├── custom.json ├── README.md └── apps.json /custom.json: -------------------------------------------------------------------------------- 1 | { 2 | "apps": { 3 | "天融信防火墙": { 4 | "cats": [ 5 | 37, 1005 6 | ], 7 | "cert": "^TOPSEC PRODUCTS$", 8 | "layer": 1, 9 | "icon": "topsec.ico", 10 | "website": "https://www.topsec.com.cn/" 11 | } 12 | } 13 | } -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # GWAF 2 | 3 | > 一个使用 Go 语言开发的 Web 应用指纹识别引擎。本引擎基于 Chromium 浏览器来收集 Web 应用信息,然后分别从 `响应头`、`响应页面`、`JS 变量`、`JS 文件`, `收藏图标`、`SSL 证书`、`robots.txt` 等维度来进行 Web 应用的指纹识别。 4 | 5 | **运行环境** 6 | 7 | - 操作系统:Windows X64 / Linux X86_64 / Mac OSX amd64 8 | - 浏览器: Chromium(首次运行时程序会自动下载,请耐心等待) 9 | 10 | # 目录结构 11 | 12 | ``` 13 | <目录> 14 | |-- gwaf__ # 主程序 15 | |-- apps.json # 主指纹库文件 16 | |-- custom.json # 自定义规则库文件 17 | ``` 18 | 19 | **提示**: 本引擎的指纹库与 [Wappalyzer <= 6.2.3](https://github.com/AliasIO/wappalyzer/blob/v6.2.3/src/apps.json) 版本完全兼容,可直接下载覆盖本引擎的 `apps.json` 主指纹库文件。 20 | 21 | # 用法 22 | 23 | ## 参数说明 24 | 25 | ``` 26 | usage: gwaf [] 27 | 28 | Flags: 29 | -h, --help 显示帮助信息 30 | -m, --mode="blink" 工作模式: blink 或 request,默认为 blink 31 | -u, --url="" 目标 URL 32 | -f, --file="" 目标 URL 列表文件路径 33 | -o, --out="" 结果输出文件路径 34 | -t, --thread=10 并发线程数量 35 | -v, --verbose 指示在结果中包含原始响应头和响应体 36 | -r, --rule="" 指纹库文件路径 37 | -c, --custom-rule="" 自定义指纹库文件路径 38 | --include 指纹包含过滤器(指定后将不处理条件外的指纹),示例: cats:5,52,17 39 | --ignore 指纹忽略过滤器(指定后将不处理符合条件的指纹),示例:cats:17,21,32 40 | -T, --timeout=10 每个 URL 请求的 超时时间 41 | -s, --sleep=10 识别两条指纹之间的等待时间 42 | -S, --snapshot 捕获目标 URL 首页页面快照 43 | -d, --debug=0 日志级别: 0-NONE, 1-FATAL, 2-ERROR, 3-WARN, 4-INFO, 5-DEBUG, 6-TRACE 44 | -F, --fast 快速模式。该模式下原始响应和 JS 变量将不会处理 45 | -R, --render=10 页面渲染等待时间 46 | --cols=2000 处理 HTML 页面每行的字符数 47 | --rows=3000 处理 HTML 页面的总行数 48 | --proxy 通过 HTTP 代理服务器访问目标URL,示例:127.0.0.1:8080 49 | -V, --version 显示程序版本 50 | ``` 51 | 52 | **超时时间说明:** 一次指纹识别的最大总超时时间大约为 `-T/--timeout` 值的 1.5 ~ 2 倍。 53 | 54 | ## 命令示例 55 | 56 | ``` 57 | # 单 URL 检测 58 | ./gwaf -u https://www.example.com/ 59 | 60 | # URL 列表文件批量检测 61 | ./gwaf -r apps.json -f urls.txt 62 | 63 | # 快速检测(忽略原始响应体和JS变量检测) 64 | ./gwaf -u https://www.example.com/ -F 65 | 66 | # 使用额外的自定义规则检测 67 | ./gwaf -c custom.json -u https://www.example.com/ 68 | ``` 69 | 70 | ## 结果示例 71 | 72 | 错误: 73 | 74 | ```json 75 | [ 76 | { 77 | "url": "https://ssdfjsdfjdsfsdfsf.c", 78 | "error": "navigation failed: net::ERR_CONNECTION_FAILED", 79 | "status": 0, 80 | "time": 0 81 | } 82 | ] 83 | ``` 84 | 85 | 有结果: 86 | ```json 87 | [ 88 | { 89 | "url": "https://www.example.com/", 90 | "title": "https://www.example.com", 91 | "headers": { 92 | "Host": "www.example.com" 93 | }, 94 | "certificate": { 95 | "cn": "*.example.com", 96 | "issuer": "RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1", 97 | "san": "*.example.com,example.com", 98 | "from": "2021-01-15 08:00:00 +0800 CST", 99 | "to": "2099-01-16 07:59:59 +0800 CST" 100 | }, 101 | "iconHash": "460fda76b73a833c48ad519778abf7f7", 102 | "icon": "https://nwzimg.wezhan.cn/favicon.png", 103 | "applications": [ 104 | { 105 | "categories": [ 106 | { 107 | "id": "22", 108 | "name": "Web Servers" 109 | } 110 | ], 111 | "description": "Tengine是由淘宝网发起的Web服务器项目。它在Nginx的基础上,针对大访问量网站的需求,添加了很多高级 功能和特性。", 112 | "website": "http://tengine.taobao.org/", 113 | "layer": 3, 114 | "layer_name": "服务层", 115 | "name": "Tengine", 116 | "confidence": "50", 117 | "version": "" 118 | } 119 | ], 120 | "rawHeaders": "", 121 | "html": "", 122 | "cookie": { 123 | "KEY": "VALUE" 124 | }, 125 | "status": 200, 126 | "time": 4, 127 | "login": 1, // 标识目标为登录页面 128 | "captcha": 1 // 标记目标存在图形验证码 129 | } 130 | ] 131 | ``` 132 | 133 | # 规则库说明 134 | 135 | 规则库编写方法请参阅 [https://fp.shuziguanxing.com/#/fingerplatinfo](https://fp.shuziguanxing.com/#/fingerplatinfo) 136 | 137 | ## 默认规则库示例 138 | 139 | [apps.json](apps.json) 140 | 141 | ## 自定义规则库示例 142 | 143 | [custom.json](custom.json) 144 | -------------------------------------------------------------------------------- /apps.json: -------------------------------------------------------------------------------- 1 | { 2 | "apps": { 3 | "IIS": { 4 | "cats": [ 5 | 22 6 | ], 7 | "description": "Internet 信息服务(IIS)是 Microsoft 创建的可扩展的 Web 服务器软件,用于 Windows NT 家族。", 8 | "headers": { 9 | "Server": "^(?:Microsoft-)?IIS(?:/([\\d.]+))?\\;version:\\1" 10 | }, 11 | "icon": "IIS.png", 12 | "implies": [ 13 | "Windows Server", 14 | "Windows" 15 | ], 16 | "layer": 3, 17 | "website": "http://www.iis.net/" 18 | }, 19 | "Apache": { 20 | "cats": [ 21 | 22 22 | ], 23 | "description": "Apache 是​​免费的开源跨平台Web 服务器软件。", 24 | "headers": { 25 | "Server": "(?:Apache(?:$|/([\\d.]+)|[^/-])|(?:^|\\b)HTTPD)\\;version:\\1" 26 | }, 27 | "icon": "Apache.svg", 28 | "layer": 3, 29 | "website": "http://apache.org" 30 | }, 31 | "Apache Tomcat": { 32 | "cats": [ 33 | 22 34 | ], 35 | "description": "Apache Tomcat是Java Servlet,JavaServer Pages,Java Expression Language和WebSocket技术的开源实现。", 36 | "headers": { 37 | "Server": "^Apache-Coyote", 38 | "X-Powered-By": "\\bTomcat\\b(?:-([\\d.]+))?\\;version:\\1" 39 | }, 40 | "html": [ 41 | "Apache Tomcat/?([\\d\\.]+)?\\;version:\\1", 42 | "href=\"tomcat.css" 43 | ], 44 | "icon": "Apache Tomcat.svg", 45 | "implies": "Java", 46 | "layer": 3, 47 | "website": "http://tomcat.apache.org" 48 | }, 49 | "Java": { 50 | "cats": [ 51 | 27 52 | ], 53 | "cookies": { 54 | "JSESSIONID": "" 55 | }, 56 | "description": "Java 是基于类的,面向对象的编程语言,旨在具有尽可能少的实现依赖性。", 57 | "icon": "Java.png", 58 | "layer": 2, 59 | "website": "http://java.com" 60 | }, 61 | "Windows": { 62 | "cats": [ 63 | 28 64 | ], 65 | "description": "Microsoft Windows 操作系统是美国微软公司研发的一套操作系统。", 66 | "icon": "Microsoft.png", 67 | "layer": 4, 68 | "website": "http://microsoft.com" 69 | }, 70 | "Windows Server": { 71 | "cats": [ 72 | 28 73 | ], 74 | "description": "Windows Server 是一组服务器操作系统的商标名称。", 75 | "headers": { 76 | "Server": "Win32|Win64" 77 | }, 78 | "icon": "WindowsServer.png", 79 | "layer": 4, 80 | "website": "http://microsoft.com/windowsserver" 81 | }, 82 | "ckeditor": { 83 | "cats": [ 84 | 24 85 | ], 86 | "description": "CKEditor 是一种 WYSIWYG 富文本编辑器,可直接在网页或在线应用程序内部编写内容。它的核心代码是用 JavaScript 编写的,由 CKSource 开发。CKEditor 可在开源和商业许可下使用。", 87 | "icon": "CKEditor.png", 88 | "js": { 89 | "CKEDITOR": "", 90 | "CKEDITOR.version": "^(.+)$\\;version:\\1", 91 | "CKEDITOR_BASEPATH": "" 92 | }, 93 | "layer": 1, 94 | "website": "http://ckeditor.com" 95 | }, 96 | "iCMS": { 97 | "cats": [ 98 | 1 99 | ], 100 | "description": "iCMS 是一套采用 PHP 和 MySQL 构建的高效简洁的内容管理系统,为您的网站提供一个完美的开源解决方案。", 101 | "layer": 1, 102 | "meta": { 103 | "description": "icms", 104 | "keywords": "icms" 105 | }, 106 | "implies": [ 107 | "PHP", 108 | "MySQL" 109 | ], 110 | "script": "iCMS.min.js", 111 | "website": "https://www.icmsdev.com/" 112 | }, 113 | "PHP": { 114 | "cats": [ 115 | 27 116 | ], 117 | "cookies": { 118 | "PHPSESSID": "" 119 | }, 120 | "description": "PHP是用于Web开发的通用脚本语言。", 121 | "headers": { 122 | "Server": "php/?([\\d.]+)?\\;version:\\1", 123 | "X-Powered-By": "^php/?([\\d.]+)?\\;version:\\1" 124 | }, 125 | "icon": "PHP.svg", 126 | "layer": 2, 127 | "url": "\\.php(?:$|\\?)", 128 | "website": "http://www.php.net" 129 | }, 130 | "MySQL": { 131 | "cats": [ 132 | 34 133 | ], 134 | "description": "MySQL 是一个开源关系数据库管理系统。", 135 | "icon": "MySQL.svg", 136 | "layer": 3, 137 | "website": "http://www.mysql.com/" 138 | } 139 | }, 140 | "categories": { 141 | "1": { 142 | "name": "内容管理(CMS)", 143 | "priority": 1 144 | }, 145 | "10": { 146 | "name": "分析统计", 147 | "priority": 9 148 | }, 149 | "11": { 150 | "name": "博客", 151 | "priority": 1 152 | }, 153 | "12": { 154 | "name": "JS 框架", 155 | "priority": 3 156 | }, 157 | "13": { 158 | "name": "问题跟踪", 159 | "priority": 2 160 | }, 161 | "14": { 162 | "name": "视频播放器", 163 | "priority": 9 164 | }, 165 | "15": { 166 | "name": "评论系统", 167 | "priority": 9 168 | }, 169 | "16": { 170 | "name": "图形验证码", 171 | "priority": 9 172 | }, 173 | "17": { 174 | "name": "字体脚本", 175 | "priority": 9 176 | }, 177 | "18": { 178 | "name": "Web 框架", 179 | "priority": 2 180 | }, 181 | "19": { 182 | "name": "其它", 183 | "priority": 9 184 | }, 185 | "2": { 186 | "name": "留言板", 187 | "priority": 1 188 | }, 189 | "20": { 190 | "name": "编辑器", 191 | "priority": 9 192 | }, 193 | "21": { 194 | "name": "学习管理系统", 195 | "priority": 1 196 | }, 197 | "22": { 198 | "name": "Web 服务器", 199 | "priority": 9 200 | }, 201 | "23": { 202 | "name": "缓存工具", 203 | "priority": 9 204 | }, 205 | "24": { 206 | "name": "富文本编辑器", 207 | "priority": 9 208 | }, 209 | "25": { 210 | "name": "JS 图形插件", 211 | "priority": 3 212 | }, 213 | "26": { 214 | "name": "移动框架", 215 | "priority": 3 216 | }, 217 | "27": { 218 | "name": "程序语言", 219 | "priority": 4 220 | }, 221 | "28": { 222 | "name": "操作系统", 223 | "priority": 5 224 | }, 225 | "29": { 226 | "name": "搜索引擎", 227 | "priority": 9 228 | }, 229 | "3": { 230 | "name": "数据库管理", 231 | "priority": 9 232 | }, 233 | "30": { 234 | "name": "Web 邮件", 235 | "priority": 9 236 | }, 237 | "31": { 238 | "name": "CDN", 239 | "priority": 9 240 | }, 241 | "32": { 242 | "name": "自动化营销", 243 | "priority": 9 244 | }, 245 | "33": { 246 | "name": "Web 服务器扩展", 247 | "priority": 9 248 | }, 249 | "34": { 250 | "name": "数据库", 251 | "priority": 9 252 | }, 253 | "35": { 254 | "name": "地图", 255 | "priority": 9 256 | }, 257 | "36": { 258 | "name": "广告网络", 259 | "priority": 9 260 | }, 261 | "37": { 262 | "name": "网络设备", 263 | "priority": 9 264 | }, 265 | "38": { 266 | "name": "媒体服务器", 267 | "priority": 1 268 | }, 269 | "39": { 270 | "name": "网络摄像头", 271 | "priority": 9 272 | }, 273 | "4": { 274 | "name": "文档工具", 275 | "priority": 9 276 | }, 277 | "40": { 278 | "name": "打印机", 279 | "priority": 9 280 | }, 281 | "41": { 282 | "name": "付款处理器", 283 | "priority": 9 284 | }, 285 | "42": { 286 | "name": "标签管理", 287 | "priority": 9 288 | }, 289 | "43": { 290 | "name": "付费", 291 | "priority": 9 292 | }, 293 | "44": { 294 | "name": "持续集成", 295 | "priority": 9 296 | }, 297 | "45": { 298 | "name": "控制系统", 299 | "priority": 9 300 | }, 301 | "46": { 302 | "name": "远程访问", 303 | "priority": 9 304 | }, 305 | "47": { 306 | "name": "开发工具", 307 | "priority": 9 308 | }, 309 | "48": { 310 | "name": "网络存储", 311 | "priority": 9 312 | }, 313 | "49": { 314 | "name": "订阅阅读器", 315 | "priority": 1 316 | }, 317 | "5": { 318 | "name": "窗口小部件", 319 | "priority": 9 320 | }, 321 | "50": { 322 | "name": "文档管理系统", 323 | "priority": 1 324 | }, 325 | "51": { 326 | "name": "引导页", 327 | "priority": 2 328 | }, 329 | "52": { 330 | "name": "在线聊天室", 331 | "priority": 9 332 | }, 333 | "53": { 334 | "name": "客户关系管理(CRM))", 335 | "priority": 9 336 | }, 337 | "54": { 338 | "name": "搜索引擎优化(SEO)", 339 | "priority": 9 340 | }, 341 | "55": { 342 | "name": "会计", 343 | "priority": 1 344 | }, 345 | "56": { 346 | "name": "挖矿程序", 347 | "priority": 8 348 | }, 349 | "57": { 350 | "name": "静态网站生成器", 351 | "priority": 1 352 | }, 353 | "58": { 354 | "name": "客服机器人", 355 | "priority": 8 356 | }, 357 | "59": { 358 | "name": "JS 库", 359 | "priority": 9 360 | }, 361 | "6": { 362 | "name": "电子商务", 363 | "priority": 1 364 | }, 365 | "60": { 366 | "name": "容器", 367 | "priority": 8 368 | }, 369 | "61": { 370 | "name": "SaaS", 371 | "priority": 8 372 | }, 373 | "62": { 374 | "name": "PaaS", 375 | "priority": 8 376 | }, 377 | "63": { 378 | "name": "IaaS", 379 | "priority": 8 380 | }, 381 | "64": { 382 | "name": "反向代码", 383 | "priority": 7 384 | }, 385 | "65": { 386 | "name": "负载均衡", 387 | "priority": 7 388 | }, 389 | "66": { 390 | "name": "UI 框架", 391 | "priority": 7 392 | }, 393 | "67": { 394 | "name": "Cookie 合规", 395 | "priority": 9 396 | }, 397 | "68": { 398 | "name": "无障碍", 399 | "priority": 9 400 | }, 401 | "69": { 402 | "name": "社交入口", 403 | "priority": 6 404 | }, 405 | "7": { 406 | "name": "电子相册", 407 | "priority": 1 408 | }, 409 | "70": { 410 | "name": "SSL/TLS 证书颁发机构", 411 | "priority": 9 412 | }, 413 | "71": { 414 | "name": "联盟销售", 415 | "priority": 9 416 | }, 417 | "72": { 418 | "name": "预约系统", 419 | "priority": 9 420 | }, 421 | "73": { 422 | "name": "问卷调查", 423 | "priority": 9 424 | }, 425 | "74": { 426 | "name": "A/B 测试", 427 | "priority": 9 428 | }, 429 | "75": { 430 | "name": "Email", 431 | "priority": 9 432 | }, 433 | "8": { 434 | "name": "知识库", 435 | "priority": 1 436 | }, 437 | "9": { 438 | "name": "主机控制板", 439 | "priority": 1 440 | } 441 | }, 442 | "layers": { 443 | "1": { 444 | "name": "应用" 445 | }, 446 | "2": { 447 | "name": "支持" 448 | }, 449 | "3": { 450 | "name": "服务" 451 | }, 452 | "4": { 453 | "name": "系统" 454 | }, 455 | "5": { 456 | "name": "硬件" 457 | } 458 | } 459 | } --------------------------------------------------------------------------------