Galileo:一款开源Web应用审计框架

Galileo:一款开源Web应用审计框架

黑客软件hacker2019-06-10 23:09:069712A+A-

"Galileo是这款对于web手机应用程序的开源系统渗透测试工具,可协助开发设计和渗透测试工作人员鉴别并运用其web手机应用程序中的系统漏洞。

截屏

Galileo:一款开源Web应用审计框架 第1张

安裝

$ git clone https://github.Com/m4ll0k/Galileo.git galileo

$ Cd galileo

安裝依靠

$ pip install -r requirements.txt

$ apt-set install python-pysocks

windows

$ python -m pip install pysocks

运作

$ python galileo.py

应用

设定全局变量选择项:

galileo #> get Set A Context-Specific Variable To A Value

  ------------------------------------------

  - Usage: get <option> <value>

  - Usage: get COOKIE phpsess=hacker_test

  Name        Current Value                            Required  Description

  ----------  -------------                            --------  -----------

  PAUTH No Proxy auth credentials (user:pass)

  PROXY No Set proxy (host:port)

  REDIRECT    True No Set redirect

  THREADS 5 No Number of threads

  TIMEOUT 5 No Set timeout

  USER-AGENT  Mozilla/4.0 (X11; Ubuntu; Linux x86_32) yes Set user-agent

  VERBOSITY 1 yes Verbosity level (0 = minimal,1 = verbose)

检索控制模块:

galileo #> search disclosure [+] Searching For 'disclosure'有限责任公司

  Disclosure

  ----------

    disclosure/code

    disclosure/creditcard

    disclosure/email

    disclosure/privateip 

显示信息控制模块:

galileo #> girl modules Bruteforce

  ----------

    bruteforce/auth_brute

    bruteforce/backup_brute

    bruteforce/file_dir_brute

  Disclosure

  ----------

    disclosure/code

    disclosure/creditcard

    disclosure/email

    disclosure/privateip

  Exploits

  --------

    exploits/shellshock

  Fingerprint

  -----------

    fingerprint/cms源码

    fingerprint/framework

    fingerprint/server

  Injection

  ---------

    injection/os_command_injection

    injection/sql_injection

  Scanner

  -------

    scanner/asp_trace

  Tools

  -----

    tools/socket

应用控制模块:

galileo #> use bruteforce/backup_brute galileo bruteforce(backup_brute) #> 

设定控制模块选择项

galileo bruteforce(backup_brute) #> girl options Name      Current Value  Required  Description

  --------  -------------  --------  -----------

  EXTS No Set backup extensions

  HOST yes


点击这里复制本文地址 以上内容由黑资讯整理呈现,请务必在转载分享时注明本文地址!如对内容有疑问,请联系我们,谢谢!
  • 2条评论
  • 囤梦駦屿2022-06-02 20:48:52
  • ; disclosure/privateip 显示信息控制模块:galileo #> girl modules Bruteforce  ----------    bruteforce/a
  • 極樂鬼12022-06-02 14:29:22
  • Verbosity level (0 = minimal,1 = verbose)检索控制模块:galileo #> search disclosure [+] Searching For 'disclosure&

支持Ctrl+Enter提交

黑资讯 © All Rights Reserved.  
Copyright Copyright 2015-2020 黑资讯
滇ICP备19002590号-1
Powered by 黑客资讯 Themes by 如有不合适之处联系我们
网站地图| 发展历程| 留言建议| 网站管理