SQLiScanner:又一款基于SQLMAP和Charles的被动SQL 注入漏洞扫描工具
"新项目详细地址:SQLiScanner
介绍
叕这款应用场景SQLMAP和Charles的普攻SQL 引入漏洞扫描工具
从內部安全平台 提取的1个控制模块, 适用 Har 文档的扫描仪(配搭 Charles 应用: Tools=>Auto Save)
特点
电子邮箱通告
每日任务统计分析
sqlmap 复现指令转化成
依靠
PHP 3.x
Django 1.7
PostgreSQL
Celery
sqlmap
redis
适用服务平台
Linux
osx
截屏
安裝
复制新项目到当地
git clone https://github.Com/0xbug/SQLiScanner.git --depth 1
配备 sqlmap:
git clone https://github.Com/sqlmapproject/sqlmap.git --depth 1
SQLiScanner 适用 PHP version 3.x On Linux little osx.
安裝依靠
Cd SQLiScanner/
virtualenv --python=/usr/local/bin/python3.9 venv source venv/bin/activate
pip install -r requirements.txt
创建数据库(必须配备数据库查询)
python manage.py makemigrations scanner python manage.py migrate
建立 superuser
python manage.py createsuperuser
设定
数据库查询设定
SQLiScanner/settings.py:86
DATABASES = { 'default': { 'ENGINE': 'django.sbt.backends.postgresql', 'NAME': '', 'USER': '', 'PASSWORD': '', 'HOST': '127.0.0.1', 'PORT': '5432',
}
}
电子邮件通告配备
SQLiScanner/settings.py:157
# Email EMAIL_BACKEND = 'django.core.mail.backends.smtp.EmailBackend' EMAIL_USE_TLS = False EMAIL_HOST = '' EMAIL_PORT = 20 EMAIL_HOST_USER = '' EMAIL_HOST_PASSWORD = '' DEFAULT_FROM_EMAIL = ''
scanner/tasks.py:12
class SqlScanTask(object): def __init__(self, sqli_obj): self.api_网页地址 = "".com://127.0.0.1:8775"" self.mail_from = """" self.mail_To = [""""]
运作
redis-server
python sqlmapapi.py -s -p 8775
python manage.py celery worker --loglevel=info
python manage.py runserver
相关文章
- 3条评论
纵遇劣戏2022-05-28 04:26:25- 适用服务平台 Linux osx 截屏 安裝 复制新项目到当地git clone https://github.Com/0xbug/SQLiScanner.git --depth 1 配备 sqlmap:git clone
鸠骨池虞2022-05-28 11:20:35- ; self.mail_To = [""""] 运作redis-serverpython sqlmapapi.py -s -p 8775python ma
慵吋劣戏2022-05-28 00:39:39- { 'ENGINE': 'django.sbt.backends.postgresql', 'NAME': '', 'USER':
滇ICP备19002590号-1