afrog v2.8.1 releases: A tool for finding vulnerabilities
What is afrog
afrog is an excellent performance, fast and stable, PoC customizable vulnerability scanning (hole digging) tool. PoC involves CVE, CNVD, default password, information leakage, fingerprint identification, unauthorized access, arbitrary file reading, command execution, etc. It helps network security practitioners quickly verify and fix vulnerabilities in a timely manner.
- Based on xray kernel, not like xray (afrog template syntax)
- Great performance, least requests, best results
- Real-time display, scanning progress
- View request and response packets of scan results
- Start the program to automatically update the local PoC library
- Long-term maintenance, update PoC （afrog-pocs ）
- API interface, easy access to other projects
Scan a single target.
afrog -t http://example.com -o result.html
Scan multiple targets.
afrog -T urls.txt -o result.html
For example urls.txt
Test a single PoC file
afrog -t http://example.com -P ./testing/poc-test.yaml -o result.html
Test multiple PoC files
afrog -t http://example.com -P ./testing/ -o result.html
Output html report
- Added PoC for backup file detection
- Customize global cookies and will not overwrite the cookies of the original POC
- afrog API has been synchronized with the latest features
Copyright (c) 2022 zan8in