EyeJo是一款自动化资产风险评估平台,可以协助甲方安全人员或乙方安全人员对授权的资产中进行排查,快速发现存在的薄弱点和攻击面。

Overview

EyeJo

EyeJo是一款自动化资产风险评估平台,可以协助甲方安全人员或乙方安全人员对授权的资产中进行排查,快速发现存在的薄弱点和攻击面。

免责声明

本平台集成了大量的互联网公开工具,主要是方便安全人员整理、排查资产、安全测试等,切勿用于非法用途。使用者存在危害网络安全等任何非法行为,后果自负,作者不承担任何法律责任。

功能说明

功能 说明
输入目标 支持域名、IP段、IP范围。注:输入的域名会作为主域名,除了www
子域名收集 使用Oneforall收集子域名
Shodan和FOFA查询 使用Shodan API和Fofa API收集域名
端口扫描 使用naabu+nmap快速精准扫描端口服务
请求站点、截图 收集站点的网页截图、Title、icons、证书等
指纹识别 使用wappalyzer进行指纹识别(默认集成wappalyzer指纹库外加几十个常见应用指纹)
登录识别 会调用爬虫进行识别。请求站点、截图功能默认会通过指纹去识别
FUZZ 使用ffuf进行目录爆破
POC检测 使用pocsuite3进行poc检测(默认集成少量POC)
漏洞检测 crawlergo爬虫+xray的被动扫描(平台默认关闭了xray的poc检测)
服务爆破 使用hydra进行相应服务的爆破(默认集成服务字典)
结果导出 导出收集的资产

部署方式

docker部署

获取镜像

## 重新构建
## docker build -t mirchdocker/eyejo:latest -f docker/Dockerfile .
## 拉取最新
docker pull mirchdocker/eyejo

一键部署

cd docker
docker-compose up -d

登录

http://127.0.0.1:6103
密码: admin/[email protected]
数据库MySQL账号密码:root/[email protected]

账号操作

删除user1用户并新增用户admin/password

docker exec -it eyejo_mariadb mysql -u root -p
## 输入密码123456
use EyeJo;
delete from auth_user where username='user1';
docker exec -it eyejo_ubuntu bash
python3 manage.py initadmin --user admin --password password --email [email protected]

使用演示

  • 平台首页 平台首页

项目管理

  1. 项目管理 功能页面

  2. 新增项目 新增项目

  3. 项目详情

  • 3.1 站点详情
    对测试目标进行信息收集工作,帮助安全人员快速了解测试目标。包括指纹、标题、图标、截图等信息
    可以自定义对单个、多个站进行tag管理,分类后,可进行tag搜索,一个项目有大量目标时可方便筛选需要的数据 项目详情
  • 3.2 域名
    对测试目标收集子域名,扫描结果在此页面进行展示 域名
  • 3.3 IP
    对测试目标的IP进行端口扫描,扫描结果在此页面进行展示;通过当前IP信息可以查看旁站和C段信息。 IP C段
  • 3.4 登录接口识别 登录接口识别
  • 3.5资产组
    资产组包含了收集到的所有资产。 资产组
  • 3.5.1 新增资产组
    新增资产组有三种方式:添加已有资产、从tag添加资产、手动输入资产 新增资产组
  • 3.5.2 新增资产
    基于已有资产组新增资产有两种方式:从tag添加资产、手动输入资产 新增资产

任务管理

  1. 任务管理 任务管理 2.添加任务
    可以对已有项目的资产组添加任务 添加任务
  2. 漏洞
    漏洞:xray扫描结果
    POC:pocsuite3扫描结果
    fuzz:目录爆破结果
    服务爆破:端口服务爆破结果 漏洞 FUZZ

项目配置

  1. 项目配置

添加POC和指纹

可更新指纹库 eyejo/plugin/fingermap/data/wappalyzer.json
可更新POC eyejo/plugin/pocsuite3/pocs/模板参考

TODO

  • 分布式部署
  • POC、指纹管理、自定义fofa语法等
  • 资产监控
  • 漏洞消息推送

致谢

https://github.com/TophantTechnology/ARL
https://github.com/chaitin/xray
https://github.com/ffuf/ffuf
https://github.com/projectdiscovery/naabu
https://github.com/knownsec/pocsuite3
https://github.com/shmilylty/OneForAll
https://github.com/0Kee-Team/crawlergo
https://github.com/rverton/webanalyze

GRR Rapid Response: remote live forensics for incident response

GRR Rapid Response is an incident response framework focused on remote live forensics. Build Type Status Tests End-to-end Tests Windows Templates Linu

Google 4.3k Jan 05, 2023
AIL LeakFeeder: A Module for AIL Framework that automate the process to feed leaked files automatically to AIL

AIL LeakFeeder: A Module for AIL Framework that automates the process to feed leaked files automatically to AIL, So basically this feeder will help you ingest AIL with your leaked files automatically

ail project 8 May 03, 2022
Python tool for exploiting CVE-2021-35616

OracleOTM Python tool for exploiting CVE-2021-35616 The script works in modules, which I implemented in the following order: ► Username enumeration ►

11 Dec 06, 2022
Coerce authentication from Windows hosts via MS-FSRVP (Requires FS-VSS-AGENT service running on host)

VSSTrigger Coerce authentication from Windows hosts via MS-FSRVP (Requires FS-VS

Filip Dragovic 6 Jul 24, 2022
Execution After Redirect (EAR) / Long Response Redirection Vulnerability Scanner written in python3

Execution After Redirect (EAR) / Long Response Redirection Vulnerability Scanner written in python3, It Fuzzes All URLs of target website & then scan them for EAR

Pushpender Singh 9 Dec 12, 2022
A Python Bytecode Disassembler helping reverse engineers in dissecting Python binaries

A Python Bytecode Disassembler helping reverse engineers in dissecting Python binaries by disassembling and analyzing the compiled python byte-code(.pyc) files across all python versions (including P

neeraj 95 Dec 26, 2022
Suricata Language Server is an implementation of the Language Server Protocol for Suricata signatures

Suricata Language Server is an implementation of the Language Server Protocol for Suricata signatures. It adds syntax check, hints and auto-completion to your preferred editor once it is configured.

Stamus Networks 39 Nov 28, 2022
Trainspotting - Python Dependency Injector based on interface binding

Choose dependency injection Friendly with MyPy Supports lazy injections Supports

avito.tech 3 Jan 26, 2022
Crowbar - A windows post exploitation tool

Crowbar - A windows post exploitation tool Status - ✔️ This project is now considered finished. Any updates from now on will most likely be new script

29 Nov 20, 2022
Cryptick is a stock ticker for cryptocurrency tokens, and a physical NFT.

Cryptick is a stock ticker for cryptocurrency tokens, and a physical NFT. This repository includes tools and documentation for the Cryptick device.

1 Dec 31, 2021
Scans all drives for log4j jar files and gets their version from the manifest

log4shell_scanner Scans all drives for log4j jar files and gets their version from the manifest. Windows and Windows Server only.

Zdeněk Loučka 1 Dec 29, 2021
Generate malicious files using recently published homoglyphic-attack (CVE-2021-42694)

CVE-2021-42694 Generate malicious files using recently published homoglyph-attack vulnerability, which was discovered at least in C, C++, C#, Go, Pyth

js-on 17 Dec 11, 2022
Facebook Fast Cracking Tool With Python

Pro-Crack Facebook Fast Cracking Tool This is a multi-password‌ cracking tool that can help you hack facebook accounts very quickly Installation On Te

ReD H4CkeR 5 Feb 19, 2022
Huskee: Malware made in Python for Educational purposes

𝐇𝐔𝐒𝐊𝐄𝐄 Caracteristicas: Discord Token Grabber Wifi Passwords Grabber Googl

chew 4 Aug 17, 2022
CVE-2021-43798Exp多线程批量验证脚本

Grafana V8.*任意文件读取Exp--多线程批量验证脚本 漏洞描述 Grafana是一个开源的度量分析与可视化套件。经常被用作基础设施的时间序列数据和应用程序分析的可视化,它在其他领域也被广泛的使用包括工业传感器、家庭自动化、天气和过程控制等。其 8.*版本任意文件读取漏洞,该漏洞目前为0d

2 Dec 16, 2021
PoC for CVE-2021-45897 aka SCRMBT-#180 - RCE via Email-Templates (Authenticated only) in SuiteCRM <= 8.0.1

CVE-2021-45897 PoC for CVE-2021-45897 aka SCRMBT-#180 - RCE via Email-Templates (Authenticated only) in SuiteCRM = 8.0.1 This vulnerability was repor

Manuel Zametter 17 Nov 09, 2022
Python implementation for CVE-2021-42278 (Active Directory Privilege Escalation)

Pachine Python implementation for CVE-2021-42278 (Active Directory Privilege Escalation). Installtion $ pip3 install impacket Usage Impacket v0.9.23 -

Oliver Lyak 250 Dec 31, 2022
CC CAMERA HACKING TOOL

CAM-HACK CC CAMERA HACKING TOOL Installation On Termux $ apt update

Aryan 10 Sep 25, 2022
Tool for finding PHP source code vulnerabilities.

vulnz Tool for finding php source code vulnerabilities. Scans PHP source code and prints out potentially dangerous lines. This tool is useful for secu

Mateo Hanžek 1 Jan 14, 2022
Seamless deployment and management of cybersecurity solutions 🏗️

Description 🖼️ Background 👴🏼 Vision 📜 Concepts 💬 Solutions' Lifecycle. Operations ⭕ Functionalities 🚀 Supported Cybersecurity Solutions 📦 Insta

MutableSecurity 36 Nov 10, 2022