';font-size:10.5000pt;
    
15. mso-font-kerning:1.0000pt;"></span></p><p class="MsoNormal"><span style="mso-spacerun:'yes';font-family:宋体;mso-ascii-font-family:Calibri;
    
16. mso-hansi-font-family:Calibri;mso-bidi-font-family:'Times New Roman';font-size:10.5000pt;
    
17. mso-font-kerning:1.0000pt;">    <font face="Calibri"># ...</font><font face="宋体">是漏扫</font><font face="Calibri">exp</font><font face="宋体">核心代码</font></span><span style="mso-spacerun:'yes';font-family:宋体;mso-ascii-font-family:Calibri;
    
18. mso-hansi-font-family:Calibri;mso-bidi-font-family:'Times New Roman';font-size:10.5000pt;
    
19. mso-font-kerning:1.0000pt;"></span></p><p class="MsoNormal"><span style="mso-spacerun:'yes';font-family:宋体;mso-ascii-font-family:Calibri;
    
20. mso-hansi-font-family:Calibri;mso-bidi-font-family:'Times New Roman';font-size:10.5000pt;
    
21. mso-font-kerning:1.0000pt;">    <font face="Calibri">logger.log("xxxxx") # </font><font face="宋体">代替</font><font face="Calibri">print</font></span><span style="mso-spacerun:'yes';font-family:宋体;mso-ascii-font-family:Calibri;
    
22. mso-hansi-font-family:Calibri;mso-bidi-font-family:'Times New Roman';font-size:10.5000pt;
    
23. mso-font-kerning:1.0000pt;"></span></p><p class="MsoNormal"><span style="mso-spacerun:'yes';font-family:宋体;mso-ascii-font-family:Calibri;
    
24. mso-hansi-font-family:Calibri;mso-bidi-font-family:'Times New Roman';font-size:10.5000pt;
    
25. mso-font-kerning:1.0000pt;">    <font face="Calibri">return True  # </font><font face="宋体">返回必须是</font><font face="Calibri">true/false</font></span></p>

复制代码

四、安装方式

python版本：3.8.x 或 3.9.x

django版本：4.0.1

nmap：需要

masscan：需要

mysql

前端：基于simple-ui

支持操作系统：MacOS Monterey 12.3 / Ubuntu 18.04 LTS

1. <p class="MsoNormal"><span style="mso-spacerun:'yes';font-family:宋体;mso-ascii-font-family:Calibri;
   
2. mso-hansi-font-family:Calibri;mso-bidi-font-family:'Times New Roman';font-size:10.5000pt;
   
3. mso-font-kerning:1.0000pt;"><font face="Calibri"></font></span><span style="mso-spacerun:'yes';font-family:宋体;mso-ascii-font-family:Calibri;
   
4. mso-hansi-font-family:Calibri;mso-bidi-font-family:'Times New Roman';font-size:10.5000pt;
   
5. mso-font-kerning:1.0000pt;"></span></p><p class="MsoNormal"><span style="mso-spacerun:'yes';font-family:宋体;mso-ascii-font-family:Calibri;
   
6. mso-hansi-font-family:Calibri;mso-bidi-font-family:'Times New Roman';font-size:10.5000pt;
   
7. mso-font-kerning:1.0000pt;"><font face="Calibri">sudo python3 -m pip install -r requirments.txt</font></span><span style="mso-spacerun:'yes';font-family:宋体;mso-ascii-font-family:Calibri;
   
8. mso-hansi-font-family:Calibri;mso-bidi-font-family:'Times New Roman';font-size:10.5000pt;
   
9. mso-font-kerning:1.0000pt;"></span></p><p class="MsoNormal"><span style="mso-spacerun:'yes';font-family:宋体;mso-ascii-font-family:Calibri;
   
10. mso-hansi-font-family:Calibri;mso-bidi-font-family:'Times New Roman';font-size:10.5000pt;
    
11. mso-font-kerning:1.0000pt;"><font face="Calibri">sudo python3 manage.py migrate</font></span><span style="mso-spacerun:'yes';font-family:宋体;mso-ascii-font-family:Calibri;
    
12. mso-hansi-font-family:Calibri;mso-bidi-font-family:'Times New Roman';font-size:10.5000pt;
    
13. mso-font-kerning:1.0000pt;"></span></p><p class="MsoNormal"><span style="mso-spacerun:'yes';font-family:宋体;mso-ascii-font-family:Calibri;
    
14. mso-hansi-font-family:Calibri;mso-bidi-font-family:'Times New Roman';font-size:10.5000pt;
    
15. mso-font-kerning:1.0000pt;"><font face="Calibri">sudo python3 manage.py createsuperuser</font></span><span style="mso-spacerun:'yes';font-family:宋体;mso-ascii-font-family:Calibri;
    
16. mso-hansi-font-family:Calibri;mso-bidi-font-family:'Times New Roman';font-size:10.5000pt;
    
17. mso-font-kerning:1.0000pt;"></span></p><p class="MsoNormal"><span style="mso-spacerun:'yes';font-family:宋体;mso-ascii-font-family:Calibri;
    
18. mso-hansi-font-family:Calibri;mso-bidi-font-family:'Times New Roman';font-size:10.5000pt;
    
19. mso-font-kerning:1.0000pt;"><font face="Calibri">sudo python3 manage.py runserver</font></span></p>

复制代码

五、下载地址

1、https://github.com/b0bac/ApolloScanner

2、关注公众号：逆向有你，回复20220323