工具推荐 | 一款非常好用的批量网站备份文件扫描器 - 新鲜讯息

点击上方蓝字关注我们

现在只对常读和星标的公众号才展示大图推送，建议大家能把星落安全团队“设为星标”，否则可能就看不到了啦！

工具介绍

ihoneyBakFileScan_Modify是一款批量网站备份文件扫描器，增加文件规则，优化内存占用，支持多线程和批量扫描，可自定义域名、文件规则，扫描速度很快

快速使用

从文件读取的url建议为以下格式

https://www.baidu.comhttp://www.baidu.comhttps://www.baidu.com:8443

经测试 1h1g vps 500线程可以拉满

python3 ihoneyBakFileScan_Modify.py -t 500 -f url.txt -o result.txt

使用方式

参数：    -h --help           查看工具使用帮助    -f --url-file       批量时指定存放url的文件,每行url需要指定http://或者https://，否则默认使用http://    -t --thread         指定线程数，建议100    -u --url            单个url扫描时指定url    -d --dict-file      自定义扫描字典    -o --output-file    结果写入的文件名    -p --proxy          代理服务，例：socks5://127.0.0.1:1080使用:    批量url扫描    python3 ihoneyBakFileScan_Modify.py -t 100 -f url.txt -o result.txt    单个url扫描    python3 ihoneyBakFileScan_Modify.py -u https://www.baidu.com/ -o result.txt                  python3 ihoneyBakFileScan_Modify.py -u www.baidu.com -o result.txt                  python3 ihoneyBakFileScan_Modify.py -u www.baidu.com -d dict.txt -o result.txt

工具核心

1.常见后缀：

['.zip','.rar','.tar.gz','.tgz','.tar.bz2','.tar','.jar','.war','.7z','.bak','.sql','.gz','.sql.gz','.tar.tgz','.backup']

2.根据域名自动生成相关扫描字典:

python3 ihoneyBakFileScan_Modify.py -u https://baidu.com -t 1000 -o test.txt['baidu.com', 'baiducom', 'baidu_com', 'baidu', 'com']python3 ihoneyBakFileScan_Modify.py -u https://www.baidu.com -t 1000 -o test.txt['www.baidu.com', 'wwwbaiducom', 'www_baidu_com', 'baiducom', 'baidu.com', 'baidu_com', 'www', 'baidu']python3 ihoneyBakFileScan_Modify.py -u https://aaa.www.baidu.com -t 1000 -o test.txt['aaa.www.baidu.com', 'aaawwwbaiducom', 'aaa_www_baidu_com', 'wwwbaiducom', 'www.baidu.com', 'www_baidu_com', 'aaa', 'www']python3 ihoneyBakFileScan_Modify.py -u https://aaa.bbb.www.baidu.com -t 1000 -o test.txt['aaa.bbb.www.baidu.com', 'aaabbbwwwbaiducom', 'aaa_bbb_www_baidu_com', 'bbbwwwbaiducom', 'bbb.www.baidu.com', 'bbb_www_baidu_com', 'aaa', 'bbb']

3.常见备份文件名，字典于代码中可自行切换,:

#77tmp_info_dic = ['1','127.0.0.1','2010','2011','2012','2013','2014','2015','2016','2017','2018','2019','2020','2021','2022','2023','2024','2025','__zep__/js','admin','archive','asp','aspx','auth','back','backup','backups','bak','bbs','bin','clients','code','com','customers','dat','data','database','db','dump','engine','error_log','faisunzip','files','forum','home','html','index','joomla','js','jsp','local','localhost','master','media','members','my','mysql','new','old','orders','php','sales','site','sql','store','tar','test','user','users','vb','web','website','wordpress','wp','www','wwwroot','root']#130#tmp_info_dic = ['__zep__/js','0','00','000','012','1','111','123','127.0.0.1','2','2010','2011','2012','2013','2014','2015','2016','2017','2018','2019','2020','2021','2022','2023','2024','2025','234','3','333','4','444','5','555','6','666','7','777','8','888','9','999','a','about','admin','app','application','archive','asp','aspx','auth','b','back','backup','backups','bak','bbs','beifen','bin','cache','clients','code','com','config','core','customers','dat','data','database','db','download','dump','engine','error_log','extend','files','forum','ftp','home','html','img','include','index','install','joomla','js','jsp','local','login','localhost','master','media','members','my','mysql','new','old','orders','output','package','php','public','root','runtime','sales','server','shujuku','site','sjk','sql','store','tar','template','test','upload','user','users','vb','vendor','wangzhan','web','website','wordpress','wp','www','wwwroot','wz','数据库','数据库备份','网站','网站备份']