diff --git a/cmd/webscan.go b/cmd/webscan.go index d31e77d..338024f 100644 --- a/cmd/webscan.go +++ b/cmd/webscan.go @@ -107,6 +107,8 @@ func webScanCmdInit() { webScanCmd.Flags().StringSliceVar(&Poc, "poc", nil, "specify the nuclei poc to run, separated by ','(example: test.yml,./test/*).\r\n自定义的nuclei 漏洞模板地址") webScanCmd.Flags().StringVarP(&craw, "craw", "c", "k", "Select crawler:c or k or kh. (c:Crawlergo, k:Katana Standard Mode(default), kh:(Katana Headless Mode))\r\n选择哪一个爬虫,c:Crawlergo, k:Katana 标准模式(default),kh: Katana无头模式") + webScanCmd.Flags().BoolVar(&conf.GlobalConfig.NoPortScan, "nps", false, "No port scanning(false).\r\n不进行端口扫描就不会检测 nmap、masscan 是否存在,默认 false") + // 被动监听,收集流量 Security Copilot mode webScanCmd.Flags().StringVar(&conf.GlobalConfig.Passive.ProxyPort, "listen", "", "use proxy resource collector, value is proxy addr, (example: 127.0.0.1:9080).\r\n被动模式监听的代理地址,默认 127.0.0.1:9080") webScanCmd.Flags().StringVar(&conf.GlobalConfig.Passive.WebPort, "web", "9088", "Security Copilot web report port, (example: 9088)].\r\nweb页面端口,默认9088") diff --git a/conf/envCheck.go b/conf/envCheck.go index e7dae9a..45c931c 100644 --- a/conf/envCheck.go +++ b/conf/envCheck.go @@ -16,18 +16,21 @@ import ( var ChromePath string func Preparations() { - // 检查 nmap 是否已安装 - nmapInstalled := commandExists("nmap") - if !nmapInstalled { - fmt.Println("nmap does not follow, please install") - os.Exit(1) - } - - // 检查 masscan 是否已安装 - masscanInstalled := commandExists("masscan") - if !masscanInstalled { - fmt.Println("masscan does not follow, please install") - os.Exit(1) + if GlobalConfig.NoPortScan { // 不进行端口扫描时,不检查这些 + Plugin["portScan"] = false + // 检查 nmap 是否已安装 + nmapInstalled := commandExists("nmap") + if !nmapInstalled { + fmt.Println("nmap not found, please install") + os.Exit(1) + } + + // 检查 masscan 是否已安装 + masscanInstalled := commandExists("masscan") + if !masscanInstalled { + fmt.Println("masscan not found, please install") + os.Exit(1) + } } if GlobalConfig.WebScan.Craw == "c" { diff --git a/conf/type.go b/conf/type.go index 9f7cad7..7d9c04e 100644 --- a/conf/type.go +++ b/conf/type.go @@ -13,6 +13,7 @@ type Config struct { Http Http `json:"http"` Plugins Plugins `json:"plugins"` WebScan WebScan `json:"webScan"` + NoPortScan bool `json:"no_port_scan"` Reverse Reverse `json:"reverse"` SqlmapApi Sqlmap `json:"sqlmapApi"` Mitmproxy Mitmproxy `json:"mitmproxy"` diff --git a/go.mod b/go.mod index 6c3712e..6653464 100644 --- a/go.mod +++ b/go.mod @@ -337,7 +337,7 @@ require ( github.com/spf13/pflag v1.0.5 // indirect github.com/subosito/gotenv v1.6.0 // indirect github.com/syndtr/goleveldb v1.0.0 // indirect - github.com/tetratelabs/wazero v1.7.0 // indirect + github.com/tetratelabs/wazero v1.7.1 // indirect github.com/tidwall/btree v1.7.0 // indirect github.com/tidwall/buntdb v1.3.0 // indirect github.com/tidwall/gjson v1.17.1 // indirect diff --git a/go.sum b/go.sum index ed5196e..77aa0c4 100644 --- a/go.sum +++ b/go.sum @@ -1205,6 +1205,8 @@ github.com/tebeka/strftime v0.1.3 h1:5HQXOqWKYRFfNyBMNVc9z5+QzuBtIXy03psIhtdJYto github.com/tebeka/strftime v0.1.3/go.mod h1:7wJm3dZlpr4l/oVK0t1HYIc4rMzQ2XJlOMIUJUJH6XQ= github.com/tetratelabs/wazero v1.7.0 h1:jg5qPydno59wqjpGrHph81lbtHzTrWzwwtD4cD88+hQ= github.com/tetratelabs/wazero v1.7.0/go.mod h1:ytl6Zuh20R/eROuyDaGPkp82O9C/DJfXAwJfQ3X6/7Y= +github.com/tetratelabs/wazero v1.7.1 h1:QtSfd6KLc41DIMpDYlJdoMc6k7QTN246DM2+n2Y/Dx8= +github.com/tetratelabs/wazero v1.7.1/go.mod h1:ytl6Zuh20R/eROuyDaGPkp82O9C/DJfXAwJfQ3X6/7Y= github.com/thoas/go-funk v0.9.3 h1:7+nAEx3kn5ZJcnDm2Bh23N2yOtweO14bi//dvRtgLpw= github.com/thoas/go-funk v0.9.3/go.mod h1:+IWnUfUmFO1+WVYQWQtIJHeRRdaIyyYglZN7xzUPe4Q= github.com/tidwall/assert v0.1.0 h1:aWcKyRBUAdLoVebxo95N7+YZVTFF/ASTr7BN4sLP6XI= diff --git a/pkg/mode/active.go b/pkg/mode/active.go index e9d4f5e..1cab191 100644 --- a/pkg/mode/active.go +++ b/pkg/mode/active.go @@ -70,7 +70,7 @@ func Active(target string, fingerprint []string) ([]string, []string) { } t := &task.Task{ - Parallelism: conf.Parallelism + 1, + Parallelism: conf.Parallelism, ScanTask: make(map[string]*task.ScanTask), }