在线时间:8:00-16:00
迪恩网络APP
随时随地掌握行业动态
扫描二维码
关注迪恩网络微信公众号
开源软件名称:vulhub-compose开源软件地址:https://gitee.com/HXSecurity/vulhub-compose开源软件介绍:vulhub-compose
Quick startIf you want to download the vulhub project or have already downloaded the vulhub project, you can directly use the local mode; if you don’t want to download, you can use the remote mode download vulhub-cli$ pip install vulhub-cli local mode# Specify relative path$ vulhub-cli local start --app fastjson/1.2.24-rce$ vulhub-cli local start --app ./fastjson/1.2.24-rce# Specify absolute path$ vulhub-cli local start --app /opt/vulhub/fastjson/1.2.24-rce# Stop environment use vulhub-cli$ vulhub-cli local stop --app fastjson/1.2.24-rce# Stop environment with agent use vulhub-cli$ vulhub-cli local stop --app fastjson/1.2.24-rce remote mode# Specify vulhub app's name, eg: fastjson/1.2.24-rce$ vulhub-cli remote start --app fastjson/1.2.24-rce# Stop environment with agent use vulhub-cli$ vulhub-cli remote stop --app fastjson/1.2.24-rce Plugin System
Plugin: dongtaiLingzhi IAST is an interactive application security testing tool independently developed by FireWire platform to detect vulnerabilities in application systems; dongtai IAST supports the detection of some 0 Day vulnerabilities. Now, you can use the vulhub-cli tool to quickly create a shooting range and install dongtai IAST to experience the vulnerability detection function. UsageThe startup method is the same as the normal startup method, just add the # Start the vulhub's app with public Lingzhi IAST agent$ vulhub-cli remote start --app fastjson/1.2.24-rce --plugin dongtai# Start the vulhub's app with your own Lingzhi IAST agent$ vulhub-cli remote start --app fastjson/1.2.24-rce --plugin dongtai --plugin-args "token=<dongtai iast token>"# Stop the vulhub's app with Lingzhi IAST$ vulhub-cli remote stop --app fastjson/1.2.24-rce --plugin dongtai |
请发表评论