Konan:用于Web目录扫描的工具
介绍
konan是一个开源的用于web目录扫描的工具,针对目录和文件名。类似的还有dirbuster,dirmap等。下面也对其它类似工具的功能对比。
konan目录扫描
支持平台
linux
windows
macosx
同类工具功能对比
功能 konan dirsearch dirb gobuster
多线程 yes yes yes yes
支持多扩展 yes yes no no
http代理支持 yes yes yes yes
报告 yes (text and json) yes (text and json) yes (text) no
随机代理 yes yes no no
正则 regexp忽略单词 yes no no no
字典拆分扩展名 yes no no no
多种方法 yes no no no
响应大小过程 yes no no no
暴力破解子目录 yes no no no
暴力破解递归子目录 yes no no no
url注入点 yes no no no
konan安装
git clone https://github.com/m4ll0k/konan.git konancd konan && pip install -r requirements.txt
运行
python konan.py
konan使用
基本:
python konan.py -u/--url http://example.com/
url: http://testphp.vulnweb.com/percent - time - code - method - length - url-------------------------------------------------------0.39% - 01:32:50 - 200 - get - 4958 - http://testphp.vulnweb.com/index.php 0.43% - 01:32:52 - 200 - get - 4732 - http://testphp.vulnweb.com/search.php 0.54% - 01:32:57 - 200 - get - 5523 - http://testphp.vulnweb.com/login.php 0.81% - 01:33:12 - 200 - get - 4830 - http://testphp.vulnweb.com/logout.php 8.77% - 01:40:02 - 302 - get - 14 - http://testphp.vulnweb.com/userinfo.php -> login.php
注入点:
python konan.py -u/--url http://example.com/%%/index.php
url: http://testphp.vulnweb.com/%%/index.phppercent - time - code - method - length - url-------------------------------------------------------0.39% - 01:32:50 - 200 - get - 4958 - http://testphp.vulnweb.com/test/index.php 0.43% - 01:32:52 - 200 - get - 4732 - http://testphp.vulnweb.com/search/index.phppython konan.py -u/--url http://example.com/test%% -w /root/numbers.txturl: http://testphp.vulnweb.com/test%%percent - time - code - method - length - url-------------------------------------------------------0.39% - 0150 - 200 - get - 4958 - http://testphp.vulnweb.com/test120.43% - 0152 - 200 - get - 4732 - http://testphp.vulnweb.com/test34字典扫描, 默认 /db/dict.txt: python konan.py -u/--url http://example.com/ -w/--wordlist /root/dict.txtprovide extensions with -e/--extension option and force extension for every wordlist entry with -f/--force option: python konan.py -u/--url http://example.com/ -e/--extension php,html -f/--forceurl: http://testphp.vulnweb.com/percent - time - code - method - length - url-------------------------------------------------------0.39% - 0221 - 200 - get - 4958 - http://testphp.vulnweb.com/index.html 0.43% - 0223 - 200 - get - 4732 - http://testphp.vulnweb.com/search.php 0.54% - 0230 - 200 - get - 5523 - http://testphp.vulnweb.com/login.php 0.81% - 0246 - 200 - get - 4830 - http://testphp.vulnweb.com/logout.html 0.87% - 0250 - 200 - get - 6115 - http://testphp.vulnweb.com/categories.html状态码排除:
python konan.py -u/--url http://example.com/ -x/--exclude 400,403,401
仅提供输出的状态代码:
python konan.py -u/--url http://example.com/ -o/--only 200,301,302
字典小写 (isatest -> isatest) 和大写 (isatest -> isatest):
python konan.py -u/--url http://example.com/ -w/--wordlist /root/dict.txt [-l/--lowercase or -p/--uppercase]
字典拆分 (test.php -> to -> test): python konan.py -u/--url http://example.com/ -w/--wordlist /root/dict.txt -s/--split wordlist ignore word,letters,number,..etc provided by regexp (w*.php|w*.html,^[0-9_-]+):_
python konan.py -u/--url http://example.com/ -w/--wordlist -i/--ignore ?+
output without -i/--ignore options:
url: http://testphp.vulnweb.com/percent - time - code - method - length - url-------------------------------------------------------0.39% - 0231 - 200 - get - 4958 - http://testphp.vulnweb.com/?.php 0.43% - 0232 - 200 - get - 4732 - http://testphp.vulnweb.com/? 0.54% - 0235 - 200 - get - 5523 - http://testphp.vulnweb.com/admin/output with -i/--ignore (in this case ?+) options:url: http://testphp.vulnweb.com/percent - time - code - method - length - url-------------------------------------------------------0.54% - 02:06:35 - 200 - get - 5523 - http://testphp.vulnweb.com/admin/
递归:
python konan.py -u/--url http://example.com/ -e/--recursive
recursive directory found and directory provided by -d/--dir-rec:
python konan.py -u/--url http://example.com/ -e/--recursive -d/--dir-rec admin,tests,dev,internal
暴力破解目录 -s/--sub-dir:
python konan.py -u/--url http://example.com/ -s/--sub-dir admin,test,internal,dev
多种方法 (检查 get,post,put 和 delete 输入词):
note: much web application if not make the request with right method return 404 code, this option test all methods
python konan.py -u/--url http://example.com/ -m/--methods
content size process (show response if the response size is >[number],<[number],=[number]):
python konan.py -u/--url http://example.com/ -c/--length http://testphp.vulnweb.com/admin/1.73% - 02:12:37 - 301 - get - 184 - http://testphp.vulnweb.com/images -> http://testphp.vulnweb.com/images/
海为C16S2R系列PLC在一体除湿干燥机中的应用设计
生成式AI已成为企业新兴风险,但我们不应该因噎废食
红米Note7拆解 做工怎么样
光电液位传感器对比电容式液位传感器
苹果这款新机还没有发布,就被发现了两个缺点
Konan:用于Web目录扫描的工具
一起来学习电磁学理论的建立
ICMAX携领全方位存储方案亮相2020年存储行业趋势峰会 宏旺半导体将致力于存储芯片国产化替代
光纤连接器有哪些应用领域,它的性能如何
零跑 首款S01正式下线
有超载和短路保护的可调稳压电源,Adjustable power supply
荣耀9曝光:正面指纹+3D曲面玻璃,神似双摄小米5
小米6入门版或搭载Helio X30 华为P10内部零组件曝光
51单片机矩阵式键盘的编程方法
国内有什么好用的、能落地的AR远程协助解决方案?
三种常见的蓝牙定位方案
关于NVME SSD的数据安全防护
浅谈非易失性存储器MRAM,它的应用领域有哪些
看完这8篇论文,你会完全掌握桌面六轴协作机器人!
细数十大物联网新应用的介绍
konan是一个开源的用于web目录扫描的工具,针对目录和文件名。类似的还有dirbuster,dirmap等。下面也对其它类似工具的功能对比。
konan目录扫描
支持平台
linux
windows
macosx
同类工具功能对比
功能 konan dirsearch dirb gobuster
多线程 yes yes yes yes
支持多扩展 yes yes no no
http代理支持 yes yes yes yes
报告 yes (text and json) yes (text and json) yes (text) no
随机代理 yes yes no no
正则 regexp忽略单词 yes no no no
字典拆分扩展名 yes no no no
多种方法 yes no no no
响应大小过程 yes no no no
暴力破解子目录 yes no no no
暴力破解递归子目录 yes no no no
url注入点 yes no no no
konan安装
git clone https://github.com/m4ll0k/konan.git konancd konan && pip install -r requirements.txt
运行
python konan.py
konan使用
基本:
python konan.py -u/--url http://example.com/
url: http://testphp.vulnweb.com/percent - time - code - method - length - url-------------------------------------------------------0.39% - 01:32:50 - 200 - get - 4958 - http://testphp.vulnweb.com/index.php 0.43% - 01:32:52 - 200 - get - 4732 - http://testphp.vulnweb.com/search.php 0.54% - 01:32:57 - 200 - get - 5523 - http://testphp.vulnweb.com/login.php 0.81% - 01:33:12 - 200 - get - 4830 - http://testphp.vulnweb.com/logout.php 8.77% - 01:40:02 - 302 - get - 14 - http://testphp.vulnweb.com/userinfo.php -> login.php
注入点:
python konan.py -u/--url http://example.com/%%/index.php
url: http://testphp.vulnweb.com/%%/index.phppercent - time - code - method - length - url-------------------------------------------------------0.39% - 01:32:50 - 200 - get - 4958 - http://testphp.vulnweb.com/test/index.php 0.43% - 01:32:52 - 200 - get - 4732 - http://testphp.vulnweb.com/search/index.phppython konan.py -u/--url http://example.com/test%% -w /root/numbers.txturl: http://testphp.vulnweb.com/test%%percent - time - code - method - length - url-------------------------------------------------------0.39% - 0150 - 200 - get - 4958 - http://testphp.vulnweb.com/test120.43% - 0152 - 200 - get - 4732 - http://testphp.vulnweb.com/test34字典扫描, 默认 /db/dict.txt: python konan.py -u/--url http://example.com/ -w/--wordlist /root/dict.txtprovide extensions with -e/--extension option and force extension for every wordlist entry with -f/--force option: python konan.py -u/--url http://example.com/ -e/--extension php,html -f/--forceurl: http://testphp.vulnweb.com/percent - time - code - method - length - url-------------------------------------------------------0.39% - 0221 - 200 - get - 4958 - http://testphp.vulnweb.com/index.html 0.43% - 0223 - 200 - get - 4732 - http://testphp.vulnweb.com/search.php 0.54% - 0230 - 200 - get - 5523 - http://testphp.vulnweb.com/login.php 0.81% - 0246 - 200 - get - 4830 - http://testphp.vulnweb.com/logout.html 0.87% - 0250 - 200 - get - 6115 - http://testphp.vulnweb.com/categories.html状态码排除:
python konan.py -u/--url http://example.com/ -x/--exclude 400,403,401
仅提供输出的状态代码:
python konan.py -u/--url http://example.com/ -o/--only 200,301,302
字典小写 (isatest -> isatest) 和大写 (isatest -> isatest):
python konan.py -u/--url http://example.com/ -w/--wordlist /root/dict.txt [-l/--lowercase or -p/--uppercase]
字典拆分 (test.php -> to -> test): python konan.py -u/--url http://example.com/ -w/--wordlist /root/dict.txt -s/--split wordlist ignore word,letters,number,..etc provided by regexp (w*.php|w*.html,^[0-9_-]+):_
python konan.py -u/--url http://example.com/ -w/--wordlist -i/--ignore ?+
output without -i/--ignore options:
url: http://testphp.vulnweb.com/percent - time - code - method - length - url-------------------------------------------------------0.39% - 0231 - 200 - get - 4958 - http://testphp.vulnweb.com/?.php 0.43% - 0232 - 200 - get - 4732 - http://testphp.vulnweb.com/? 0.54% - 0235 - 200 - get - 5523 - http://testphp.vulnweb.com/admin/output with -i/--ignore (in this case ?+) options:url: http://testphp.vulnweb.com/percent - time - code - method - length - url-------------------------------------------------------0.54% - 02:06:35 - 200 - get - 5523 - http://testphp.vulnweb.com/admin/
递归:
python konan.py -u/--url http://example.com/ -e/--recursive
recursive directory found and directory provided by -d/--dir-rec:
python konan.py -u/--url http://example.com/ -e/--recursive -d/--dir-rec admin,tests,dev,internal
暴力破解目录 -s/--sub-dir:
python konan.py -u/--url http://example.com/ -s/--sub-dir admin,test,internal,dev
多种方法 (检查 get,post,put 和 delete 输入词):
note: much web application if not make the request with right method return 404 code, this option test all methods
python konan.py -u/--url http://example.com/ -m/--methods
content size process (show response if the response size is >[number],<[number],=[number]):
python konan.py -u/--url http://example.com/ -c/--length http://testphp.vulnweb.com/admin/1.73% - 02:12:37 - 301 - get - 184 - http://testphp.vulnweb.com/images -> http://testphp.vulnweb.com/images/
海为C16S2R系列PLC在一体除湿干燥机中的应用设计
生成式AI已成为企业新兴风险,但我们不应该因噎废食
红米Note7拆解 做工怎么样
光电液位传感器对比电容式液位传感器
苹果这款新机还没有发布,就被发现了两个缺点
Konan:用于Web目录扫描的工具
一起来学习电磁学理论的建立
ICMAX携领全方位存储方案亮相2020年存储行业趋势峰会 宏旺半导体将致力于存储芯片国产化替代
光纤连接器有哪些应用领域,它的性能如何
零跑 首款S01正式下线
有超载和短路保护的可调稳压电源,Adjustable power supply
荣耀9曝光:正面指纹+3D曲面玻璃,神似双摄小米5
小米6入门版或搭载Helio X30 华为P10内部零组件曝光
51单片机矩阵式键盘的编程方法
国内有什么好用的、能落地的AR远程协助解决方案?
三种常见的蓝牙定位方案
关于NVME SSD的数据安全防护
浅谈非易失性存储器MRAM,它的应用领域有哪些
看完这8篇论文,你会完全掌握桌面六轴协作机器人!
细数十大物联网新应用的介绍