WAF攻防-信息收集&识别&被动探针&代理池&仿指纹&白名单

2024-07-18 15:36:25 浏览数 (2)

信息收集常见检测:

1、脚本或工具速度流量快 2、脚本或工具的指纹被识别 3、脚本或工具的检测Payload

信息收集常见方法:

1、延迟:解决请求过快封IP的情况 2、代理池:在确保速度的情况下解决请求过快封IP的拦截 3、白名单:模拟白名单模拟WAF授权测试,解决速度及测试拦截 4、模拟用户:模拟真实用户数据包请求探针,解决WAF指纹识别

信息收集-被动扫描-黑暗引擎&三方接口

黑暗引擎:Fofa Quake Shodan zoomeye 0.zone等 其他接口:https://forum.ywhack.com/bountytips.php?getinfo

#信息收集-目录扫描-Python代理加载脚本

代码语言:javascript复制
import requests
import time

headers={
    'Connection': 'keep-alive',
    'Cache-Control': 'max-age=0',
    'Upgrade-Insecure-Requests': '1',
    'User-Agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36',
    'Sec-Fetch-Dest': 'document',
    'Accept': 'text/html,application/xhtml xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9',
    'Sec-Fetch-Site': 'none',
    'Sec-Fetch-Mode': 'navigate',
    'Sec-Fetch-User': '?1',
    'Accept-Encoding': 'gzip, deflate, br',
    'Accept-Language': 'zh-CN,zh;q=0.9,en-US;q=0.8,en;q=0.7',
   'Cookie': 'bdshare_firstime=1581597934650; PHPSESSID=ncsajdvh39qse0qlsgqokshuc4; yx_auth=dc4fq8FAEkyiAUZ54b5zl9GGStCxXoRb1TFaAaozygMiSc5uZYHjR3gCQm+tKNz3bcjbTi8BRgcd/7LvR0lHN1j319CI6x29Z2QDI38',
}

for paths in open('php_b.txt',encoding='utf-8'):
    url='http://www.testxiaodi.fun/'
    paths=paths.replace('n','')
    urls=url paths
    proxy = {
        'http': 'tps686.kdlapi.com:15818',
    }
    try:
        code=requests.get(urls,headers=headers,proxies=proxy).status_code
        #req=requests.get(urls, headers=headers, proxies=proxy)
        #print(urls)
        #print(req.text)
        #time.sleep()
        print(urls '|' str(code))
        if code==200 or code==403:
            print(urls '|' str(code))
    except Exception as err:
        print('connecting error')
        time.sleep(3)

信息收集-工具扫描-Awvs&Xray&Goby内置

Awvs-设置速度&加入代理 Xray-配置修改&进程转发 Proxifier Goby-配置加入Socket代理

0 人点赞