jsinfo-scan改版

jsinfo-scan简单改版，增加了swagger、druid目录扫描和手机号、身份证号敏感信息匹配

#匹配敏感信息

'Swagger UI': r'((swagger-ui.html)|("swagger":)|(Swagger UI)|(swaggerUi))',

'Druid': r'((Druid Stat Index)|(druid monitor))',

'Spring Boot': r'((local.server.port)|(:{"mappings":{")|({"_links":{"self":))',

'IDCard': '^0-9[^0-9]',

'Phone': '^0-9A-Za-z[^0-9A-Za-z]'

#敏感目录

vul_path = r"""

    druid/index.html
    
    system/index.html
    
    webpage/system/druid/index.html
    
    api
    
    swagger-ui.html
    
    swagger/ui/index
    
    api/swagger-ui.html
    
    swagger/index.html
    
    env
    
    trace
    
    actuator
    
    api/env
    
    api/trace
    
    actuator/env
    
    actuator/trace
    
    monitor/env
    
    gateway/actuator/env
    
    """

参考：https://github.com/p1g3/JSINFO-SCAN

Name		Name	Last commit message	Last commit date
Latest commit History 8 Commits
README.md		README.md
jsinfo.py		jsinfo.py

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

jsinfo-scan改版

About

Releases

Packages

Languages

sectest2024/jsinfo-scan

Folders and files

Latest commit

History

Repository files navigation

jsinfo-scan改版

About

Resources

Stars

Watchers

Forks

Releases

Packages 0

Languages

Packages