Releases
1.3.0
zema1
released this
27 Aug 09:42
Features:
改进高级版授权验证机制,旧版授权不再支持,需要联系管理员重新签发
改进普通爬虫实现逻辑,更加可靠和稳定
部分平台自动调整 rlimit 限制,避免因此导致的请求失败
baseline 插件新增检查项,需自行开启:
detect_china_bank_card
检查银行卡号泄露
detect_china_address
检测街道地址泄露
同步社区新增检测 POC,支持部分 HW 热门漏洞检测,需自行合并到配置文件或重新生成配置文件
poc-yaml-sangfor-edr-arbitrary-admin-login
poc-yaml-sangfor-edr-rce
poc-yaml-tongda-meeting-unauthorized-access
poc-yaml-citrix-cve-2020-8193-unauthorized
poc-yaml-bt742-pma-unauthorized-access
poc-yaml-apache-ofbiz-cve-2020-9496-xml-deserialization
poc-yaml-apacheofbiz-cve-2018-8033-xxe
poc-yaml-jenkins-unauthorized-access
poc-yaml-joomla-component-vreview-sql
poc-yaml-joomla-cve-2018-7314-sql
poc-yaml-jupyter-notebook-unauthorized-access
poc-yaml-nexusdb-cve-2020-24571-path-traversal
poc-yaml-openfire-cve-2019-18394-ssrf
poc-yaml-wordpress-cve-2019-19985-infoleak
Bugfixes:
修复 sql 注入部分网站扫不出的问题 #834
修复 shiro 自定义 aes_key 不生效的问题
修复 poc-yaml-thinkcmf-write-shell
未闭合导致的错误
修复 poc-yaml-draytek-cve-2020-8515
的误报
You can’t perform that action at this time.