git fingerprint是一个web指纹识别工具,它试图通过枚举在公共web根目录中找到的所有文件,并比较每个提交、分支或标记的加密散列来计算可能的最佳匹配,从而基于git存储库中的文件扫描目标。

git-fingerprint的Python项目详细描述


Git指纹

git fingerprint是一个web指纹识别工具,它试图通过枚举在公共web根目录中找到的所有文件,并比较每个提交、分支或标记的加密散列来计算可能的最佳匹配,从而基于git存储库中的文件扫描目标。

要求

  • Python3.6+
  • 一个好的CPU

安装

对于本地安装:

$ pip install git-fingerprint

对于开发安装:

$ pip install .

用法

$ git-fingerprint --help
usage: Git Fingerprint - A git-based web fingerprinting tool
       [-h] [-u URL] [-w WEBROOT] [-m MODE] [-r REPO] [-a ALGORITHM]
       [-t THREADS] [-T LOCAL_THREADS] [-f FORMAT] [-l LIMIT] [-c CACHE] [-s]
       [-i] [-d]

Git Fingerprint is a web fingerprinting tool that attempts to scan a target
based on the files a git repository by enumerating over all files ever found
in the public web root and comparing cryptographic hashes of each commit,
branch or tag in order to calculate the best possible match.

optional arguments:
  -h, --help
       show this help message and exit

  -u URL, --url URL
       Specifies the base url of a remote host to scan. If not set, the script
       will only generate a local file hashing cache.

  -w WEBROOT, --webroot WEBROOT
       Pointer to the public web root that should be scanned (eg:
       /usr/local/www/). Defaults to the root of the git repository.

  -m MODE, --mode MODE
       Fingerprinting mode, specifies how verbose the scanning should be. Note
       that scanning with 'commit' mode will have to hash each file of each
       commit and might take a long time, using the cache is recommended when
       this mode is selected. Value must be one of: b[ranch], t[ag], c[ommit].
       Default: 'branch'.

  -r REPO, --repo REPO
       Path to the git directory to scan, defaults to the current directory.

  -a ALGORITHM, --algorithm ALGORITHM
       Hashing algorithm that should be used to calculate the local file
       hashes. While using hashing algorithm such as 'md5' would make the scan
       faster, the accuracy of the scan will be decreased. Defaults to:
       'sha256'. Accepted algorithms: sha3_256, shake_128, shake_256, blake2s,
       md5, sha224, sha3_224, sha3_512, sha384, blake2b, sha512, sha1,
       sha3_384, sha256.

  -t THREADS, --threads THREADS
       Number of threads used to fingerprint the remote server. Using a high
       number of threads is discourage as to avoid detection or rate limit
       issues. Default: 10

  -T LOCAL_THREADS, --local-threads LOCAL_THREADS
       Number of local threads to use to hash the local files per commit.
       Default: 5

  -f FORMAT, --format FORMAT
       Output format of the scan result. If not set, the default ASCII table
       will be printed instead. If enabled, all other logging will be
       redirected to stderr. Accepts: p[lain], j[son], x[ml]

  -l LIMIT, --limit LIMIT
       Number of matching entries to show. If set to 'none', all possible
       entries will be shown. Default: 10

  -c CACHE, --cache CACHE
       Specifies the file which should be used for loading/saving the local
       cache. Default: .git-fingerprint.json

  -s, --stfu, --silent
       Enable silent mode and only display the output of the script.

  -i, --insecure
       Disables SSL certificate checking, default: certificate checking
       enabled.

  -d, --debug
       Enable debug logging, default: disabled

欢迎加入QQ群-->: 979659372 Python中文网_新手群

推荐PyPI第三方库


热门话题
java Spring freemarker多模板加载程序路径   在java插件中从控制台获取输入   java在包中创建继承类   网页抓取Java Jsoup网页抓取   java在线程内创建一个对象,而true条件具有相同的引用   java如何根据空格数拆分字符串   java新的安卓 studio更新中的配置文件“app”是什么?   java在将ArrayList写入/读取到文件时出现奇怪的问题   java Reg替换文本块第一次出现+最后一次出现   java当我单击任何RecyclerView列表项时,如何在MainActivity的EditText中显示特定的单击项?   JAVA XML删除节点仅删除第一个外观   java如何在数组中查找特定值   java SVG/矢量图形对象布尔运算(并集、交集、减法)   java在Android中创建线程需要多长时间   尝试从JBOSS联系Oracle LDAP服务器时发生java连接重置异常   java基于参数获取特定的实现实例   使用java就地修改文件内容   java MonetaryException:未加载MonetaryAmountsSingletonSpi   java接受用户的不同输入并使其触发完全相同的代码段的最短方法是什么   Spring 3.2.8应用程序中未找到java HTTP 404错误