vps部署自动化src挖掘

懒的人总想偷懒去省事

0x01 简介

自动化挖掘src分两步

• 1.[收集教育网址信息](https://github.com/LandGrey/taoman)

• 2.[被动扫描漏洞](https://github.com/w-digital-scanner/w12scan)

0x02 收集子域名

python taoman.py -f data/edusrc_school_domains.txt

0x03 部署w12scan

vps安装docker

我的vps是阿里云的ubuntu16.04

#软件源添加
$ echo "deb https://apt.dockerproject.org/repo ubuntu-xenial main" | sudo tee /etc/apt/sources.list.d/docker.list
#添加成功后更新软件包缓存
$ sudo apt-get update

#卸载旧版本
$ sudo apt-get remove docker docker-engine docker.io containerd runc

#设置仓库
$ sudo apt-get update
$ sudo apt-get install \
    apt-transport-https \
    ca-certificates \
    curl \
    gnupg-agent \
    software-properties-common      #安装 apt 依赖包，用于通过HTTPS来获取仓库:
   
#添加 Docker 的官方 GPG 密钥：
$ curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -

#使用以下指令设置稳定版仓库
$ sudo add-apt-repository \
   "deb [arch=amd64] https://download.docker.com/linux/ubuntu \
  $(lsb_release -cs) \
  stable"       
 
#安装 Docker Engine-Community
$ sudo apt-get update
$ sudo apt-get install docker-ce docker-ce-cli containerd.io

#安装Docker Compose 
$ sudo curl -L "https://github.com/docker/compose/releases/download/1.24.1/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose
$ sudo chmod +x /usr/local/bin/docker-compose
$ sudo ln -s /usr/local/bin/docker-compose /usr/bin/docker-compose
$ docker-compose --version

部署Elasticsearch

git clone https://github.com/boy-hack/w12scan
cd w12scan/doc/distributed/elasticsearch
docker-compose up -d