├── README_CN.md └── README.md /README_CN.md: -------------------------------------------------------------------------------- 1 | # 穿山甲 2 | 3 |

4 | English • 5 | 中文 6 |

7 | 8 | 免责声明： 9 | 该分享工具仅供网络安全研究与教育用途，旨在提供给具备专业技能的白帽渗透测试人员进行合法的渗透测试和安全评估。非相关人员切勿随意使用或滥用。用户在使用本工具前，需明确知晓其行为的合法性和合规性。任何未经授权的网络渗透、入侵或对他人网络的破坏行为均违反法律规定，使用者应对自身行为负责。本工具开发者及分享者不对用户滥用或非法使用工具导致的任何后果承担责任。请务必遵循当地相关法律法规，在取得明确授权后，方可使用本工具进行渗透测试或安全研究。 10 | 11 | 12 | 13 | ![QQ_1731506924187](https://github.com/user-attachments/assets/c209ad35-4248-408f-ac45-92206bc9ee96) 14 | 15 | 16 | 17 | 该工具使用 Go 和 Fyne 开发,内置中英文两种语言,目前专注于基于近源内网渗透测试，仅编译安卓端(PC端、iOS后续看需适配编译),绿色安全无后门,程序未加壳可自行反编译检验(懒于部署，后续如果用的人多再开源)。 18 | 19 | 20 | 21 | ## 代理 22 | 支持HTTP、Socks5全局、局部代理(暂不支持凭据设置) 23 | 24 | |

| 25 | |:-----------------------------------------------------:|:-----------------------------------------------------:|:-----------------------------------------------------:| 26 | |

| 27 | 28 | 29 | 30 | 31 |

32 | 33 | ## 主机存活探测 34 | 主机存活探测使用Ping命令进行探测(避免设备需要root授权) 35 | ## 端口扫描 36 | Socks5代理 37 | 38 | 39 | 指纹识别 40 | 41 | 服务指纹【VNC、SSH、HTTP】 42 | 43 | 设备指纹【RM路由器、腾达路由器、TP-LinK路由器、Apple AirTunes】 44 | 45 | 框架指纹【beegoServer、Shiro】 46 | 47 | 漏洞识别【ms17-010】 48 | 49 | 漏洞扫描【右键发送Shiro】 50 | 51 | |

| 52 | |:-----------------------------------------------------:|:-----------------------------------------------------:|:-----------------------------------------------------:| 53 | |

| 54 | 55 | ## 路由器 56 | 路由器漏洞检测及利用 57 | 58 | 59 | 60 |

61 | 62 | ## fofa 63 | 支持HTTP、Socks5代理 64 | 65 | 支持Size和字段设置 66 | 67 | 支持表内多字段内容筛选 68 | 69 | 发送跳转【主机端口扫描、Shiro】 70 | 71 | 72 | 73 | 74 | |

| 75 | |:-----------------------------------------------------:|:-----------------------------------------------------:|:-----------------------------------------------------:| 76 | |

| 77 | |

| 78 | 79 | 80 |

81 | 82 | ## Shiro 83 | 支持HTTP、Socks5代理 84 | 85 | 批量Shiro检查 86 | 87 | 利用链【CommonsBeanutils1、OnlyCommonsBeanutils、CommonsCollectionsK1、CommonsCollections10、CommonsBeanutilsString】 88 | 89 | cmd命令执行、内存马写入【Godzilla[Fiter]、Behinder[Fiter]、AntSword[Fiter]】 90 | 91 | ![shiro](https://github.com/user-attachments/assets/e4801d91-cb18-415b-b95a-97bfb721166a) 92 | 93 | 94 | 95 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # Pangolin 2 | 3 | 4 |

5 | English • 6 | 中文 7 |

8 | 9 | Disclaimer: 10 | 11 | This tool is intended solely for network security research and educational purposes. It is designed to be used by skilled white-hat penetration testers for conducting legal penetration testing and security assessments. Unauthorized individuals should refrain from using or misusing this tool. Users must ensure the legality and compliance of their actions before using this tool. Any unauthorized network penetration, intrusion, or damage to others' networks is a violation of the law, and users are responsible for their actions. The developers and distributors of this tool do not bear any responsibility for any consequences arising from misuse or illegal use of the tool by users. Please adhere to local laws and regulations and obtain explicit authorization before using this tool for penetration testing or security research. 12 | 13 | ![QQ_1730792001346](https://github.com/user-attachments/assets/93482980-bff0-4b59-9f51-73b759c2d78e) 14 | 15 | 16 | 17 | 18 | The tool is developed using Go and Fyne, with built-in support for both Chinese and English languages. It currently focuses on proximity-based internal network penetration testing. At present, only the Android version is compiled (future versions for PC and iOS will be adapted and compiled as needed). It is clean and secure without any backdoors, and the program is not obfuscated, allowing for decompilation and inspection. 19 | 20 | ## Proxy 21 | Supports HTTP and SOCKS5 global and local proxies (credential configuration not supported at the moment). 22 | 23 | |

| 24 | |:-----------------------------------------------------:|:-----------------------------------------------------:|:-----------------------------------------------------:| 25 | |

| 26 | 27 | 28 | 29 |

30 | 31 | ## Host Alive Detection 32 | Host Alive Detection uses Ping command for probing (avoiding the need for root privileges on the device). 33 | 34 | ## Port Scanning 35 | Supports SOCKS5 proxy, fingerprint identification, and vulnerability scanning. 36 | 37 | |

| 38 | |:-----------------------------------------------------:|:-----------------------------------------------------:|:-----------------------------------------------------:| 39 | |

| 40 | 41 | ## Router 42 | Router vulnerability detection and exploitation 43 | 44 | 45 |

46 | 47 | ## fofa 48 | Supports HTTP and SOCKS5 proxies 49 | 50 | Supports size and field configuration 51 | 52 | Supports multi-field content filtering within tables 53 | 54 | Right-click menu to initiate host port scanning 55 | 56 | 57 | |

| 58 | |:-----------------------------------------------------:|:-----------------------------------------------------:|:-----------------------------------------------------:| 59 | |

| 60 | |

| 61 | 62 | 63 |

64 | 65 | ## Shiro 66 | Support HTTP, Socks5 proxy 67 | 68 | Batch Shiro checks 69 | 70 | Use chains【CommonsBeanutils1、OnlyCommonsBeanutils、CommonsCollectionsK1、CommonsCollections10、CommonsBeanutilsString】 71 | 72 | cmd command execution, memory horse write【Godzilla[Fiter]、Behinder[Fiter]、AntSword[Fiter]】 73 | 74 | 75 | ![QQ_1730793138946](https://github.com/user-attachments/assets/53335125-0915-4cc3-90d4-b0a6237d9e0a) 76 | 77 | 78 | 79 | 80 | --------------------------------------------------------------------------------