zscan: scan blasting toolset

Zscan – a scan blasting toolset

Zscan is an open-source collection of Intranet port scanners, blasting tools, and other utilities. Based on host discovery and port scanning, you can blow up mysql, MSSQL, Redis, Mongo, Postgres, FTP, SSH, and other services. Other scanning functions include NetBIOS, SMB, OXID, SOCKS Server (scanning proxy servers on the Intranet), SNMP, and MS17010. Each module has its own unique functions such as SSH, which also supports user name, password, and public key login, traverses the host based on the private key and can execute commands after all services are blown up successfully. In addition to basic scanning and service blasting, Webtitle capture and fingerprint recognition are also supported, ZScan integrates the nc module (connect and listen), HTTPServer module (support for downloading files, uploading files, and authentication), SOcks5 module (start a proxy server). There is also the ALL module, which calls all the other scanning and blasting modules during the scan. Built-in proxy functionality.

Module

Existing modules：

• ping: Ping is invoked for common users, and ICMP packets are used for root users
• ps: Port scan and get httptitle
• all: Call all scan and burst modules for scanning
• ssh: Username and password blasting, SSH username and password login, public key login
• mysql/mssql/mongo/redis/postgres/ftp:Username password blasting and execute simple commands
• proxyfind: Scan the proxy in the network, currently support SOCKS4/5, later add HTTP
• ms17010: ms17010 Vulnerability batch scanning
• snmp: snmp scan
• winscan: Includes OXID, SMB, NETBIOS scanning functions
• nc: A simple nc, can start the port to connect the port
• socks5: Start a SOcks5 server
• httpserver: Start an HTTP server that supports identity authentication and file uploading

Tool edge🚀

• The command is simple and convenient, and the function of the module is simple and clear, which is convenient to expand and add various new functions
• Not just a scanner, but also integrated with a variety of common utility features, built-in proxy capabilities, can be called a toolkit
• Port scanning and blasting are seamlessly connected, greatly improving the scanning speed: This advantage is fully reflected in the ALL module. In the process of multi-threaded port scanning, open ports will be judged. If a port can be blasted, another multi-thread will be immediately opened in the current thread for blasting. Significantly increase speed. The procedure of obtaining an open port before blasting is reduced
• Beautiful and easy to read output format: through color differentiation, not only output during the process, but also generate scan results at the end of the scan, showing all scan and blasting results during the process (introduce), and support to record the scan results to a file
• Not only can the service be blasted, but the command can be executed successfully
• Under development, if you find any problems or bugs, or any novel and interesting functional requirements can contact me

Install & Use

Copyright (c) 2021 zyylhn