#Python开发相关知识点: 1.开发基础环境配置说明 Windows10+Pycharm 2.Python开发学习的意义 学习相关安全工具原理 掌握自定义工具及拓展开发 解决实战中无工具或手工麻烦批量化等情况 在二次开发Bypass,日常任务,批量测试利用等方面均有帮助 如:SRC批量收集并利用,AWD批量利用获取FLAG,CTF加解密脚本等
ip查询
import socket ip = socket.gethostbyname("www.lvxinjie.cn") print(ip)
whois 查询
from whois import whois data = whois.whois("www.lvxinjie.cn") print(data)
CDN判断
服务器: dns.google Address: 8.8.8.8 名称: www.lvxinjie.cn Address: 120.25.205.228
import os url = os.popen("nslookup www.lvxinjie.cn").read() # 数点 大于九个点就有cdn cnd_data = url.count('.') print(cnd_data) if cnd_data > 9: print("The url has cdn") else: print("The url not cdn")
子域名查询
# 利用字典记载爆破进行查询 def zym_list_check(url): url=url.replace("www.","") for zym_list in open("dic.txt"): zym_list=zym_list.replace("\n","") zym_list_url=zym_list+"."+url try: ip=socket.gethostbyname(zym_list_url) print(zym_list_url+"->"+ip) time.sleep(0.1) except Exception as e: print(zym_list_url+"->"+"error") time.sleep(0.1)
端口扫描
def port_check(url): ip = socket.gethostbyname(url) ports={'21','22','135','443','445','80','1433','3306',"3389",'1521','8000','7002','7001','8080',"9090",'8089',"4848} server = socket.socket(socket.AF_INET,socket.SOCK_STREAM) for port in ports: try: data=server.connect_ex((ip, port)) if data==0: print(ip+":"+str(port)+"|open") else: print(ip+":"+str(port)+"|close") pass except Exception as err: print("error")
判断操作系统
import platform def UsePlatform(): sysstr = platform.system() if(sysstr =="Windows"): print ("Call Windows tasks") elif(sysstr == "Linux"): print ("Call Linux tasks") else: print ("Other System tasks") UsePlatform()
nmap模块 内网主机探测
import nmap def nmapscan(): nm = nmap.PortScanner() try: data=nm.scan(hosts='192.168.18.0/24', arguments='-T4 -F') print(nm.all_hosts()) print(nm.csv()) print(data) except Exception as err: print("error") if __name__ == '__main__': nmapscan()
