重点系统指纹识别的工具

Related tags

Security blackJack
Overview

blackJack

blackJack是由Lumos框架的核心侦查功能独立出来的小工具

用于从大量的资产中进行Web指纹探测,提取有用的系统

Usage

help

λ blackJack.exe -h

██████╗ ██╗      █████╗  ██████╗██╗  ██╗     ██╗ █████╗  ██████╗██╗  ██╗
██╔══██╗██║     ██╔══██╗██╔════╝██║ ██╔╝     ██║██╔══██╗██╔════╝██║ ██╔╝
██████╔╝██║     ███████║██║     █████╔╝      ██║███████║██║     █████╔╝
██╔══██╗██║     ██╔══██║██║     ██╔═██╗ ██   ██║██╔══██║██║     ██╔═██╗
██████╔╝███████╗██║  ██║╚██████╗██║  ██╗╚█████╔╝██║  ██║╚██████╗██║  ██╗
╚═════╝ ╚══════╝╚═╝  ╚═╝ ╚═════╝╚═╝  ╚═╝ ╚════╝ ╚═╝  ╚═╝ ╚═════╝╚═╝  ╚═╝ v1.0.0

Usage of blackJack.exe:
  -d    enable debug mode
  -i string
        Analyse target favicon fingerprint
  -l string
        the list file contain mutilple target url
  -o string
        output file
  -p string
        http proxy ,Ex: http://127.0.0.1:8080
  -t int
        request thread, default 50 (default 50)
  -time int
        request timeout (default 5)
  -u string
        single target url

Running with file input

λ blackJack -l urls.txt

Running with single url

λ blackJack -u https://google.com

Features

  • 自动协议识别
  • WAF、CDN识别
  • 指纹覆盖优化,避免302跳转、CDN、均衡负载导致识别失效
  • 集成icon hash生成
  • 新增指纹至748条

Thanks

探测功能的灵感和基本指纹库来自EHole

并发与一些细节参考了httpx

为了兼顾准确率,并发效率上,比ehole低,与httpx相差无几

Releases(V1.0)