afrog v2.2.1 releases: A tool for finding vulnerabilities
What is afrog
afrog is an excellent performance, fast and stable, PoC customizable vulnerability scanning (hole digging) tool. PoC involves CVE, CNVD, default password, information leakage, fingerprint identification, unauthorized access, arbitrary file reading, command execution, etc. It helps network security practitioners quickly verify and fix vulnerabilities in a timely manner.
Features
- Based on xray kernel, not like xray (afrog template syntax)
- Great performance, least requests, best results
- Real-time display, scanning progress
- View request and response packets of scan results
- Start the program to automatically update the local PoC library
- Long-term maintenance, update PoC (afrog-pocs )
- API interface, easy access to other projects
Example
Scan a single target.
afrog -t http://example.com -o result.html
Scan multiple targets.
afrog -T urls.txt -o result.html
For example urls.txt
http://example.com
http://test.com
http://github.com
Test a single PoC file
afrog -t http://example.com -P ./testing/poc-test.yaml -o result.html
Test multiple PoC files
afrog -t http://example.com -P ./testing/ -o result.html
Output html report
Changelog v2.2.1
- Merge many fingerprint pocs into the panel-detect.yaml file to reduce the number of http requests
Console print date format, 2023-01-01 changed to 01-01
Simplified afrog-config configurationFixed: invalid
-fc
configuration
Tip: Configure the-c
command, which can increase the concurrency speed very quickly
Download
Copyright (c) 2022 zan8in